PDA

View Full Version : Re-direct virus on my PC, need help



ndnboy
2010-10-18, 05:41
Hi there, first off thanks for any help you can provide, I have had no luck.

My PC was hit with some sort of redirect virus earlier in the week, redirects browser to all sorts of other website when searching on yahoo, google etc.

Ran my current programs to try and fix, spybot, ad aware, ccleaner etc with no luck. Sought out free fixes and had no luck with stopzilla, malware bytes etc. Restored PC to a previous week to see if that would help, it didnt, but it uninstalled all the new free software I had tried.

Tried updating spybot with no luck, error, uninstalled and installed the 1.6.2 version. Ran spybot, had ID'd numerous items in its lengthy run but then it locked up, didnt respond and had no luck removing items.

Looked up malware forums and found you : )

I hope I got the newb RUNT install and DDS reports correct, here I go, and thanks again....


DDS (Ver_10-10-10.03) - NTFSx86
Run by Juan at 22:20:07.46 on Sun 10/17/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.25 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
SVCHOST.EXE
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
SVCHOST.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\system32\hphmon03.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Juan\Application Data\Smilebox\SmileboxTray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uWindow Title = Microsoft Internet Explorer provided by Verizon Online
uInternet Connection Wizard,ShellNext = hxxp://www.samsphotoclub.com/login/index.asp
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_5_7_0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {89FF07AB-3DC7-4272-B8CE-E03A88757855} - No File
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_5_7_0.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [SmileboxTray] "c:\documents and settings\juan\application data\smilebox\SmileboxTray.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [vptray] c:\program files\navnt\vptray.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy cd creator 6\dragtodisc\DrgToDsc.exe"
mRun: [RoxioAudioCentral] "c:\program files\roxio\easy cd creator 6\audiocentral\RxMon.exe"
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~2\mimboot.exe
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [HPHmon03] c:\windows\system32\hphmon03.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\juan\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\juan\startm~1\programs\startup\hotlla~1.lnk - c:\program files\hotllama media\player\WiseUpdt.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ciscos~1.lnk - c:\program files\cisco systems\vpn client\vpngui.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: plaxo.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: Photobucket Publisher - hxxp://s154.photobucket.com/csve/ie_plugin.php
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/da/PCPitStop.CAB
DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} - hxxp://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.putfile.com/includes/ImageUploader4-5.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {DC11F230-5717-4C25-BAD7-37B879C19655} - hxxp://mdpatriotstangs.myphotoalbum.com/ImageUploader4.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://secure.bah.com/dana-cached/setup/JuniperSetupSP1.cab
DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: bdatsk - c:\windows\help\sbsi\bdatsk.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-8 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-1-8 29584]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-5-8 243024]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-10 14336]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R2 NAVAPEL;NAVAPEL;c:\program files\navnt\Navapel.sys [2002-6-7 17968]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2009-9-3 444224]
R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [1980-1-1 337536]
S2 Norton AntiVirus Server;Norton AntiVirus Client;c:\program files\navnt\rtvscan.exe [2002-8-2 483328]
S3 NAVAP;NAVAP;c:\program files\navnt\navap.sys [2002-6-7 186096]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090812.008\NAVENG.sys [2009-8-13 87888]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090812.008\NAVEX15.sys [2009-8-13 875728]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2007-6-21 189792]

=============== Created Last 30 ================

2010-10-17 02:40:13 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-17 02:40:13 -------- d-----w- c:\windows\system32\wbem\repository\export
2010-10-17 02:40:13 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-17 02:39:15 -------- d-----w- c:\program files\MyWaySA
2010-10-17 01:34:38 -------- d-----w- c:\program files\Trend Micro
2010-10-16 21:22:54 -------- d-----w- c:\program files\STOPzilla!
2010-10-16 21:22:52 -------- d-----w- c:\program files\common files\iS3
2010-10-16 21:22:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\STOPzilla!
2010-10-16 12:52:06 -------- d-----w- c:\docume~1\juan\applic~1\Malwarebytes
2010-10-16 12:51:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-16 12:51:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 20:05:30 -------- d-----w- c:\program files\Free Window Registry Repair
2010-10-15 19:53:15 -------- d-----w- c:\program files\1-Click PC Fix v4
2010-10-15 19:44:29 -------- d-----w- c:\docume~1\juan\applic~1\Registry Mechanic
2010-10-14 02:51:18 -------- d-----w- c:\documents and settings\juan\IECompatCache

==================== Find3M ====================


============= FINISH: 22:22:46.96 ===============

peku006
2010-10-19, 20:40
Hi ndnboy

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.


LimeWire


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Programs and Features and uninstall the programs listed above (in red).

After that:


Please download Rootkit Unhooker (http://www.rootkit.com/vault/DiabloNova/RKUnhookerLE.EXE) Save it to your desktop.
Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
Wait till the scanner has finished and then click File, Save Report.
Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?

Thanks peku006

ndnboy
2010-10-21, 01:52
peku006

Thanks for your help.

I uninstalled Limewire and ran report, here is the info, thanks again:

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 2)
Number of processors #1
==============================================
>Drivers
==============================================
0xBF084000 C:\WINDOWS\System32\ati3duag.dll 2240512 bytes (ATI Technologies Inc. , ati3duag.dll)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2142208 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2142208 bytes
0x804D7000 RAW 2142208 bytes
0x804D7000 WMIxWDM 2142208 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6E70000 C:\WINDOWS\system32\DRIVERS\IntelC51.sys 1208320 bytes (Intel Corporation, Modem DSP Driver)
0xF7072000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 897024 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xF6DDB000 C:\WINDOWS\system32\DRIVERS\IntelC52.sys 610304 bytes (Intel Corporation, Modem CP Driver)
0xF8250000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xB0A3E000 C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 503808 bytes (Cisco Systems, Inc., Cisco Systems VPN Client IPSec Driver)
0xBF2A7000 C:\WINDOWS\System32\ativvaxx.dll 479232 bytes (ATI Technologies Inc. , Radeon Video Acceleration Universal Driver)
0xB2017000 C:\WINDOWS\System32\Drivers\dump_iaStor.sys 471040 bytes
0xF8397000 iaStor.sys 471040 bytes (Intel Corporation, Intel Application Accelerator driver)
0xB7AAE000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 454656 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6D19000 C:\WINDOWS\system32\drivers\senfilt.sys 385024 bytes (Sensaura, Sensaura WDM 3D Audio Driver)
0xF6C1B000 C:\WINDOWS\system32\DRIVERS\update.sys 364544 bytes (Microsoft Corporation, Update Driver)
0xB8463000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 360448 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB082F000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xF6FBA000 C:\WINDOWS\system32\DRIVERS\Angel.sys 339968 bytes (Emuzed, Inc., Emuzed, Inc. Angel WDM Driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xAEA3F000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF6D9B000 C:\WINDOWS\system32\drivers\smwdm.sys 262144 bytes (Analog Devices, Inc., SoundMAX Integrated Digital Audio )
0xB8575000 C:\WINDOWS\System32\Drivers\cdudf_xp.SYS 249856 bytes (Roxio, CD-UDF NT Filesystem Driver)
0xBF04A000 C:\WINDOWS\System32\ati2cqag.dll 237568 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xB8429000 C:\WINDOWS\System32\Drivers\avgtdix.sys 237568 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 229376 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xB208A000 C:\WINDOWS\System32\Drivers\avgldx86.sys 212992 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xB84E0000 C:\WINDOWS\System32\Drivers\UdfReadr_xp.SYS 208896 bytes (Roxio, CD-UDF NT Filesystem Reader Driver)
0xF6C74000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 200704 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF8478000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xF7030000 C:\WINDOWS\system32\DRIVERS\b57xp32.sys 188416 bytes (Broadcom Corporation, Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver.)
0xF8223000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF833A000 dac2w2k.sys 180224 bytes (Mylex Corporation, Mylex Disk Array Controller Driver)
0xB0DEF000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 180224 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB0354000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xB7B1D000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB7B6A000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF8422000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xB85D2000 C:\WINDOWS\system32\DRIVERS\EXPORTIT.SYS 155648 bytes (Eastman Kodak Company, Kodak DC File System driver)
0xF6D77000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6F97000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF700D000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 143360 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB7B48000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xB8408000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 135168 bytes (Microsoft Corporation, IP Network Address Translator)
0x806E2000 ACPI_HAL 134400 bytes
0x806E2000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF831A000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF8448000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF6CE8000 C:\WINDOWS\System32\Drivers\pwd_2k.SYS 118784 bytes (Roxio, Win2000 Framework for Packet Write Driver)
0xF6CCD000 C:\WINDOWS\system32\DRIVERS\dne2000.sys 110592 bytes (Deterministic Networks, Inc., Deterministic Network Enhancer)
0xF8208000 Mup.sys 110592 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF8366000 adpu160m.sys 102400 bytes (Microsoft Corporation, Adaptec Ultra160 SCSI miniport)
0xB0FE6000 C:\WINDOWS\system32\dla\tfsnudfa.sys 102400 bytes (Sonic Solutions, Direct Access Component)
0xF837F000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF840A000 C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xB0FFF000 C:\WINDOWS\system32\dla\tfsnudf.sys 98304 bytes (Sonic Solutions, Direct Access Component)
0xF82DD000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6CB6000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB0E91000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF82F4000 drvmcdb.sys 81920 bytes (Sonic Solutions, Device Driver)
0xF6D05000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF705E000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xB84BB000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF8308000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF8467000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6CA5000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF8198000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF8707000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF87E7000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xB923F000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF7A50000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7A60000 C:\WINDOWS\system32\DRIVERS\IntelC53.sys 61440 bytes (Intel Corporation, Modem AFE Driver)
0xF8697000 ohci1394.sys 61440 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF74FF000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xB83A0000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF81F8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF8607000 aic78u2.sys 57344 bytes (Microsoft Corporation, Adaptec Ultra2 SCSI miniport)
0xF85D7000 aic78xx.sys 57344 bytes (Microsoft Corporation, Adaptec Ultra SCSI miniport)
0xB8380000 C:\WINDOWS\system32\dla\tfsnifs.sys 57344 bytes (Sonic Solutions, Direct Access Component)
0xF86A7000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 53248 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF750F000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 53248 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF8667000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xB94CE000 C:\WINDOWS\system32\DRIVERS\hphid409.sys 53248 bytes (HP, IEEE-1284.4-1999 Driver (Windows 2000))
0xB94BE000 C:\WINDOWS\System32\Drivers\hphs2k09.sys 53248 bytes (Hewlett-Packard, Printer Card Mass Storage Driver)
0xF74DF000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF85C7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xB922F000 C:\WINDOWS\system32\DRIVERS\IrBus.sys 49152 bytes (Microsoft Corporation, USB Consumer IR Driver for eHome)
0xF8647000 ql12160.sys 49152 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF8637000 ql1280.sys 49152 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF74BF000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF86B7000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter)
0xF86E7000 agpCPQ.sys 45056 bytes (Microsoft Corporation, CompatNT AGP Filter)
0xF86C7000 alim1541.sys 45056 bytes (Microsoft Corporation, ALi M1541 NT AGP Filter)
0xF86D7000 amdagp.sys 45056 bytes (Advanced Micro Devices, Inc., AMD Win2000 AGP Filter)
0xF87F7000 C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS 45056 bytes (Roxio, CDR4 CD and DVD Burning Helper Driver)
0xF74EF000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF85B7000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF74CF000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF8677000 sisagp.sys 45056 bytes (Silicon Integrated Systems Corporation, SiS NT AGP Filter)
0xF8687000 viaagp.sys 45056 bytes (Microsoft Corporation, VIA NT AGP Filter)
0xB94AE000 C:\WINDOWS\system32\DRIVERS\DcCam.sys 40960 bytes (Eastman Kodak Company, Kodak Digital Camera Driver)
0xB8370000 C:\WINDOWS\system32\drivers\dcfs2k.sys 40960 bytes (Eastman Kodak Company, Kodak DC File System Driver (NT))
0xB83B0000 C:\WINDOWS\system32\drivers\drvnddm.sys 40960 bytes (Sonic Solutions, Device Driver Manager)
0xF71CD000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF8627000 ql1080.sys 40960 bytes (QLogic Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xF85F7000 ql1240.sys 40960 bytes (Microsoft Corporation, QLogic ISP PCI Adapters)
0xF748F000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF8657000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xB83D0000 C:\WINDOWS\System32\Drivers\Fips.SYS 36864 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xB920F000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF7A70000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF85A7000 isapnp.sys 36864 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF74AF000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xB949E000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xB02E4000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF749F000 C:\WINDOWS\System32\Drivers\Pcouffin.sys 36864 bytes (VSO Software, Patin-Couffin low level access layer for CD devices)
0xF85E7000 ql10wnt.sys 36864 bytes (Microsoft Corporation, Miniport Driver for QLogic ISP PCI Adapters)
0xB8390000 C:\WINDOWS\system32\dla\tfsncofs.sys 36864 bytes (Sonic Solutions, Direct Access Component)
0xF8617000 ultra.sys 36864 bytes (Promise Technology, Inc., Promise Ultra66 Miniport Driver)
0xB924F000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7451000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xB9842000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF8857000 symc8xx.sys 32768 bytes (LSI Logic, Symbios 8XX SCSI Miniport Driver)
0xF8867000 sym_u3.sys 32768 bytes (LSI Logic, Symbios Ultra3 SCSI Miniport Driver)
0xB39D3000 C:\WINDOWS\system32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xF883F000 asc.sys 28672 bytes (Advanced System Products, Inc., AdvanSys SCSI Controller Driver)
0xB985A000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF888F000 hpn.sys 28672 bytes (Microsoft Corporation, NetRAID-4M Miniport Driver)
0xF8827000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF8887000 perc2.sys 28672 bytes (Microsoft Corporation, PERC 2 Miniport Driver)
0xF885F000 sym_hi.sys 28672 bytes (LSI Logic, Symbios Hi-Perf SCSI Miniport Driver)
0xF895F000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 28672 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xB39E3000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF886F000 ABP480N5.SYS 24576 bytes (Microsoft Corporation, AdvanSys SCSI Controller Driver)
0xF8877000 asc3350p.sys 24576 bytes (Microsoft Corporation, AdvanSys SCSI Card Driver)
0xB39EB000 C:\WINDOWS\System32\Drivers\avgmfx86.sys 24576 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF7449000 C:\WINDOWS\System32\Drivers\Cdralw2k.SYS 24576 bytes (Roxio, CDRAL for Windows 2000 Kernel Driver)
0xF896F000 C:\WINDOWS\System32\Drivers\dvd_2K.SYS 24576 bytes (Roxio, DVD-RAM AddOn Driver)
0xF7441000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF7419000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF8967000 C:\WINDOWS\system32\DRIVERS\mohfilt.sys 24576 bytes (Intel Corporation, Filter Driver to Support Modem-on-Hold)
0xF7411000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF890F000 C:\WINDOWS\system32\drivers\ssrtln.sys 24576 bytes (Sonic Solutions, Shared Driver Component)
0xF88AF000 C:\WINDOWS\system32\dla\tfsnboio.sys 24576 bytes (Sonic Solutions, Direct Access Component)
0xB9852000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7421000 C:\WINDOWS\system32\DRIVERS\wanatw4.sys 24576 bytes (America Online, Inc., Wan Miniport (ATW))
0xF887F000 dpti2o.sys 20480 bytes (Microsoft Corporation, DPT SmartRAID miniport)
0xB39DB000 C:\WINDOWS\system32\DRIVERS\hidir.sys 20480 bytes (Microsoft Corporation, Infrared Miniport Driver for Input Devices)
0xF884F000 i2omp.sys 20480 bytes (Microsoft Corporation, I2O Miniport Driver)
0xF8847000 mraid35x.sys 20480 bytes (American Megatrends Inc., MegaRAID RAID Controller Driver for Windows Whistler 32)
0xB984A000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xB982A000 C:\Program Files\NavNT\NAVAPEL.SYS 20480 bytes
0xF7409000 C:\WINDOWS\system32\DRIVERS\omci.sys 20480 bytes (Dell Computer Corporation, OMCI Device Driver)
0xF882F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7431000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF8897000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7429000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF8837000 sparrow.sys 20480 bytes (Adaptec, Inc., Adaptec AIC-6x60 series SCSI miniport)
0xF7439000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF8957000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20480 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF8997000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF89C3000 aha154x.sys 16384 bytes (Microsoft Corporation, Adaptec AHA-154x series SCSI miniport)
0xF89D3000 asc3550.sys 16384 bytes (Advanced System Products, Inc., AdvanSys Ultra-Wide PCI SCSI Driver)
0xF89DB000 cbidf2k.sys 16384 bytes (Microsoft Corporation, CardBus/PCMCIA IDE Miniport Driver)
0xF7B08000 C:\WINDOWS\System32\Drivers\cdrbsdrv.SYS 16384 bytes (B.H.A Corporation, CD-ROM Filter Driver for Windows2000/xp)
0xF89BF000 cpqarray.sys 16384 bytes (Microsoft Corporation, Compaq Drive Array Controllers SCSI Miniport Driver)
0xF89CB000 dac960nt.sys 16384 bytes (Microsoft Corporation, Mylex Disk Array Controller Driver)
0xBA122000 C:\WINDOWS\system32\DRIVERS\hphipr09.sys 16384 bytes (HP, IEEE-1284.4-1999 Print Class Driver)
0xF89D7000 ini910u.sys 16384 bytes (Microsoft Corporation, INITIO ini910u SCSI miniport)
0xBA12A000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF6BF3000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
0xF8A83000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xB83EC000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7B0C000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF89C7000 symc810.sys 16384 bytes (Symbios Logic Inc., Symbios Logic Inc. SCSI Miniport Driver)
0xB210C000 C:\WINDOWS\system32\dla\tfsnopio.sys 16384 bytes (Sonic Solutions, Direct Access Component)
0xEE51A000 C:\WINDOWS\system32\DRIVERS\usbscan.sys 16384 bytes (Microsoft Corporation, USB Scanner Driver)
0xF89CF000 amsint.sys 12288 bytes (Microsoft Corporation, AMD SCSI/NET Controller)
0xF89BB000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xB45B7000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xEE516000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x85012000 C:\WINDOWS\system32\KDCOM.DLL 12288 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xB2100000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7AF4000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7B00000 C:\WINDOWS\system32\drivers\pfc.sys 12288 bytes (Padus, Inc., Padus(R) ASPI Shell)
0xBA056000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF8AA9000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0xF8B67000 C:\WINDOWS\System32\Drivers\ASCTRM.SYS 8192 bytes (Windows (R) 2000 DDK provider, TR Manager)
0xF8AC9000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF8AB5000 cd20xrnt.sys 8192 bytes (Microsoft Corporation, IBM Portable CD-ROM Drive Miniport)
0xF8B37000 C:\Program Files\321Studios\Shared\CDRPDACC.SYS 8192 bytes (Arrowkey, CD Device Access)
0xF8AAB000 cmdide.sys 8192 bytes (CMD Technology, Inc., CMD PCI IDE Bus Driver)
0xF8AB3000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xB8D31000 C:\WINDOWS\system32\DRIVERS\dsunidrv.sys 8192 bytes (Gteko Ltd., GUniDriver)
0xF8AC7000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF8AC5000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 8192 bytes (Microsoft Corporation, I2O Utility Filter)
0xF8AB1000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF8ACB000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF8B29000 C:\WINDOWS\system32\drivers\MSPQM.sys 8192 bytes (Microsoft Corporation, MS Proxy Quality Manager)
0xF8AB7000 perc2hib.sys 8192 bytes (Microsoft Corporation, PERC 2 Hibernate Driver)
0xF8ACD000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF8AFD000 C:\WINDOWS\system32\drivers\sscdbhk5.sys 8192 bytes (Sonic Solutions, Shared Driver Component)
0xF8AFF000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xB8D33000 C:\WINDOWS\system32\dla\tfsnpool.sys 8192 bytes (Sonic Solutions, Direct Access Component)
0xF8AAD000 toside.sys 8192 bytes (Microsoft Corporation, Toshiba PCI IDE Controller)
0xF8B09000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF8AAF000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF8AA7000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF8C2D000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF8C4D000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xB8B40000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF8B6F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF8BDE000 C:\WINDOWS\system32\dla\tfsndrct.sys 4096 bytes (Sonic Solutions, Direct Access Component)
0xF8BDD000 C:\WINDOWS\system32\dla\tfsndres.sys 4096 bytes (Sonic Solutions, Direct Access Component)
!!!!!!!!!!!Hidden driver: 0x8506F292 ?_empty_? 3438 bytes
==============================================
>Stealth
==============================================
0xF8397000 WARNING: suspicious driver modification [iaStor.sys::0x8506F292]
==============================================
>Files
==============================================
!-->[Hidden] C:\Documents and Settings\All Users\Application Data\avg9\Chjw\b2e43b26e43aebeb\1519a1bf-f58b-42d4-bcec-961ab26ee107
!-->[Hidden] C:\Documents and Settings\All Users\Application Data\avg9\Chjw\b2e43b26e43aebeb\bf5b2076-32af-4678-bd1e-5abc08bff6b0
!-->[Hidden] C:\Documents and Settings\All Users\Application Data\avg9\update\download\u9iavi3208u3206ye.bin
!-->[Hidden] C:\Documents and Settings\All Users\Application Data\avg9\update\download\x8xplsb_254d253ka.bin
!-->[Hidden] C:\Documents and Settings\All Users\Application Data\avg9\update\download\x8xplsc_374d372ka.bin
!-->[Hidden] C:\Documents and Settings\Juan\Cookies\juan@citysearch[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Cookies\juan@mail.yahoo[3].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4956CAD0-DC42-11DF-82CA-00038A000015}.dat::$DATA
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F9DA35C4-DC55-11DF-82CA-00038A000015}.dat
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{D6B00604-DC56-11DF-82CA-00038A000015}.dat
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\7x8z3l9h[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\84[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\85[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\bullet[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\combo[3].css
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\combo[6]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\connect_icon_was[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\email_icon[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\facebook_icon[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\Group_Tickets[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\httpcs_msg_yahoo_com[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\HUtBhvQJaVJC03MtUEt6Ng--[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\indexsg[1].htm
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\l.s.bn1[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\left-round[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\left-round[2].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\orangeDottedLine[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\rightArrow[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\spacer[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\swoosh[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\transparent[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\trans[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\validate[2].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\9MGXI535\validate[3].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\52[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\74[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\87[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\background_gradient[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\blueDottedLine[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\byrce_harper_afl_407[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\c61639e305e930102297f479ef1f84c7_1[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\combo[1].css
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\combo[2]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\crossdomain[2].xml
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\curly_w_132x92_bdr[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\dc52888b3dcb56f0860d78175bf4dd4f_1[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\emailHeader[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\ErrorPageTemplate[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\favcenter[2]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\ga[1].js
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\hdr_insider_728x68[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\image[4].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\noConnect[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\orderTickets[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\process[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\sallysalon_25x25[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\tools[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\JN3GVN4B\trans[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\1[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\2011ST[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\300x250_PS_tbs_fox[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\5i7q1z2w[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\728x90-TYIB-was[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\82[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\btn.startdownload[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\capt.43791a8e68cb46ccb8c5196303fbe32d-43791a8e68cb46ccb8c5196303fbe32d-0[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\combo[4]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\combo[5]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\crossdomain[3].xml
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\cyberClub[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\HauntedHouse[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\header[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\httpErrorPagesScripts[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\l.s.bg1z[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\Louie_Kids_Club[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\openmail.app.instance[1].uninstall
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\OsMilbAs[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\spacer[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\tyib_132x92[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\urbanclassic_bg[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\PUUUX3B5\video[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\2010MLBPlayoffs[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\43[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\68[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\86[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\BMDC[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\buy2_get2_132x92_bdr[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\cc-logo-color-sm[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\down[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\errorPageStrings[1]
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\facebook[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\favicon[3].ico
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\jBe8vDmh[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\l.s.bg2z[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\online[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\openmail.app[1].list
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\safe_unsubscribe_logo[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\survey[1].htm
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\twitter[1].png
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\twitter_icon[1].gif
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\v04127o89sq[1].jpg
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\validate[1].txt
!-->[Hidden] C:\Documents and Settings\Juan\Local Settings\Temporary Internet Files\Content.IE5\WANO2MHM\VoteBeato[1].jpg
!-->[Hidden] C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DB1EWOYV\23304%2C24483%2C24320%2C24322%2C24054%2C24087%2C24175%2C21411%2C21389%2C22560%2C23592%2C23394%2C23062%2C23061%2C22372%2C24162%2C23601%2C23000%2C23077[1].htm0c
!-->[Hidden] C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DB1EWOYV\23304%2C24483%2C24320%2C24322%2C24054%2C24087%2C24175%2C21411%2C21389%2C22560%2C23592%2C23394%2C23062%2C23061%2C22372%2C24162%2C23601%2C23000%2C23077[2].htm0c
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0JW1WTG3\Folks[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0JW1WTG3\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0JW1WTG3\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0JW1WTG3\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0JW1WTG3\st[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\01[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\12942;56232;201;js;Glam;160x600FiberEnthusiastPurchaseBasedTargeting1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\bullet[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\ErrorPageTemplate[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\get[1].media
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0PA9YTQ3\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\72XKY4WO\Advertising[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\72XKY4WO\audmeasure[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\72XKY4WO\babelgum.fp-resize[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\72XKY4WO\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\72XKY4WO\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\adServer[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\babelgum_com[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\glamadapt_jsrv[4].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\glamadapt_jsrv[5].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\892J8LEZ\st[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\clip_frame_hover[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\Folks[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\httpErrorPagesScripts[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OU1Z8C4X\meld[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\Client[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\glamadapt_jsrv[4].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\info_48[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RSSCB5GY\navcancl[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\background_gradient[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\errorPageStrings[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\get[1].media
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\TUXSHT5P\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YPQVM9QZ\01[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YPQVM9QZ\Advertising[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YPQVM9QZ\glamadapt_jsrv[1].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YPQVM9QZ\glamadapt_jsrv[2].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YPQVM9QZ\glamadapt_jsrv[3].act
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1445\change.log.4
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1445\drivetable.txt
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\A0284747.cfg
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\A0284748.ini
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\change.log
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\RestorePointSize
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\rp.log
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\ComDb.Dat
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\domain.txt
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\$WinMgmt.CFG
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\INDEX.BTR
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\INDEX.MAP
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\MAPPING.VER
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\MAPPING1.MAP
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\MAPPING2.MAP
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\OBJECTS.DATA
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\Repository\FS\OBJECTS.MAP
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_MACHINE_SAM
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_MACHINE_SECURITY
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_MACHINE_SOFTWARE
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_MACHINE_SYSTEM
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_.DEFAULT
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-18
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-19
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-20
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-1944777543-2185336954-2013689522-1005
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-1944777543-2185336954-2013689522-1006
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-1944777543-2185336954-2013689522-1010
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-1944777543-2185336954-2013689522-500
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-18
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-19
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-20
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-1944777543-2185336954-2013689522-1005
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-1944777543-2185336954-2013689522-1006
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-1944777543-2185336954-2013689522-1010
!-->[Hidden] C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP1446\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-1944777543-2185336954-2013689522-500
!-->[Hidden] C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x0006DF0E, Type: Inline - RelativeJump 0x80544F0E-->80544F15 [ntkrnlpa.exe]
[1608]SVCHOST.EXE-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[1608]SVCHOST.EXE-->user32.dll-->GetCursorPos, Type: Inline - RelativeJump 0x7E41BD76-->00000000 [unknown_code_page]
[2072]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [SHIMENG.DLL]
[2072]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77DD1214-->00000000 [aclayers.dll]
[2072]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77DD105C-->00000000 [aclayers.dll]
[2072]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77DD11E0-->00000000 [aclayers.dll]
[2072]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [SHIMENG.DLL]
[2072]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77F11084-->00000000 [aclayers.dll]
[2072]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77F11078-->00000000 [aclayers.dll]
[2072]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77F110B8-->00000000 [aclayers.dll]
[2072]iexplore.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0040106C-->00000000 [SHIMENG.DLL]
[2072]iexplore.exe-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x00401098-->00000000 [aclayers.dll]
[2072]iexplore.exe-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x004010E8-->00000000 [aclayers.dll]
[2072]iexplore.exe-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x004010C0-->00000000 [aclayers.dll]
[2072]iexplore.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[2072]iexplore.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[2072]iexplore.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[2072]iexplore.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[2072]iexplore.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[2072]iexplore.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[2072]iexplore.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [SHIMENG.DLL]
[2072]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x7C9C13E8-->00000000 [aclayers.dll]
[2072]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExA, Type: IAT modification 0x7C9C163C-->00000000 [aclayers.dll]
[2072]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x7C9C161C-->00000000 [aclayers.dll]
[2072]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x7C9C15A0-->00000000 [aclayers.dll]
[2072]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x7E41F85B-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x7E41FC25-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x7E456B50-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x7E432032-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x7E43B10C-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x7E42555F-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [SHIMENG.DLL]
[2072]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x7E4112F8-->00000000 [aclayers.dll]
[2072]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x7E411208-->00000000 [aclayers.dll]
[2072]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x7E411340-->00000000 [aclayers.dll]
[2072]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x7E4505FC-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x7E4505D8-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x7E43A04A-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x7E4662AB-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->SetWindowLongA, Type: Inline - RelativeJump 0x7E41D60D-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->SetWindowLongW, Type: Inline - RelativeJump 0x7E41D62B-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E42DDB5-->00000000 [ieframe.dll]
[2072]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E41F21E-->00000000 [ieframe.dll]
[3172]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [SHIMENG.DLL]
[3172]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77DD1214-->00000000 [aclayers.dll]
[3172]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77DD105C-->00000000 [aclayers.dll]
[3172]iexplore.exe-->advapi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77DD11E0-->00000000 [aclayers.dll]
[3172]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [SHIMENG.DLL]
[3172]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77F11084-->00000000 [aclayers.dll]
[3172]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77F11078-->00000000 [aclayers.dll]
[3172]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77F110B8-->00000000 [aclayers.dll]
[3172]iexplore.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0040106C-->00000000 [SHIMENG.DLL]
[3172]iexplore.exe-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x00401098-->00000000 [aclayers.dll]
[3172]iexplore.exe-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x004010E8-->00000000 [aclayers.dll]
[3172]iexplore.exe-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x004010C0-->00000000 [aclayers.dll]
[3172]iexplore.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[3172]iexplore.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[3172]iexplore.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[3172]iexplore.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[3172]iexplore.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[3172]iexplore.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[3172]iexplore.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [SHIMENG.DLL]
[3172]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x7C9C13E8-->00000000 [aclayers.dll]
[3172]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExA, Type: IAT modification 0x7C9C163C-->00000000 [aclayers.dll]
[3172]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x7C9C161C-->00000000 [aclayers.dll]
[3172]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x7C9C15A0-->00000000 [aclayers.dll]
[3172]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x7E41FC25-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x7E456B50-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x7E432032-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x7E43B10C-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x7E42555F-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [SHIMENG.DLL]
[3172]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x7E4112F8-->00000000 [aclayers.dll]
[3172]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x7E411208-->00000000 [aclayers.dll]
[3172]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x7E411340-->00000000 [aclayers.dll]
[3172]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x7E4505FC-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x7E4505D8-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x7E43A04A-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x7E4662AB-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->SetWindowLongA, Type: Inline - RelativeJump 0x7E41D60D-->00000000 [ieframe.dll]
[3172]iexplore.exe-->user32.dll-->SetWindowLongW, Type: Inline - RelativeJump 0x7E41D62B-->00000000 [ieframe.dll]
[4076]explorer.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[4076]explorer.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[4076]explorer.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[4076]explorer.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[4076]explorer.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[4076]explorer.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[4684]wuauclt.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]

peku006
2010-10-21, 11:45
Hi ndnboy

We will continue with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
If you need help to disable your protection programs see here. (http://www.bleepingcomputer.com/forums/topic114351.html)
When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply

Thanks peku006

ndnboy
2010-10-21, 18:50
thanks again for the help, disabled AVG 9.0 as instructed, combofix stated it was still running, ran combo fix, the report was to long so Ive copied and pasted in 2 parts:



ComboFix 10-10-20.04 - Juan 10/21/2010 10:54:45.1.1 - x86
Running from: c:\documents and settings\Juan\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Juan\System
c:\documents and settings\Juan\System\win_qs8.jqx
c:\windows\Help\SBSI\kstadb.bak1
c:\windows\Help\SBSI\kstadb.bak2
c:\windows\Help\SBSI\kstadb.ini
c:\windows\Help\SBSI\kstadb.ini2
c:\windows\Help\SBSI\kstadb.tmp
c:\windows\system32\fonts
c:\windows\system32\fonts\ACADEMY_.PFB
c:\windows\system32\fonts\ACADEMY_.PFM
c:\windows\system32\fonts\ACADEMY_.TTF
c:\windows\SYSTEM32\kkftxeta.ini
c:\windows\SYSTEM32\kkftxeta.ini2
c:\windows\SYSTEM32\kkftxeta.tmp
c:\windows\SYSTEM32\kkftxeta.tmp2
c:\windows\system32\ksfalcke.ini

.
((((((((((((((((((((((((( Files Created from 2010-09-21 to 2010-10-21 )))))))))))))))))))))))))))))))
.

2010-10-18 02:15 . 2010-10-18 02:15 -------- d-----w- c:\program files\ERUNT
2010-10-17 02:40 . 2010-10-17 02:40 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-17 02:39 . 2010-10-17 02:39 -------- d-----w- c:\program files\MyWaySA
2010-10-17 01:34 . 2010-10-17 01:34 -------- d-----w- c:\program files\Trend Micro
2010-10-16 21:22 . 2010-10-17 02:41 -------- d-----w- c:\program files\STOPzilla!
2010-10-16 21:22 . 2010-10-16 21:22 -------- d-----w- c:\program files\Common Files\iS3
2010-10-16 21:22 . 2010-10-17 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!
2010-10-16 12:52 . 2010-10-16 12:52 -------- d-----w- c:\documents and settings\Juan\Application Data\Malwarebytes
2010-10-16 12:51 . 2010-10-16 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-16 12:51 . 2010-10-17 02:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 20:05 . 2010-10-17 02:39 -------- d-----w- c:\program files\Free Window Registry Repair
2010-10-15 19:53 . 2010-10-17 02:39 -------- d-----w- c:\program files\1-Click PC Fix v4
2010-10-15 19:44 . 2010-10-15 19:44 -------- d-----w- c:\documents and settings\Juan\Application Data\Registry Mechanic
2010-10-14 02:51 . 2010-10-14 02:51 -------- d-----w- c:\documents and settings\Juan\IECompatCache
2010-10-13 16:53 . 2010-10-13 16:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\ASYNCMAC.SYS

[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\KBDCLASS.SYS

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[-] 2004-08-10 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\NDIS.SYS

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\SYSTEM32\DLLCACHE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\SYSTEM32\DRIVERS\ntfs.sys
[-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys

[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\NULL.SYS

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DRIVERS\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\browser.dll
[-] 2004-08-10 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\BROWSER.DLL

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[-] 2004-08-10 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\LSASS.EXE

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\SYSTEM32\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-10 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SYSTEM32\QMGR.DLL
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-10 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\services.exe
[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\DLLCACHE\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[-] 2004-08-10 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\SYSTEM32\spoolsv.exe
[-] 2004-08-10 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[-] 2004-08-10 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WINLOGON.EXE
[-] 2004-08-10 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\winlogon.exe

[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\SYSTEM32\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\SYSTEM32\DLLCACHE\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-10 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-10 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.DLL
[-] 2004-08-10 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[-] 2004-08-10 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\CRYPTSVC.DLL

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\SYSTEM32\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\SYSTEM32\DLLCACHE\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-10 11:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\imm32.dll
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\IMM32.DLL
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\SYSTEM32\kernel32.dll
[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-10 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\SYSTEM32\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\SYSTEM32\DLLCACHE\linkinfo.dll
[-] 2004-08-10 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lpk.dll
[-] 2004-08-10 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\LPK.DLL

[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SYSTEM32\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-09-25 . 431D4C38E47AE0CAC1A52A185395A5F5 . 3070976 . . [6.00.2900.3627] . . c:\windows\ie8\mshtml.dll
[-] 2009-09-25 . 601E18A9A8F0D0ED39692B593212378F . 3070976 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\mshtml.dll
[-] 2009-09-25 . 37F578776552FA076EA6085F0365209C . 3072512 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\mshtml.dll
[-] 2009-07-18 . 7467941BE64DFC5F8E9F3DC1DE920806 . 3069440 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3GDR\mshtml.dll
[-] 2009-07-18 . 9A878C4D12BE5598B598B27BFEA1B3C2 . 3069440 . . [6.00.2900.3603] . . c:\windows\$NtUninstallKB974455$\mshtml.dll
[-] 2009-07-18 . F3EE47F296295D08A97CB50EF57244D9 . 3069952 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-04-29 . ABD8093E43E53AEA5898D2214B92E9BA . 3068928 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\mshtml.dll
[-] 2009-04-29 . 7BB862F4CBB8361551C34674291BA5EC . 3068928 . . [6.00.2900.3562] . . c:\windows\$NtUninstallKB972260$\mshtml.dll
[-] 2009-04-29 . 06CF679E3D24C3DF270556456A0F1EDA . 3069440 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-02-20 . 03D98EB3F7BBD1FA14C650597F1989BC . 3067904 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\mshtml.dll
[-] 2009-02-20 . 2F70F2F74C40397D031016FA162981C2 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\mshtml.dll
[-] 2009-02-20 . 1618A4A2C5DD8164B8295190C8EA6544 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll
[-] 2008-12-12 . 6D1D493622EA050DBAABD0C4C1DFADB5 . 3067392 . . [6.00.2900.3492] . . c:\windows\$NtUninstallKB963027$\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-12-12 . C828AA1C5469E72251F3D367005E589F . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-10-16 . C99D8B48FC245D98E1A2BAB6594458C9 . 3067392 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB960714$\mshtml.dll
[-] 2008-10-16 . B846C2DE341CF32B42AD297437233742 . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
[-] 2008-08-20 . 20D44D1A5A406CD8E129D3D4F0B5717C . 3067392 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215$\mshtml.dll
[-] 2008-08-20 . 507BDA42F7DB8209C0F0B3556A043491 . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
[-] 2008-08-20 . BD45470B132A0F98596277323D9F2E5A . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
[-] 2008-06-25 . 04EEC0FF4DD3C7041628973CA6832C33 . 3067904 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
[-] 2008-06-23 . 1FC693A4EE1D9D9CD78DDA6C87232F6F . 3067392 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390$\mshtml.dll
[-] 2008-06-23 . F433136C23D13B120412B300D1324A7E . 3067392 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
[-] 2008-04-21 . 083B967E6B0B2BB539CE6B08D45D631F . 3066880 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\mshtml.dll
[-] 2008-04-21 . FE406DE0651C9E8201DCB0460609D739 . 3066880 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll
[-] 2008-04-21 . 46A61BA430110F00DD990D058AA3D054 . 3067392 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mshtml.dll
[-] 2008-02-16 . 701A6798DDF875CAA3A5099EE75FD57F . 3066880 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759$\mshtml.dll
[-] 2007-12-07 . 8A4DD074DEC1B0C063C8493ABF654CBC . 3066368 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\mshtml.dll
[-] 2007-10-30 . 79314A0A6B0DA78AFE491FF2D8B117BA . 3065856 . . [6.00.2900.3243] . . c:\windows\$NtUninstallKB944533$\mshtml.dll
[-] 2007-08-22 . 885E3BF99EA4B2213901EBC35B34CF12 . 3064832 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\mshtml.dll
[-] 2007-06-15 . 53F3FD772C010622346C39284C4A863B . 3064320 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB939653$\mshtml.dll
[-] 2007-05-04 . 00ADCB32832A10ED9419493BCEA97526 . 3064320 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143$\mshtml.dll
[-] 2007-02-20 . 2991727809C7AC3A33E4178CC73244D8 . 3063296 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB918899$\mshtml.dll
[-] 2006-05-19 . 284CE76B71DD5260B42A3CCF0135AF67 . 3052544 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899_0$\mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-10-04 . 042AC20E084D21DD6BEE99B89CC30FB7 . 3015168 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-07-20 . 31E7520E58E5E4DFA93215A6D5603AF2 . 3014144 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCFAC5470EE0A159EC4222BC28AE3EE6 . 3012608 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll
[-] 2005-03-10 . 84A1B9B0C362051E68BB131F14C6DAAD . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\mshtml.dll
[-] 2005-03-10 . 255C2CE965543ABDC3E0A25A5DA1874A . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
[-] 2005-01-27 . FAE3CA9B2459581C45B3A8845BE3077C . 3006976 . . [6.00.2900.2604] . . c:\windows\$NtUninstallKB890923$\mshtml.dll
[-] 2005-01-27 . 91C5ADE25BC4E3322577854FA2E7B58B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll
[-] 2004-09-29 . D94E6405E420373161467ACD3DA65640 . 3004928 . . [6.00.2900.2523] . . c:\windows\$NtUninstallKB867282$\mshtml.dll
[-] 2004-09-29 . 087FF7C54E7EBE4A59BD4DFC1D0EE9B8 . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
[-] 2004-08-10 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msvcrt.dll
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SYSTEM32\MSVCRT.DLL
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\msvcrt.dll
[-] 2004-08-10 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\MSVCRT.DLL
[-] 2004-08-10 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\MSVCRT.DLL

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll
[-] 2004-08-10 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[-] 2004-08-10 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\NETLOGON.DLL

[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\Driver Cache\I386\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
[-] 2010-02-16 . A63052FA8FB8685382E10EE83C326864 . 2137088 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe
[-] 2009-12-08 . 339EC6940BEBF9775CB65E29E0CD9782 . 2136064 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-08 . 128D88B3176E70B2E3088ECEB842B673 . 2185984 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntoskrnl.exe
[-] 2009-08-05 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 11CDD81560E766101F0032EB05872C1B . 2136064 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8DF112C341425F29DB4566B8D2A96A7F . 2185984 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 16B5EBE97F243441264A8F8694C2F2AA . 2136064 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . DD31AB4B91C2605601A3C108AF57A0C9 . 2136064 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . CE69DBD54221F2D40E49FF6DB77C6507 . 2185984 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 1220FAF071DEA8653EE21DE7DCDA8BFD . 2136064 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 . 8318ED54797F3E513FD5817A1D4BBD18 . 2136064 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 48B3E89AF7074CEE0314A3E0C7FAFFDB . 2135552 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2004-08-04 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll
[-] 2004-08-10 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\SYSTEM32\POWRPROF.DLL

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[-] 2004-08-10 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SCECLI.DLL

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfc.dll
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SFC.DLL
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SVCHOST.EXE
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\SYSTEM32\tapisrv.dll
[-] 2004-08-10 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\SYSTEM32\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\SYSTEM32\DLLCACHE\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-10 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[-] 2004-08-10 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\USERINIT.EXE

ndnboy
2010-10-21, 18:51
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SYSTEM32\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SYSTEM32\DLLCACHE\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-09-25 . AE710BE3F4A9F9B0948C3183D49717A0 . 668672 . . [6.00.2900.3627] . . c:\windows\ie8\wininet.dll
[-] 2009-09-25 . 178CF0F58C9907633AAB633860B68973 . 667136 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\wininet.dll
[-] 2009-09-25 . 406D33F9B30FFC0EEFC7C55562839931 . 668672 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\wininet.dll
[-] 2009-06-26 . 70FFEA4793D7139A447B169CB0E500BC . 666624 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3GDR\wininet.dll
[-] 2009-06-26 . 8553E6D4EC1563277323E6B2D6FBB954 . 668160 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-06-26 . CF0B7B2738BEF0EB87673393CB7EA06E . 668160 . . [6.00.2900.3592] . . c:\windows\$NtUninstallKB974455$\wininet.dll
[-] 2009-04-29 . 6002073519FA478BF89977369CDFD156 . 666624 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[-] 2009-04-29 . 9E36A148748C5DE4EA1F47B9B625F412 . 668160 . . [6.00.2900.3562] . . c:\windows\$NtUninstallKB972260$\wininet.dll
[-] 2009-04-29 . 04BCB4F87B35502568F6CF33433543A5 . 668160 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-02-20 . 1EA0E6DD74199209D60991FD46CE8643 . 668160 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\wininet.dll
[-] 2009-02-20 . 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E . 666112 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll
[-] 2009-02-20 . 711FEABED387B29FF7ED61BC6806A06C . 667648 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[-] 2008-10-16 . 93C9D0A216498EE14EB9B26119BB95EE . 667648 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB963027$\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-10-16 . 1576318BF08D28CC61D1278114AD8D5B . 666112 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[-] 2008-08-20 . C91E3A6EF094202F6B5CA8960DFCF243 . 667648 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215$\wininet.dll
[-] 2008-08-20 . 9AF5F25124FBDC36E2B510729CBA2674 . 666112 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
[-] 2008-08-20 . 94418F53D2612C26DBADC04DAFBC197C . 666624 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
[-] 2008-06-23 . 611ACE3F4201E9610AF8452F7C268995 . 667136 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390$\wininet.dll
[-] 2008-06-23 . F12FBB673DE9CC802C5DC518FE99AA2F . 666112 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
[-] 2008-06-23 . 972299B7241EC325D8C7E5638C884925 . 666624 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
[-] 2008-04-21 . 2E7DE1BF9418B071799EB53DE8CC22F5 . 666624 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\wininet.dll
[-] 2008-04-21 . 2B0C24AA747A93A28987B6D65A4A74BC . 666112 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
[-] 2008-04-21 . 26F240C250E5B4B395CB4B178BA75437 . 666624 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wininet.dll
[-] 2008-02-16 . BB1EACD6AB47E78EBCA02EB781550D55 . 666112 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2007-12-07 . 085A7C37F9C6EDE1BA870B7DBEC06399 . 666112 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\wininet.dll
[-] 2007-10-11 . 80D660A49E0D118144423099B2A9F5DA . 666112 . . [6.00.2900.3231] . . c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2007-08-22 . A1BC17EB3758D73C3938B2318820F5B4 . 665600 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-06-26 . E1A3DD68B5380B360A7310A64D9BB188 . 665600 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB939653$\wininet.dll
[-] 2007-04-18 . 4261BA03AFD659DE04F0A17DFBDD454D . 665600 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143$\wininet.dll
[-] 2007-02-20 . B258C922D22DEEC880B60720531D7627 . 665600 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-05-10 . 38AB7A56F566D9AAAD31812494944824 . 658432 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899_0$\wininet.dll
[-] 2006-04-13 . 877A4A08374D00B950B9AA2F5712D612 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-09-02 . AF61EBB1F550175EFF406D545D6AB086 . 658432 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-07-03 . 5B5FF992C0FA762CCF8655FC290E6E52 . 658432 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-05-02 . 1A078AF3F85D10BA56444C23B3A18E74 . 657920 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2005-03-10 . 6F018D6319BE4F96426EA829B79E05D5 . 656896 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2005-03-10 . C8663B488996E89A84C3D17C1D12B79E . 657920 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2005-01-27 . B5E043E440B210014E021B24CF0A72E3 . 656896 . . [6.00.2900.2577] . . c:\windows\$NtUninstallKB890923$\wininet.dll
[-] 2005-01-27 . A8EAC5330876548E9966A7D13025D196 . 657920 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2004-09-29 . CBA65B573C66FE23F647FF96E3A10994 . 656896 . . [6.00.2900.2518] . . c:\windows\$NtUninstallKB867282$\wininet.dll
[-] 2004-09-29 . 2C07195588D69A067C2AFDAA31759295 . 656896 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
[-] 2004-08-10 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WS2_32.DLL
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2help.dll
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WS2HELP.DLL
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\SYSTEM32\DLLCACHE\explorer.exe
[-] 2004-08-10 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\SYSTEM32\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\SYSTEM32\DLLCACHE\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-10 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll
[-] 2004-08-10 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SRSVC.DLL

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wscntfy.exe
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WSCNTFY.EXE
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\xmlprov.dll
[-] 2004-08-10 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\XMLPROV.DLL

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[-] 2004-08-10 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\EVENTLOG.DLL

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfcfiles.dll
[-] 2004-08-10 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SFCFILES.DLL

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe
[-] 2004-08-10 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\CTFMON.EXE

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\SYSTEM32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\SYSTEM32\DLLCACHE\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-10 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\regsvc.dll
[-] 2004-08-10 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\REGSVC.DLL

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\schedsvc.dll
[-] 2004-08-10 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SCHEDSVC.DLL

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ssdpsrv.dll
[-] 2004-08-10 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SSDPSRV.DLL

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\termsrv.dll
[-] 2004-08-10 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\TERMSRV.DLL
[-] 2004-08-10 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\termsrv.dll

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\appmgmts.dll
[-] 2004-08-10 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\APPMGMTS.DLL

[-] 2004-08-10 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\I386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SYSTEM32\DLLCACHE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SYSTEM32\DRIVERS\aec.sys
[-] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\AGP440.SYS

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\IP6FW.SYS

[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\SYSTEM32\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\SYSTEM32\DLLCACHE\mfc40u.dll
[-] 2004-08-10 11:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msgsvc.dll
[-] 2004-08-10 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\MSGSVC.DLL

[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\SYSTEM32\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
[-] 2004-08-10 11:00 . 6EAA72FD9EF993EC1FA9A06DE65105DA . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\Driver Cache\I386\ntkrnlpa.exe
[-] 2010-02-16 . 26A901A1840E9E46FFFC6D09B9618CDF . 2016768 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe
[-] 2009-12-08 . 5B542B9C2D8D613CE7D24563926F3411 . 2015744 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-08 . BC123D9238A0C9BB3D853E407EE77254 . 2063104 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . E832C72D32FA117CB0D033C5EA95B58F . 2015744 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 97E912E94CCED4064F5DEEE5C25A9278 . 2062976 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-06 . B238AB60093BABFE76AEC8F34B4D399D . 2015744 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-08-14 . DC097A896A03B8277457D228FD12D4E6 . 2015744 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . 63EC865DFF6CCFC7BEF94B5C50297CAD . 2062976 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . A58AC1C6199EF34228ABEE7FC057AE09 . 2015744 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 . BBB2322EB14AD9AD55B1024FFD4D88BF . 2015744 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 3CD941E472DDF3534E53038535719771 . 2015232 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll
[-] 2004-08-10 11:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\SYSTEM32\NTMSSVC.DLL

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\SYSTEM32\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\SYSTEM32\DLLCACHE\upnphost.dll
[-] 2004-08-10 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\dsound.dll
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SYSTEM32\DSOUND.DLL
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\d3d9.dll
[-] 2004-08-10 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\D3D9.DLL

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ddraw.dll
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\DDRAW.DLL
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\olepro32.dll
[-] 2004-08-10 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\OLEPRO32.DLL
[-] 2004-08-10 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\perfctrs.dll
[-] 2004-08-10 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\PERFCTRS.DLL

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\version.dll
[-] 2004-08-10 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\VERSION.DLL
[-] 2004-08-10 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\version.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmileboxTray"="c:\documents and settings\Juan\Application Data\Smilebox\SmileboxTray.exe" [2008-01-09 201352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MMTray"="c:\program files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe" [2006-01-19 110592]
"vptray"="c:\program files\NavNT\vptray.exe" [2002-08-03 73728]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-06-30 1388544]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-02-27 69632]
"RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-02-27 757760]
"RoxioAudioCentral"="c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-02-26 253952]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-01-04 26112]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~2\mimboot.exe" [2006-01-19 11776]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-14 50688]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-02-07 114741]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-05 2067808]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]

c:\documents and settings\Juan\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
HOTLLAMA Update Check.lnk - c:\program files\HOTLLAMA MEDIA\Player\WiseUpdt.exe [2005-1-25 162834]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-1-4 156784]
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [2007-6-21 1445904]
Kodak EasyShare software.lnk - c:\program files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [2005-11-4 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 12:52 12536 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\KODAK\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\program files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe"= c:\program files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services
"c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe"= c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [5/8/2008 10:52 AM 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [5/8/2008 10:52 AM 243024]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/10/2004 7:00 AM 14336]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/16/2010 8:52 AM 308136]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [9/3/2009 3:44 PM 444224]
R3 Angel;Angel MPEG Device;c:\windows\SYSTEM32\DRIVERS\Angel.sys [1/1/1980 2:00 AM 337536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-10-12 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]

2005-01-10 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-10 11:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://www.samsphotoclub.com/login/index.asp
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: plaxo.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: Photobucket Publisher - hxxp://s154.photobucket.com/csve/ie_plugin.php
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {DC11F230-5717-4C25-BAD7-37B879C19655} - hxxp://mdpatriotstangs.myphotoalbum.com/ImageUploader4.cab
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
URLSearchHooks-CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
BHO-{89FF07AB-3DC7-4272-B8CE-E03A88757855} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Notify-bdatsk - c:\windows\Help\SBSI\bdatsk.dll
AddRemove-SmartDraw 2009 - c:\smartdraw 2009\Unwise.exe



Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x85562446]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf862bfc3
\Driver\ACPI -> ACPI.sys @ 0xf843ecb8
\Driver\atapi -> atapi.sys @ 0xf83457b4
\Driver\iaStor -> iaStor.sys @ 0xf8368316
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582414
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582414
NDIS: Broadcom NetXtreme 57xx Gigabit Controller -> SendCompleteHandler -> NDIS.sys @ 0xf81f8ba0
PacketIndicateHandler -> NDIS.sys @ 0xf8205b21
SendHandler -> NDIS.sys @ 0xf81e387b
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1944777543-2185336954-2013689522-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1140)
c:\windows\system32\WININET.dll
c:\windows\system32\NavLogon.dll

- - - - - - - > 'lsass.exe'(1200)
c:\windows\system32\WININET.dll
.
Completion time: 2010-10-21 11:24:24
ComboFix-quarantined-files.txt 2010-10-21 15:24

Pre-Run: 72,138,047,488 bytes free
Post-Run: 72,524,091,392 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - FF6A98E2DBBE25B73E9C5670B8D2AFE5

peku006
2010-10-21, 19:34
Hi ndnboy

Download and Run Malwarebytes' Anti-Malware

Please save any items you were working on... close any open programs. You may be asked to reboot your machine.
Please download Malwarebytes Anti-Malware (http://www.malwarebytes.org/mbam-download.php) and save it to your desktop. If needed...Tutorial w/screenshots (http://thespykiller.co.uk/index.php/topic,5946.0.html)
Alternate download sites available here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) or here (http://www.besttechie.net/tools/mbam-setup.exe).
Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
Problems downloading the updates? Manually download them from here (http://malwarebytes.gt500.org/mbam-rules.exe) and double-click on "mbam-rules.exe" to install.
On the Scanner tab:
Make sure the "Perform full scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
Click on the Show Results button to see a list of any malware that was found.
Check all items except items in the C:\System Volume Information folder... then click on Remove Selected.
We will take care of the System Volume Information items later.
When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Please reply with

Malwarebytes' Anti-Malware Log

Thanks peku006

ndnboy
2010-10-22, 08:11
Downloaded and ran malwarebytes, the log is listed below.

I still have my AVG anti virus and firewall disabled from last download, can I re-enable them or wait?

Thanks again for all the help, system has been slow and painful, hope to get back to norm soon.

When complete, can you also advise if keeping my curreng AVG 9.0, AdAware, CCcleaner and Spybot is the way to protect my system and run weekly? Or if Malware Bytes or any other program needs to be added to the mix and drop something? Dont want to have any programs fighting each other.



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4907

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

10/22/2010 1:03:06 AM
mbam-log-2010-10-22 (01-03-06).txt

Scan type: Full scan (C:\|G:\|)
Objects scanned: 296948
Time elapsed: 1 hour(s), 27 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
(No malicious items detected)

peku006
2010-10-22, 11:10
Hi ndnboy


When complete, can you also advise if keeping my curreng AVG 9.0, AdAware, CCcleaner and Spybot is the way to protect my system and run weekly? Or if Malware Bytes or any other program needs to be added to the mix and drop something? Dont want to have any programs fighting each other.
AVG 9.0,CCcleaner and Spybot are Ok. (but Malware Bytes is better than AdAware,my opinion :D:)
there is nothing wrong in having more than one antispyware programmes for “on demand” scanning

Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply.

Thanks peku006

ndnboy
2010-10-23, 03:07
Six hours later, scan is complete , Thanks again : )

2 parts again:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, October 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, October 22, 2010 11:48:40
Records in database: 4184579
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Objects scanned: 143824
Threats found: 40
Infected objects found: 676
Suspicious objects found: 2
Scan duration: 06:06:30


File name / Threat / Threats count
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\009C0000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\009C0001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00A00000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00A40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00B80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00B80001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00D00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00D40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00DC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00F00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\00FC0000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01040000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01080000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01100000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01200000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0000.VBN Infected: Trojan-Downloader.Java.OpenStream.y 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0001.VBN Infected: Trojan-Downloader.Java.OpenStream.y 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0002.VBN Suspicious: Exploit.VBS.Phel 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0003.VBN Suspicious: Exploit.VBS.Phel 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.t 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0005.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0006.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0007.VBN Infected: Trojan-Downloader.Win32.ConHook.n 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0008.VBN Infected: Trojan-Downloader.Win32.ConHook.n 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C0009.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\012C000A.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01340000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\013C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\016C0000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01740000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01780000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01800000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\018C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01940000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\019C0000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01B00000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01C80000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01E00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01E40000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01E80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01E80001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01EC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01EC0001.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01EC0002.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01F80000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01F80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01F80002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\01FC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02040000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02040001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02040002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02040003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02080000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02200000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02200001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02200002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\024C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02940000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02980000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02AC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02CC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02CC0001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02D00000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02EC0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\02F40000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\030C0000.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03100000.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03240000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\032C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\032C0001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03300000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03340000.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\036C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03840000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00003.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03E80000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03E80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03E80002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03F80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\040C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04780000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04780001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04A00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04C80000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05180000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05380000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05740000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05740001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05740002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05780000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05800000.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05840000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05A00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C00001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C40000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C40001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C40002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05C80001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05D80000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05E00000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06080000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06140000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06140001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06300000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\064C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\065C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06640000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06640001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06780000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06840000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06980000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06A40000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06A80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06B00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06F80000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06F80001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06F80002.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07200000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07280000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\075C0000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07600000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07680000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.fj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\076C0000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07700000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\078C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\078C0001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07940000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07980000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07B00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07B80000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07D80000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08080000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08140000.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08180000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08280000.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08280001.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08280002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08340000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\083C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08400000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08440000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08440001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08440002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08480000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\084C0000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\084C0001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08540000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08540001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08600000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08600001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08600002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08680000.VBN Infected: Trojan.Win32.Agent.ny 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08680001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08680002.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\086C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08700000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08740000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\087C0000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\087C0001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\087C0002.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\087C0003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08800000.VBN Infected: Trojan.Win32.Agent.ny 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08800001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08800002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08880000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08880001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08880002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\088C0000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08940000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08940001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08980000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\089C0000.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\089C0001.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\089C0002.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40000.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40002.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kp 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40004.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40005.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40006.VBN Infected: not-a-virus:AdWare.Win32.BHO.hg 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40007.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40008.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A40009.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A4000A.VBN Infected: Trojan.Win32.Delf.agq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80002.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80003.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80004.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80005.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80006.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80007.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80008.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A80009.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A8000A.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A8000B.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08A8000C.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08AC0000.VBN Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40002.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40003.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40004.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40005.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40006.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40007.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kp 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40008.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40009.VBN Infected: not-a-virus:AdWare.Win32.ZenoSearch.ac 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000A.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000B.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000C.VBN Infected: Trojan.Win32.Delf.agq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000D.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000E.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B4000F.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40010.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40011.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40012.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B80000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08BC0000.VBN Infected: Trojan-Downloader.Win32.ConHook.n 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C00000.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C00001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C40000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80002.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80003.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80004.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08C80005.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0001.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0002.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0004.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0005.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0006.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08CC0007.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D40000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D40001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D40002.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80001.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kp 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80003.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80004.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80005.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80006.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80007.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80008.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80009.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D8000A.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0001.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0002.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0003.VBN Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0005.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0006.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08DC0007.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E40000.VBN Infected: Trojan.Win32.BHO.bd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E40001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E40002.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E40003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08E40004.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08EC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08EC0001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08EC0002.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08F40000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08F40001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08F40002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08F80000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08F80001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08FC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08FC0001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08FC0002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09040000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\090C0000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09200000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\092C0000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\092C0001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09300000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09380000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\093C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\093C0001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09400000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09400001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09440000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\094C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\094C0001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09500000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540001.VBN Infected: not-a-virus:AdWare.Win32.BHO.v 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540003.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540004.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540005.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540006.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540007.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540008.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09540009.VBN Infected: Trojan-Clicker.Win32.Small.mw 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0954000A.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0001.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0002.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0003.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0004.VBN Infected: Trojan-Downloader.Win32.Zlob.oh 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\095C0005.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600001.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600004.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600005.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600006.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600007.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600008.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09600009.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640001.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640003.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640004.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640005.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09640006.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680002.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680004.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680005.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680006.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680007.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1

ndnboy
2010-10-23, 03:08
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680008.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09680009.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0968000A.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0968000B.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0968000C.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0000.VBN Infected: Trojan.Win32.BHO.o 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0001.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0002.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0003.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0004.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0005.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0006.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0007.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0008.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0009.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000A.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000B.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000C.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000D.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000E.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C000F.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0010.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0011.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0012.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0013.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0014.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0015.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0016.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\096C0017.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700001.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700002.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700003.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700005.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700006.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700007.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700008.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09700009.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000A.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000B.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000C.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000D.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000E.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0970000F.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740000.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740001.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740002.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740003.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740005.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740006.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740007.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740008.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740009.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000A.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000B.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000C.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000D.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000E.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0974000F.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740010.VBN Infected: Trojan.Win32.BHO.o 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740011.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740012.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09740013.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780002.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780003.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780004.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780005.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780006.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780007.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780008.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09780009.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0978000A.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0978000B.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09800000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09800001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09840000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ar 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09840001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09880000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\098C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09900000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09900001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09980001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09980002.VBN Infected: Trojan-Spy.Win32.VBStat.j 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A00001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A00002.VBN Infected: Trojan-Downloader.VBS.Agent.p 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A00003.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A00004.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A40000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A40001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A40002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A40003.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09A80001.VBN Infected: Trojan-Downloader.Win32.Zlob.oh 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09AC0000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09AC0001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09B00000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09B40000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09B80000.VBN Infected: Trojan-Downloader.VBS.Agent.p 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09B80001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09B80002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C00000.VBN Infected: Trojan-Downloader.Win32.Zlob.oh 2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C00001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C00002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C40001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C40002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C40003.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C40004.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C80000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09C80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09CC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09CC0001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09CC0002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00004.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00005.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00006.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D00007.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09D40002.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0000.VBN Infected: Trojan-Downloader.Win32.Zlob.oh 2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0003.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0004.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0005.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0006.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09DC0007.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09E00000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09E00001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09E40000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09E80000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09E80001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09F00000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09F00001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09F40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09F40001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09FC0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09FC0001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09FC0002.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09FC0003.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\09FC0004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A040000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A100000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A140000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A1C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A200000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A200001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A240000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A2C0000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A380000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A400000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A400001.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A400002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A4C0000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A540000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A540001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ir 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A540002.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A580000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A580001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A5C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.hb 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A600000.VBN Infected: not-a-virus:AdWare.Win32.BHO.hrd 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A640000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A680000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A680001.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A740000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A7C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A840000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A840001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A940000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A940001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A9C0000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AA00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AA40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AA40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ABC0000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AC40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AC40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AC40002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AC40003.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AC80000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ACC0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ACC0001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD40000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD80000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0AD80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B2C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B300000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B380000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B480000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B4C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B540000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B540001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B540002.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B5C0000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B5C0001.VBN Infected: not-a-virus:AdWare.Win32.BHO.xg 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B600000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B600001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B600002.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B600003.VBN Infected: not-a-virus:AdWare.Win32.BHO.xg 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B640000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B640001.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B6C0000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B700000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B740000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B840000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B840001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B880000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B880001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B880002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B940000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BA40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BA40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BAC0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB00000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80002.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80004.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BB80005.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BC00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BC00001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BEC0000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BEC0001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BEC0002.VBN Infected: Trojan-Downloader.WMA.GetCodec.e 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BEC0003.VBN Infected: Trojan-Downloader.WMA.GetCodec.a 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BF00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BF00001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BF80000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C080000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C080001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C200000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C4C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.fj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C540000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C540001.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C640000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C6C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C780000.VBN Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0C780001.VBN Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0CAC0000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0CD80000.VBN Infected: Trojan.Win32.BHO.g 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0D100000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0D2C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0D440000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0D440001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0D740000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DC80000.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DD00000.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E940000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E980000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0EA40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ED40000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ED80000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0ED80001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F400000.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F400001.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F400002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F440000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F440001.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F440002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F480000.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F480001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F4C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F500000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F500001.VBN Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F500002.VBN Infected: Trojan-Downloader.Win32.Zlob.oh 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F540000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F540001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F580000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0001.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0002.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0003.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0004.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0005.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F600000.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F600001.VBN Infected: Trojan.Win32.Agent.aoy 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F600002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F600003.VBN Infected: Trojan.Win32.Agent.anr 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F600004.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F680000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F840000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F880000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F8C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F900000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F940000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F940001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F980000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F980001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.zjk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F9C0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F9C0001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA40000.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA80000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA80001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FB00000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FB00001.VBN Infected: Trojan.Win32.BHO.hj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FB40000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FB40001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FB40002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FBC0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FD00000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FD00001.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kj 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FD00002.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FD00003.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FDC0000.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE00000.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.ki 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE00001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE00002.VBN Infected: Trojan.Win32.Agent.bck 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FF80000.VBN Infected: Trojan-Dropper.Win32.Agent.bmk 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FF80001.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0000.VBN Infected: Trojan-Downloader.Win32.Tiny.id 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0001.VBN Infected: Trojan-Downloader.Win32.Agent.gwe 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0002.VBN Infected: Trojan-Spy.Win32.VBStat.h 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0003.VBN Infected: Trojan-Spy.Win32.VBStat.h 1

Selected area has been scanned.

peku006
2010-10-23, 09:11
Hi ndnboy

Please empty your Norton AntiVirus Quarantine. If you don't know how, click here. (http://service1.symantec.com/SUPPORT/nav.nsf/docid/2000041213443506)

Security Check
Please download Security Check (http://screen317.spywareinfoforum.org/SecurityCheck.exe) ... by screen317. Save it to your desktop.
Alternate download site: Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
Double click the SecurityCheck.exe icon to begin.
Press the Space Bar when you see the "press any key to continue..." message.
A Notepad results file will open automatically called checkup.txt
Save "checkup.txt" to your desktop. (This output file is NOT automatically saved!)
Please copy/paste the entire contents of the checkup.txt file into your next reply.

How's the computer running now? Any problems?

Thanks peku006

ndnboy
2010-10-23, 17:05
peku006

Thanks again for all the help.

PC is running a bit better on start up, still slow at times and the redirects and pop ups continue : (

I have Norton, Corp Edition, not listed on link you sent, I was able to find 600+ quarantied files, selected for deletion but showed failed, "0" files deleted. All files look to have dates from 2007, dont believe that Norton has run as my anti virus for awhile, been using AVG. Will this have affected the report ran?

Ran security check, here is the report:

Results of screen317's Security Check version 0.99.5
Windows XP Service Pack 2
Out of date service pack!! (http://windows.microsoft.com/en-us/windows/help/learn-how-to-install-windows-xp-service-pack-3-sp3)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
AVG Free 9.0
Norton AntiVirus Corporate Edition
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
Adobe Flash Player 10.0.12.36
Adobe Reader 9.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
America Online 9.0 aoltray.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

ndnboy
2010-10-23, 17:15
BTW, just got a "mixture device unavailable" error when I trried to view a vid on FB, couldnt hear it. Anyway to address that now or wait till all is done with redirect issue?

Thanks

peku006
2010-10-24, 11:11
Hi ndnboy

1. Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and extract its contents into a folder in desired location (i.e. c:\tdsskiller).
2. Execute the file TDSSKiller.exe.
3. Click Start Scan. If threats are found, select cure and click Continue (tool may prompt for a reboot).
4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)

Thanks peku006

ndnboy
2010-10-24, 17:10
Here is the report from the TDSSKiller, can you also advise on the "audio hardware can not be found" error that ive encountered on windows movie maker and vids?

Thanks again:

2010/10/24 09:41:43.0640 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/24 09:41:43.0640 ================================================================================
2010/10/24 09:41:43.0640 SystemInfo:
2010/10/24 09:41:43.0640
2010/10/24 09:41:43.0640 OS Version: 5.1.2600 ServicePack: 2.0
2010/10/24 09:41:43.0640 Product type: Workstation
2010/10/24 09:41:43.0640 ComputerName: DGCWJG61
2010/10/24 09:41:43.0640 UserName: Juan
2010/10/24 09:41:43.0640 Windows directory: C:\WINDOWS
2010/10/24 09:41:43.0640 System windows directory: C:\WINDOWS
2010/10/24 09:41:43.0640 Processor architecture: Intel x86
2010/10/24 09:41:43.0640 Number of processors: 1
2010/10/24 09:41:43.0640 Page size: 0x1000
2010/10/24 09:41:43.0640 Boot type: Normal boot
2010/10/24 09:41:43.0640 ================================================================================
2010/10/24 09:41:47.0875 Initialize success
2010/10/24 09:41:54.0921 ================================================================================
2010/10/24 09:41:54.0921 Scan started
2010/10/24 09:41:54.0921 Mode: Manual;
2010/10/24 09:41:54.0921 ================================================================================
2010/10/24 09:41:57.0703 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
2010/10/24 09:41:58.0015 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/10/24 09:41:58.0375 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/24 09:41:58.0640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/24 09:41:58.0890 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/10/24 09:41:59.0187 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2010/10/24 09:41:59.0421 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2010/10/24 09:41:59.0515 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/10/24 09:41:59.0640 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/10/24 09:41:59.0734 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/10/24 09:41:59.0781 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/10/24 09:41:59.0937 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/10/24 09:42:00.0078 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/10/24 09:42:00.0281 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/10/24 09:42:00.0406 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/10/24 09:42:00.0500 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/10/24 09:42:00.0750 Angel (6dd646099aa6f1bf399cfa7f70557921) C:\WINDOWS\system32\DRIVERS\Angel.sys
2010/10/24 09:42:00.0906 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/10/24 09:42:01.0046 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/10/24 09:42:01.0093 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/10/24 09:42:01.0234 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/10/24 09:42:01.0609 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2010/10/24 09:42:02.0093 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/24 09:42:02.0203 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/24 09:42:02.0453 ati2mtag (f0d0b0cdec0be32d775f404cac2604bf) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/10/24 09:42:02.0671 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/24 09:42:02.0812 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/24 09:42:03.0046 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
2010/10/24 09:42:03.0484 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2010/10/24 09:42:03.0609 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2010/10/24 09:42:03.0656 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys
2010/10/24 09:42:03.0750 b57w2k (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2010/10/24 09:42:03.0828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/24 09:42:04.0156 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/10/24 09:42:04.0281 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/24 09:42:04.0406 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/10/24 09:42:04.0500 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/10/24 09:42:04.0609 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/24 09:42:04.0968 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/24 09:42:05.0250 Cdr4_xp (991ff38609ecb64e876f1301d30e6e0b) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2010/10/24 09:42:05.0671 Cdralw2k (edd1adc3152282442e1cde9e34aa8d2e) C:\WINDOWS\system32\drivers\Cdralw2k.sys
2010/10/24 09:42:06.0062 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
2010/10/24 09:42:06.0546 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/24 09:42:06.0968 CDRPDACC (f4dd5641576334e4eeabfe50b065e572) C:\Program Files\321Studios\Shared\CDRPDACC.SYS
2010/10/24 09:42:07.0796 cdudf_xp (ad486da4faa4448e6827b18e377f6acb) C:\WINDOWS\system32\drivers\cdudf_xp.sys
2010/10/24 09:42:08.0437 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/10/24 09:42:08.0515 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/10/24 09:42:08.0640 CVirtA (cb7d7c0e74adcb7da96d08ec8db86062) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
2010/10/24 09:42:09.0421 CVPNDRVA (091581087292b681725e6bc623ef2f82) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
2010/10/24 09:42:10.0453 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/10/24 09:42:10.0765 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/10/24 09:42:11.0218 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
2010/10/24 09:42:12.0062 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
2010/10/24 09:42:13.0109 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
2010/10/24 09:42:13.0890 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
2010/10/24 09:42:14.0437 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
2010/10/24 09:42:15.0109 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/24 09:42:16.0343 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/24 09:42:17.0125 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/24 09:42:17.0781 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/24 09:42:17.0984 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/24 09:42:18.0093 DNE (c86fbf607445bf693450d84b775f168c) C:\WINDOWS\system32\DRIVERS\dne2000.sys
2010/10/24 09:42:18.0750 Dot4 HPH09 (577dc4c5f7102ba9957f302942eb2da4) C:\WINDOWS\system32\DRIVERS\hphid409.sys
2010/10/24 09:42:19.0890 Dot4Print HPH09 (d559e03b3168bc00011dd2b6f443ac71) C:\WINDOWS\system32\DRIVERS\hphipr09.sys
2010/10/24 09:42:20.0546 Dot4Storage HPH09 (7e90e0199786c4bda3cf675b93544939) C:\WINDOWS\system32\Drivers\hphs2k09.sys
2010/10/24 09:42:21.0421 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/10/24 09:42:22.0296 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/24 09:42:23.0343 drvmcdb (e807f83e239c734173c14740787045f5) C:\WINDOWS\system32\drivers\drvmcdb.sys
2010/10/24 09:42:23.0890 drvnddm (1baa922d627a59a6542acfa6fd7dc40a) C:\WINDOWS\system32\drivers\drvnddm.sys
2010/10/24 09:42:24.0796 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/10/24 09:42:25.0562 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2010/10/24 09:42:26.0843 dvd_2K (5438d49873eac6de7d336d7be7dbf6db) C:\WINDOWS\system32\drivers\dvd_2K.sys
2010/10/24 09:42:27.0609 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/10/24 09:42:28.0328 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
2010/10/24 09:42:28.0484 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/24 09:42:28.0750 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/24 09:42:28.0843 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/24 09:42:29.0359 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/24 09:42:29.0406 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/10/24 09:42:29.0500 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/24 09:42:29.0593 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/24 09:42:29.0859 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/10/24 09:42:29.0906 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/24 09:42:29.0984 HidIr (cc6b00739ed83a64cd817dc93d26a667) C:\WINDOWS\system32\DRIVERS\hidir.sys
2010/10/24 09:42:30.0125 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/24 09:42:30.0281 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/10/24 09:42:30.0375 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/24 09:42:30.0625 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/10/24 09:42:30.0828 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/10/24 09:42:31.0187 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/24 09:42:31.0437 iaStor (f26bfd48b1c314e0f23bf77acfa75940) C:\WINDOWS\system32\drivers\iaStor.sys
2010/10/24 09:42:31.0828 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/24 09:42:32.0062 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/10/24 09:42:32.0203 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
2010/10/24 09:42:32.0359 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
2010/10/24 09:42:32.0437 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
2010/10/24 09:42:32.0515 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/10/24 09:42:32.0640 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/10/24 09:42:32.0703 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/10/24 09:42:32.0828 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/24 09:42:32.0953 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/24 09:42:33.0125 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/24 09:42:33.0453 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/24 09:42:33.0531 IrBus (7381237118fdc710e7ff698baa5a2e67) C:\WINDOWS\system32\DRIVERS\IrBus.sys
2010/10/24 09:42:33.0625 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/24 09:42:33.0687 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/24 09:42:33.0734 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/24 09:42:33.0843 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/10/24 09:42:33.0937 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/24 09:42:34.0078 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/24 09:42:34.0375 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2010/10/24 09:42:34.0484 mmc_2K (e9dc68bf135238485703ad9b045de0da) C:\WINDOWS\system32\drivers\mmc_2K.sys
2010/10/24 09:42:34.0718 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/24 09:42:34.0781 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/24 09:42:34.0859 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/10/24 09:42:34.0890 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
2010/10/24 09:42:34.0953 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/24 09:42:35.0015 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/24 09:42:35.0109 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/24 09:42:35.0171 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/10/24 09:42:35.0234 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/24 09:42:35.0359 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/24 09:42:35.0500 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
2010/10/24 09:42:35.0718 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/24 09:42:35.0796 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/24 09:42:35.0984 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/24 09:42:36.0031 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/24 09:42:36.0156 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/24 09:42:36.0203 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/10/24 09:42:36.0265 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/24 09:42:36.0312 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/10/24 09:42:36.0500 NAVAP (afeb3aa1ea8f11ac8a121a0e74bbc0f9) C:\Program Files\NavNT\NAVAP.sys
2010/10/24 09:42:36.0765 NAVAPEL (62919eea5b85c0a600ac528653c8086b) C:\Program Files\NavNT\NAVAPEL.SYS
2010/10/24 09:42:37.0328 NAVENG (7b87fe07b1b782efa931729fe3adb5ad) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090812.008\NAVENG.sys
2010/10/24 09:42:37.0578 NAVEX15 (b756abc1a20e951c89228970b7cad585) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090812.008\NAVEX15.sys
2010/10/24 09:42:37.0734 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/24 09:42:37.0843 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/10/24 09:42:37.0906 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/24 09:42:37.0937 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/24 09:42:38.0015 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/24 09:42:38.0078 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/24 09:42:38.0140 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/24 09:42:38.0187 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/24 09:42:38.0265 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/10/24 09:42:38.0390 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/24 09:42:38.0578 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/24 09:42:38.0953 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/24 09:42:39.0531 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/10/24 09:42:40.0312 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/24 09:42:40.0437 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/24 09:42:40.0562 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/10/24 09:42:40.0656 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
2010/10/24 09:42:40.0765 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/24 09:42:41.0140 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/24 09:42:42.0046 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/24 09:42:42.0390 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/24 09:42:43.0250 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/24 09:42:43.0937 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/24 09:42:44.0703 Pcouffin (62c72e912a04aa927d9eaf9a0b157aaf) C:\WINDOWS\system32\Drivers\Pcouffin.sys
2010/10/24 09:42:45.0328 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/10/24 09:42:45.0375 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/10/24 09:42:45.0500 pfc (da86016f0672ada925f589ede715f185) C:\WINDOWS\system32\drivers\pfc.sys
2010/10/24 09:42:45.0703 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/24 09:42:45.0812 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/24 09:42:45.0937 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/24 09:42:46.0187 pwd_2k (d7da4da78005727f78cc9eb11972c712) C:\WINDOWS\system32\drivers\pwd_2k.sys
2010/10/24 09:42:46.0421 PxHelp20 (db3b30c3a4cdcf07e164c14584d9d0f2) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/10/24 09:42:46.0453 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/10/24 09:42:46.0531 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/10/24 09:42:46.0593 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/10/24 09:42:46.0765 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/10/24 09:42:46.0859 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/10/24 09:42:47.0203 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/24 09:42:48.0062 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/24 09:42:48.0515 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/24 09:42:49.0218 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/24 09:42:49.0765 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/24 09:42:49.0984 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/24 09:42:50.0093 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/10/24 09:42:50.0421 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/24 09:42:50.0937 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/24 09:42:51.0218 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/24 09:42:51.0328 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
2010/10/24 09:42:51.0625 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/24 09:42:51.0859 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/24 09:42:51.0968 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/24 09:42:52.0093 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/10/24 09:42:52.0171 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/10/24 09:42:52.0296 smwdm (479533bacc58b1edf916855bcd139556) C:\WINDOWS\system32\drivers\smwdm.sys
2010/10/24 09:42:52.0375 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
2010/10/24 09:42:52.0875 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/10/24 09:42:53.0140 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/10/24 09:42:53.0218 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/24 09:42:53.0265 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/24 09:42:53.0390 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/24 09:42:53.0781 sscdbhk5 (3d1ce2231937376e3f5e1ac644357d8f) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2010/10/24 09:42:53.0843 ssrtln (4e85dc934d3430427420c0e568727529) C:\WINDOWS\system32\drivers\ssrtln.sys
2010/10/24 09:42:53.0953 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/10/24 09:42:54.0031 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/24 09:42:54.0062 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/24 09:42:54.0140 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/10/24 09:42:54.0187 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/10/24 09:42:54.0312 SymEvent (a3e7deab1ec157750ed8041d0eaddb3c) C:\Program Files\Symantec\SYMEVENT.SYS
2010/10/24 09:42:54.0625 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/10/24 09:42:54.0703 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/10/24 09:42:54.0781 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/24 09:42:54.0859 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/24 09:42:55.0062 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/24 09:42:55.0109 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/24 09:42:55.0203 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/24 09:42:55.0421 tfsnboio (001a671ee7bcfb424fcc2aae4c0c853f) C:\WINDOWS\system32\dla\tfsnboio.sys
2010/10/24 09:42:55.0609 tfsncofs (d7631678d85d2ae8820a14551a747a64) C:\WINDOWS\system32\dla\tfsncofs.sys
2010/10/24 09:42:55.0671 tfsndrct (8af02bae5438adfcbe34088e624289fc) C:\WINDOWS\system32\dla\tfsndrct.sys
2010/10/24 09:42:55.0718 tfsndres (65786cc08eb5cb599009ba442738eecb) C:\WINDOWS\system32\dla\tfsndres.sys
2010/10/24 09:42:55.0796 tfsnifs (d6036a8994b5a8bc9a2d60d32b963283) C:\WINDOWS\system32\dla\tfsnifs.sys
2010/10/24 09:42:55.0890 tfsnopio (43f14396a859efb949f5d48590095cd4) C:\WINDOWS\system32\dla\tfsnopio.sys
2010/10/24 09:42:55.0953 tfsnpool (aa159467b8b5d023284d34dfe49a2b7a) C:\WINDOWS\system32\dla\tfsnpool.sys
2010/10/24 09:42:56.0031 tfsnudf (de13f5b63c37308171e8b6df0ee0793f) C:\WINDOWS\system32\dla\tfsnudf.sys
2010/10/24 09:42:56.0109 tfsnudfa (eb9df39d87308903aa321315db52522b) C:\WINDOWS\system32\dla\tfsnudfa.sys
2010/10/24 09:42:56.0265 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/10/24 09:42:56.0312 UdfReadr_xp (ab1bb4e728d26552996662fc3a25a994) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
2010/10/24 09:42:56.0875 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/24 09:42:56.0921 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/10/24 09:42:57.0015 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/24 09:42:57.0187 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/10/24 09:42:57.0296 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/10/24 09:42:57.0390 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/24 09:42:57.0468 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/24 09:42:57.0593 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/24 09:42:58.0156 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/10/24 09:42:58.0718 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/24 09:42:59.0140 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/10/24 09:42:59.0515 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2010/10/24 09:43:00.0046 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/10/24 09:43:00.0265 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/10/24 09:43:00.0625 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/24 09:43:00.0968 vsdatant (d658e49302c382b88c8e9a08e20b2e82) C:\WINDOWS\system32\vsdatant.sys
2010/10/24 09:43:01.0406 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/24 09:43:01.0546 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2010/10/24 09:43:02.0000 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/24 09:43:02.0203 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
2010/10/24 09:43:02.0281 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/10/24 09:43:02.0437 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/10/24 09:43:02.0437 ================================================================================
2010/10/24 09:43:02.0437 Scan finished
2010/10/24 09:43:02.0437 ================================================================================
2010/10/24 09:43:02.0468 Detected object count: 1
2010/10/24 09:43:43.0265 \HardDisk0\MBR - will be cured after reboot
2010/10/24 09:43:43.0265 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure
2010/10/24 09:52:54.0015 Deinitialize success

peku006
2010-10-24, 17:30
Hi ndnboy

Look in Control Panel, System, Hardware Tab, Device Manager, Sound
Video & Game Controllers. Are their any yellow bangs showing up with
exclamation points? If you look at the properties for the sound device,
does it show that the device is working properly, or the driver is not
loaded?
If the driver isn't loaded, see your computer manufacturers website for
the proper driver for your computer model. Download & install/update
driver.

Please run ComboFix again

Please reply with ComboFix log(C:\ComboFix.txt)

Thanks peku006

ndnboy
2010-10-24, 23:17
Audio seems to be working now. System is running good, did some browsing and no redirects/pops up....yet....

Here is the latest combofix report: (2 parts)

ComboFix 10-10-23.02 - Juan 10/24/2010 12:21:45.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.208 [GMT -4:00]
Running from: c:\documents and settings\Juan\Desktop\ReDirect virus fix 10-18-10\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2010-09-24 to 2010-10-24 )))))))))))))))))))))))))))))))
.

2010-10-23 16:01 . 2010-10-23 16:02 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2010-10-22 03:29 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-22 03:29 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-18 02:15 . 2010-10-18 02:15 -------- d-----w- c:\program files\ERUNT
2010-10-17 02:40 . 2010-10-17 02:40 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-17 01:34 . 2010-10-17 01:34 -------- d-----w- c:\program files\Trend Micro
2010-10-16 21:22 . 2010-10-17 02:41 -------- d-----w- c:\program files\STOPzilla!
2010-10-16 21:22 . 2010-10-16 21:22 -------- d-----w- c:\program files\Common Files\iS3
2010-10-16 21:22 . 2010-10-17 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!
2010-10-16 12:52 . 2010-10-16 12:52 -------- d-----w- c:\documents and settings\Juan\Application Data\Malwarebytes
2010-10-16 12:51 . 2010-10-16 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-16 12:51 . 2010-10-22 03:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 20:05 . 2010-10-17 02:39 -------- d-----w- c:\program files\Free Window Registry Repair
2010-10-15 19:53 . 2010-10-17 02:39 -------- d-----w- c:\program files\1-Click PC Fix v4
2010-10-15 19:44 . 2010-10-15 19:44 -------- d-----w- c:\documents and settings\Juan\Application Data\Registry Mechanic
2010-10-14 02:51 . 2010-10-14 02:51 -------- d-----w- c:\documents and settings\Juan\IECompatCache
2010-10-13 16:53 . 2010-10-13 16:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\ASYNCMAC.SYS

[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\KBDCLASS.SYS

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[-] 2004-08-10 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\NDIS.SYS

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\SYSTEM32\DLLCACHE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\SYSTEM32\DRIVERS\ntfs.sys
[-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys

[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\NULL.SYS

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DRIVERS\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\browser.dll
[-] 2004-08-10 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\BROWSER.DLL

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[-] 2004-08-10 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\LSASS.EXE

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\SYSTEM32\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-10 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SYSTEM32\QMGR.DLL
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . C8061F289E000703E7672916B7FE1571 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-10 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\services.exe
[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\SYSTEM32\DLLCACHE\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\services.exe
[-] 2004-08-10 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\SYSTEM32\spoolsv.exe
[-] 2004-08-10 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[-] 2004-08-10 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WINLOGON.EXE
[-] 2004-08-10 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\winlogon.exe

[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\SYSTEM32\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\SYSTEM32\DLLCACHE\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-10 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-10 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.DLL
[-] 2004-08-10 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[-] 2004-08-10 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\CRYPTSVC.DLL

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\SYSTEM32\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\SYSTEM32\DLLCACHE\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-10 11:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\imm32.dll
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\IMM32.DLL
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\SYSTEM32\kernel32.dll
[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-10 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\SYSTEM32\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\SYSTEM32\DLLCACHE\linkinfo.dll
[-] 2004-08-10 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lpk.dll
[-] 2004-08-10 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\LPK.DLL

[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SYSTEM32\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-09-25 . 431D4C38E47AE0CAC1A52A185395A5F5 . 3070976 . . [6.00.2900.3627] . . c:\windows\ie8\mshtml.dll
[-] 2009-09-25 . 601E18A9A8F0D0ED39692B593212378F . 3070976 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\mshtml.dll
[-] 2009-09-25 . 37F578776552FA076EA6085F0365209C . 3072512 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\mshtml.dll
[-] 2009-07-18 . 7467941BE64DFC5F8E9F3DC1DE920806 . 3069440 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3GDR\mshtml.dll
[-] 2009-07-18 . 9A878C4D12BE5598B598B27BFEA1B3C2 . 3069440 . . [6.00.2900.3603] . . c:\windows\$NtUninstallKB974455$\mshtml.dll
[-] 2009-07-18 . F3EE47F296295D08A97CB50EF57244D9 . 3069952 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-04-29 . ABD8093E43E53AEA5898D2214B92E9BA . 3068928 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\mshtml.dll
[-] 2009-04-29 . 7BB862F4CBB8361551C34674291BA5EC . 3068928 . . [6.00.2900.3562] . . c:\windows\$NtUninstallKB972260$\mshtml.dll
[-] 2009-04-29 . 06CF679E3D24C3DF270556456A0F1EDA . 3069440 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-02-20 . 03D98EB3F7BBD1FA14C650597F1989BC . 3067904 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\mshtml.dll
[-] 2009-02-20 . 2F70F2F74C40397D031016FA162981C2 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\mshtml.dll
[-] 2009-02-20 . 1618A4A2C5DD8164B8295190C8EA6544 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll
[-] 2008-12-12 . 6D1D493622EA050DBAABD0C4C1DFADB5 . 3067392 . . [6.00.2900.3492] . . c:\windows\$NtUninstallKB963027$\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-12-12 . C828AA1C5469E72251F3D367005E589F . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-10-16 . C99D8B48FC245D98E1A2BAB6594458C9 . 3067392 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB960714$\mshtml.dll
[-] 2008-10-16 . B846C2DE341CF32B42AD297437233742 . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
[-] 2008-08-20 . 20D44D1A5A406CD8E129D3D4F0B5717C . 3067392 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215$\mshtml.dll
[-] 2008-08-20 . 507BDA42F7DB8209C0F0B3556A043491 . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
[-] 2008-08-20 . BD45470B132A0F98596277323D9F2E5A . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
[-] 2008-06-25 . 04EEC0FF4DD3C7041628973CA6832C33 . 3067904 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
[-] 2008-06-23 . 1FC693A4EE1D9D9CD78DDA6C87232F6F . 3067392 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390$\mshtml.dll
[-] 2008-06-23 . F433136C23D13B120412B300D1324A7E . 3067392 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
[-] 2008-04-21 . 083B967E6B0B2BB539CE6B08D45D631F . 3066880 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\mshtml.dll
[-] 2008-04-21 . FE406DE0651C9E8201DCB0460609D739 . 3066880 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll
[-] 2008-04-21 . 46A61BA430110F00DD990D058AA3D054 . 3067392 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mshtml.dll
[-] 2008-02-16 . 701A6798DDF875CAA3A5099EE75FD57F . 3066880 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759$\mshtml.dll
[-] 2007-12-07 . 8A4DD074DEC1B0C063C8493ABF654CBC . 3066368 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\mshtml.dll
[-] 2007-10-30 . 79314A0A6B0DA78AFE491FF2D8B117BA . 3065856 . . [6.00.2900.3243] . . c:\windows\$NtUninstallKB944533$\mshtml.dll
[-] 2007-08-22 . 885E3BF99EA4B2213901EBC35B34CF12 . 3064832 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\mshtml.dll
[-] 2007-06-15 . 53F3FD772C010622346C39284C4A863B . 3064320 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB939653$\mshtml.dll
[-] 2007-05-04 . 00ADCB32832A10ED9419493BCEA97526 . 3064320 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143$\mshtml.dll
[-] 2007-02-20 . 2991727809C7AC3A33E4178CC73244D8 . 3063296 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB918899$\mshtml.dll
[-] 2006-05-19 . 284CE76B71DD5260B42A3CCF0135AF67 . 3052544 . . [6.00.2900.2912] . . c:\windows\$NtUninstallKB918899_0$\mshtml.dll
[-] 2006-05-19 . 8687E029BE63C77D4919485068C54D77 . 3055104 . . [6.00.2900.2912] . . c:\windows\$hf_mig$\KB916281\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB916281$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-10-05 . 3394299FBF1CD0B24089FC762611360B . 3017728 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-10-04 . 042AC20E084D21DD6BEE99B89CC30FB7 . 3015168 . . [6.00.2900.2769] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-07-20 . A14A7A206AE22DE4FE563E44CFC7DDF5 . 3016192 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-07-20 . 31E7520E58E5E4DFA93215A6D5603AF2 . 3014144 . . [6.00.2900.2722] . . c:\windows\$NtUninstallKB896688$\mshtml.dll
[-] 2005-05-02 . DCC5C79B99F02EEF8C826B074DBFC222 . 3014144 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-05-02 . DCFAC5470EE0A159EC4222BC28AE3EE6 . 3012608 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\mshtml.dll
[-] 2005-03-10 . 84A1B9B0C362051E68BB131F14C6DAAD . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\mshtml.dll
[-] 2005-03-10 . 255C2CE965543ABDC3E0A25A5DA1874A . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
[-] 2005-01-27 . FAE3CA9B2459581C45B3A8845BE3077C . 3006976 . . [6.00.2900.2604] . . c:\windows\$NtUninstallKB890923$\mshtml.dll
[-] 2005-01-27 . 91C5ADE25BC4E3322577854FA2E7B58B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll
[-] 2004-09-29 . D94E6405E420373161467ACD3DA65640 . 3004928 . . [6.00.2900.2523] . . c:\windows\$NtUninstallKB867282$\mshtml.dll
[-] 2004-09-29 . 087FF7C54E7EBE4A59BD4DFC1D0EE9B8 . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
[-] 2004-08-10 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msvcrt.dll
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SYSTEM32\MSVCRT.DLL
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\msvcrt.dll
[-] 2004-08-10 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\MSVCRT.DLL
[-] 2004-08-10 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\MSVCRT.DLL

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mswsock.dll
[-] 2004-08-10 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[-] 2004-08-10 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\NETLOGON.DLL

[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\Driver Cache\I386\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
[-] 2010-02-16 . A63052FA8FB8685382E10EE83C326864 . 2137088 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe
[-] 2009-12-08 . 339EC6940BEBF9775CB65E29E0CD9782 . 2136064 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-08 . 128D88B3176E70B2E3088ECEB842B673 . 2185984 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntoskrnl.exe
[-] 2009-08-05 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 11CDD81560E766101F0032EB05872C1B . 2136064 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8DF112C341425F29DB4566B8D2A96A7F . 2185984 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 16B5EBE97F243441264A8F8694C2F2AA . 2136064 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . DD31AB4B91C2605601A3C108AF57A0C9 . 2136064 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . CE69DBD54221F2D40E49FF6DB77C6507 . 2185984 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 1220FAF071DEA8653EE21DE7DCDA8BFD . 2136064 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2006-12-19 . CEF243F6DEFD20BE4ADDE26C7ECACB54 . 2182016 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 . 8318ED54797F3E513FD5817A1D4BBD18 . 2136064 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 48B3E89AF7074CEE0314A3E0C7FAFFDB . 2135552 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2004-08-04 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\powrprof.dll
[-] 2004-08-10 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\SYSTEM32\POWRPROF.DLL

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[-] 2004-08-10 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SCECLI.DLL

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfc.dll
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SFC.DLL
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SVCHOST.EXE
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\SYSTEM32\tapisrv.dll
[-] 2004-08-10 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\SYSTEM32\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\SYSTEM32\DLLCACHE\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-10 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[-] 2004-08-10 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\USERINIT.EXE

[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SYSTEM32\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SYSTEM32\DLLCACHE\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-09-25 . AE710BE3F4A9F9B0948C3183D49717A0 . 668672 . . [6.00.2900.3627] . . c:\windows\ie8\wininet.dll
[-] 2009-09-25 . 178CF0F58C9907633AAB633860B68973 . 667136 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\wininet.dll
[-] 2009-09-25 . 406D33F9B30FFC0EEFC7C55562839931 . 668672 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\wininet.dll
[-] 2009-06-26 . 70FFEA4793D7139A447B169CB0E500BC . 666624 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3GDR\wininet.dll
[-] 2009-06-26 . 8553E6D4EC1563277323E6B2D6FBB954 . 668160 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-06-26 . CF0B7B2738BEF0EB87673393CB7EA06E . 668160 . . [6.00.2900.3592] . . c:\windows\$NtUninstallKB974455$\wininet.dll
[-] 2009-04-29 . 6002073519FA478BF89977369CDFD156 . 666624 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[-] 2009-04-29 . 9E36A148748C5DE4EA1F47B9B625F412 . 668160 . . [6.00.2900.3562] . . c:\windows\$NtUninstallKB972260$\wininet.dll
[-] 2009-04-29 . 04BCB4F87B35502568F6CF33433543A5 . 668160 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-02-20 . 1EA0E6DD74199209D60991FD46CE8643 . 668160 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\wininet.dll
[-] 2009-02-20 . 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E . 666112 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll
[-] 2009-02-20 . 711FEABED387B29FF7ED61BC6806A06C . 667648 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[-] 2008-10-16 . 93C9D0A216498EE14EB9B26119BB95EE . 667648 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB963027$\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-10-16 . 1576318BF08D28CC61D1278114AD8D5B . 666112 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[-] 2008-08-20 . C91E3A6EF094202F6B5CA8960DFCF243 . 667648 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215$\wininet.dll
[-] 2008-08-20 . 9AF5F25124FBDC36E2B510729CBA2674 . 666112 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
[-] 2008-08-20 . 94418F53D2612C26DBADC04DAFBC197C . 666624 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
[-] 2008-06-23 . 611ACE3F4201E9610AF8452F7C268995 . 667136 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390$\wininet.dll
[-] 2008-06-23 . F12FBB673DE9CC802C5DC518FE99AA2F . 666112 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
[-] 2008-06-23 . 972299B7241EC325D8C7E5638C884925 . 666624 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
[-] 2008-04-21 . 2E7DE1BF9418B071799EB53DE8CC22F5 . 666624 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838$\wininet.dll
[-] 2008-04-21 . 2B0C24AA747A93A28987B6D65A4A74BC . 666112 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
[-] 2008-04-21 . 26F240C250E5B4B395CB4B178BA75437 . 666624 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wininet.dll
[-] 2008-02-16 . BB1EACD6AB47E78EBCA02EB781550D55 . 666112 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2007-12-07 . 085A7C37F9C6EDE1BA870B7DBEC06399 . 666112 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\wininet.dll
[-] 2007-10-11 . 80D660A49E0D118144423099B2A9F5DA . 666112 . . [6.00.2900.3231] . . c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2007-08-22 . A1BC17EB3758D73C3938B2318820F5B4 . 665600 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-06-26 . E1A3DD68B5380B360A7310A64D9BB188 . 665600 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB939653$\wininet.dll
[-] 2007-04-18 . 4261BA03AFD659DE04F0A17DFBDD454D . 665600 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143$\wininet.dll
[-] 2007-02-20 . B258C922D22DEEC880B60720531D7627 . 665600 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB918899$\wininet.dll
[-] 2006-05-10 . D94CFFDB53E7AC867438E2DFD50E7CBC . 663552 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll
[-] 2006-05-10 . 38AB7A56F566D9AAAD31812494944824 . 658432 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899_0$\wininet.dll
[-] 2006-04-13 . 877A4A08374D00B950B9AA2F5712D612 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . 97A6FD7CAFD688CF2C78939EBAF0CD0C . 660480 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-09-02 . AF61EBB1F550175EFF406D545D6AB086 . 658432 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-07-03 . 5B5FF992C0FA762CCF8655FC290E6E52 . 658432 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll
[-] 2005-07-03 . 6E533D155B259EB2363D3E04B5BE309F . 659456 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . E1E18136F9DD3DF1AD9C82193A5898A6 . 658944 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-05-02 . 1A078AF3F85D10BA56444C23B3A18E74 . 657920 . . [6.00.2900.2668] . . c:\windows\$NtUninstallKB896727$\wininet.dll
[-] 2005-03-10 . 6F018D6319BE4F96426EA829B79E05D5 . 656896 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB883939$\wininet.dll
[-] 2005-03-10 . C8663B488996E89A84C3D17C1D12B79E . 657920 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2005-01-27 . B5E043E440B210014E021B24CF0A72E3 . 656896 . . [6.00.2900.2577] . . c:\windows\$NtUninstallKB890923$\wininet.dll
[-] 2005-01-27 . A8EAC5330876548E9966A7D13025D196 . 657920 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2004-09-29 . CBA65B573C66FE23F647FF96E3A10994 . 656896 . . [6.00.2900.2518] . . c:\windows\$NtUninstallKB867282$\wininet.dll
[-] 2004-09-29 . 2C07195588D69A067C2AFDAA31759295 . 656896 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
[-] 2004-08-10 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\wininet.dll

ndnboy
2010-10-24, 23:18
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WS2_32.DLL
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2help.dll
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WS2HELP.DLL
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\SYSTEM32\DLLCACHE\explorer.exe
[-] 2004-08-10 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\SYSTEM32\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\SYSTEM32\DLLCACHE\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-10 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\srsvc.dll
[-] 2004-08-10 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SRSVC.DLL

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\wscntfy.exe
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\WSCNTFY.EXE
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\xmlprov.dll
[-] 2004-08-10 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\XMLPROV.DLL

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[-] 2004-08-10 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\EVENTLOG.DLL

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sfcfiles.dll
[-] 2004-08-10 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SFCFILES.DLL

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ctfmon.exe
[-] 2004-08-10 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\CTFMON.EXE

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\SYSTEM32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\SYSTEM32\DLLCACHE\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-10 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\regsvc.dll
[-] 2004-08-10 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\REGSVC.DLL

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\schedsvc.dll
[-] 2004-08-10 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SCHEDSVC.DLL

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ssdpsrv.dll
[-] 2004-08-10 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\SSDPSRV.DLL

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\termsrv.dll
[-] 2004-08-10 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\TERMSRV.DLL
[-] 2004-08-10 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\termsrv.dll

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\appmgmts.dll
[-] 2004-08-10 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\APPMGMTS.DLL

[-] 2004-08-10 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\I386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SYSTEM32\DLLCACHE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SYSTEM32\DRIVERS\aec.sys
[-] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\AGP440.SYS

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DRIVERS\IP6FW.SYS

[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\SYSTEM32\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\SYSTEM32\DLLCACHE\mfc40u.dll
[-] 2004-08-10 11:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\msgsvc.dll
[-] 2004-08-10 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\MSGSVC.DLL

[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\SYSTEM32\MsPMSNSv.dll
[-] 2005-01-28 17:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
[-] 2004-08-10 11:00 . 6EAA72FD9EF993EC1FA9A06DE65105DA . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\Driver Cache\I386\ntkrnlpa.exe
[-] 2010-02-16 . 26A901A1840E9E46FFFC6D09B9618CDF . 2016768 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe
[-] 2009-12-08 . 5B542B9C2D8D613CE7D24563926F3411 . 2015744 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-08 . BC123D9238A0C9BB3D853E407EE77254 . 2063104 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . E832C72D32FA117CB0D033C5EA95B58F . 2015744 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 97E912E94CCED4064F5DEEE5C25A9278 . 2062976 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-06 . B238AB60093BABFE76AEC8F34B4D399D . 2015744 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-08-14 . DC097A896A03B8277457D228FD12D4E6 . 2015744 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . 63EC865DFF6CCFC7BEF94B5C50297CAD . 2062976 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . A58AC1C6199EF34228ABEE7FC057AE09 . 2015744 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2006-12-19 . BA4B97C00A437C1CC3DA365D93EE1E9D . 2059392 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2006-12-19 . BBB2322EB14AD9AD55B1024FFD4D88BF . 2015744 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 3CD941E472DDF3534E53038535719771 . 2015232 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2004-08-04 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ntmssvc.dll
[-] 2004-08-10 11:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\SYSTEM32\NTMSSVC.DLL

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\SYSTEM32\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\SYSTEM32\DLLCACHE\upnphost.dll
[-] 2004-08-10 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\dsound.dll
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SYSTEM32\DSOUND.DLL
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\d3d9.dll
[-] 2004-08-10 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\D3D9.DLL

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ddraw.dll
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\DDRAW.DLL
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\olepro32.dll
[-] 2004-08-10 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\OLEPRO32.DLL
[-] 2004-08-10 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\perfctrs.dll
[-] 2004-08-10 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\PERFCTRS.DLL

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\version.dll
[-] 2004-08-10 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\VERSION.DLL
[-] 2004-08-10 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\DLLCACHE\version.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmileboxTray"="c:\documents and settings\Juan\Application Data\Smilebox\SmileboxTray.exe" [2008-01-09 201352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MMTray"="c:\program files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe" [2006-01-19 110592]
"vptray"="c:\program files\NavNT\vptray.exe" [2002-08-03 73728]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-06-30 1388544]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-02-27 69632]
"RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-02-27 757760]
"RoxioAudioCentral"="c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe" [2003-02-26 253952]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-01-04 26112]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~2\mimboot.exe" [2006-01-19 11776]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-14 50688]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-02-07 114741]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-05 2067808]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]

c:\documents and settings\Juan\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
HOTLLAMA Update Check.lnk - c:\program files\HOTLLAMA MEDIA\Player\WiseUpdt.exe [2005-1-25 162834]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-1-4 156784]
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [2007-6-21 1445904]
Kodak EasyShare software.lnk - c:\program files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [2005-11-4 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 12:52 12536 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\KODAK\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\program files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe"= c:\program files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services
"c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe"= c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1038:TCP"= 1038:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [5/8/2008 10:52 AM 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [5/8/2008 10:52 AM 243024]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/10/2004 7:00 AM 14336]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/16/2010 8:52 AM 308136]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [9/3/2009 3:44 PM 444224]
R3 Angel;Angel MPEG Device;c:\windows\SYSTEM32\DRIVERS\Angel.sys [1/1/1980 2:00 AM 337536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-10-23 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]

2005-01-10 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-10 11:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://www.samsphotoclub.com/login/index.asp
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: plaxo.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: Photobucket Publisher - hxxp://s154.photobucket.com/csve/ie_plugin.php
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {DC11F230-5717-4C25-BAD7-37B879C19655} - hxxp://mdpatriotstangs.myphotoalbum.com/ImageUploader4.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-24 12:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1944777543-2185336954-2013689522-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1136)
c:\windows\system32\NavLogon.dll

- - - - - - - > 'explorer.exe'(4832)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2010-10-24 12:44:50
ComboFix-quarantined-files.txt 2010-10-24 16:44

Pre-Run: 70,924,374,016 bytes free
Post-Run: 71,245,299,712 bytes free

- - End Of File - - 30CE59356F9074AE30FB1810F267BA91

peku006
2010-10-25, 10:28
Hi ndnboy

we're almost at the finish :2thumb:

Update Java Runtime
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 21.
Download the latest version of Java Runtime Environment (JRE) 6 Here (http://java.sun.com/javase/downloads/index.jsp)
Scroll down to where it says "JDK 6 Update 22 (JDK or JRE)"
Click the orange Download JRE button to the right
Select the Windows platform from the dropdown menu
Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
Click on the link to download Windows Offline Installation & save the file to your desktop
Close any programs you may have running - especially your web browser
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions
Reboot your computer once all Java components are removed
Then from your desktop double-click on jre-6u21-windows-i586-p.exe to install the newest version After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) On the General tab, under Temporary Internet Files, click the Settings button
Next, click on the Delete Files button
There are two options in the window to clear the cache - Leave BOTH CheckedApplications and Applets
Trace and Log Files Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE
Click OK to leave the Temporary Files Window
Click OK to leave the Java Control Panel

Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.3
You can download it from http://www.adobe.com/products/acrobat/readstep2.html (http://www.adobe.com/products/acrobat/readstep2.html)
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from Foxit Software (http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/3.x/3.1/enu/FoxitReader31_enu_Setup.exe)
Note: Do not install anything dealing with AskBar... presented as an installation option.

ndnboy
2010-10-25, 15:21
peku006

Thanks so much for your help in correctly my PC.

Of course I have numerous ????'s left:
-do I delete/remove all the logs and programs we downloaded?
-do I keep malware bytes and run weekly with my avg, cccleaner etc?
-when prompted "updates ready for your computer" in the future, run?
-is Jasc paintshop / alm part of java? I didnt uninstall because it didnt have a jre or j2se or java(tm) name but looked like it may be part of java?

Unrelated ?, do you know of a program to recover photos off a card while loaded in camera? My canon isnt id'd by the recovery program i have, trying to find something that will allowrecovery off camera while connected to pc? not sure if that falls in your arena but figured i woul ask : )


Thanks again, please let me know what all i have to do to finish things off...

peku006
2010-10-26, 18:54
Hi ndnboy

do I delete/remove all the logs and programs we downloaded?
we will do it now.....

do I keep malware bytes and run weekly with my avg, cccleaner etc?
yes, it is a good idea

when prompted "updates ready for your computer" in the future, run?
yes

is Jasc paintshop / alm part of java? I didnt uninstall because it didnt have a jre or j2se or java(tm) name but looked like it may be part of java?
no

do you know of a program to recover photos off a card while loaded in camera?
How to recover deleted, corrupted, or formatted pictures for free (http://www.online-tech-tips.com/computer-tips/how-to-recover-deleted-corrupted-or-formatted-pictures-for-free/)

Your log now appears to be clean. Congratulations! :yahoo:

To remove all of the tools we used and the files and folders they created do the following:

Delete Rootkit Unhooker, Security Check and TDSSKiller from your desktop.

Download OTC (http://oldtimer.geekstogo.com/OTC.exe) by Old Timer and save it to your Desktop.

Double-click OTC.exe
Click the CleanUp! button
Select Yes when the Begin cleanup Process? Prompt appears
If you are prompted to Reboot during the cleanup, select Yes
The tool will delete itself once it finishes, if not delete it by yourself

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep ......Malwarebytes' Anti-Malware Scanning Guide (http://www.lognrock.com/forum/index.php?showtopic=6913).

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Reboot.
Turn ON System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
This will remove all restore points except the new one you just created.

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Here are some things that I think are worth having a look at if you don't already know a bout them:.

Spybot Search and Destroy
Download it from here (http://www.safer-networking.org/en/mirrors/index.html). Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here (http://www.bleepingcomputer.com/tutorials/tutorial43.html)

SpyWare Blaster
Download it from here (http://www.javacoolsoftware.com/spywareblaster.html)
Find here the tutorial on how to use Spyware Blaster here (http://www.bleepingcomputer.com/tutorials/tutorial49.html)

WinPatrol
Download it from here (http://www.winpatrol.com/download.html)
Here you can find information about how WinPatrol works here (http://www.winpatrol.com/features.html)

FireTrust SiteHound
You can find information and download it from here (http://www.firetrust.com/en/products/sitehound)

MVPS Hosts File from here (http://mvps.org/winhelp2002/hosts.htm)
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Please check out Tony Klein's article "How did I get infected in the first place?" (http://forums.spybot.info/showthread.php?t=279)

Read some information here (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) how to prevent Malware.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy safe surfing! :bigthumb:

peku006

ndnboy
2010-10-27, 16:56
peku006

Thanks so much for all your help.

I have deleted the items from my desktop and ran OTC. I still have a bunch of logs/reports and icons for Combofix,, erunt, jre.6u22 (Java), atregopy and mbam setup, in a folder on my desktop, can I just delete all those or need to remove them?

MBAM, I plann on keeping this program, beleive you suggested it was a good one for malware. Do I continue to run my normal AVG, CCcleaner, Spybot and Adaware? And just add MBAM to the mix, or should i add/delete any programs to my weekly checks? Dont want to over or under do....

I did the disable and enable system restore.

I ran OSI from the secunia site, found updates need for itunes, quicktime, MSN mess, adobe flashplayer(s). I ran itunes update, now my itouch isnt being id'd by the found new hardware : (
I dont use MSN for email, do I need to update? update adobe??

I currently use spybot, about the other links you suggested, do i need to download/run these as well or current setup good.

again thanks for the help and sorry for all the added ???'s.

Looking forwad to trying the camera restore prog, hope to get some pics/vids back off my mem card.

peku006
2010-10-27, 17:18
Hi ndnboy

can I just delete all those or need to remove them
you can delete them all

Do I continue to run my normal AVG, CCcleaner, Spybot and Adaware? And just add MBAM to the mix, or should i add/delete any programs to my weekly checks? Dont want to over or under do....
it is "good idea" to add MBAM your "weekly checks" (it is not necessary to remove other programs)

about the other links you suggested, do i need to download/run these as well or current setup good.
not need, you have enough security programs..........it is just my recommendation

Read this :
how to prevent Malware (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html)

ndnboy
2010-10-27, 18:28
Thanks again, I will look into downloading spyblaster/MVP and other tips of the article. Alot of it is def beyond my understanding but I will try anything to help prevnt future issues.

I will attempt to reinstall itunes to see if that helps with my connection issue.

Again, thanks for all your help.

peku006
2010-10-29, 12:05
As this issue appears to be resolved, this topic is now closed

We are pleased to have been some help in getting you clean.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read :
Your donation helps improving Spybot-S&D! (http://www.safer-networking.org/en/donate/index.html)