Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijackthis log, obviously

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Rogue » October 14th, 2007, 11:48 am

Hi Shekb,

I just noticed I messed up on the script so I need you to remove a couple files :oops:
We'll also see what was going on 60 days ago.

Download SDFix and save it to your Desktop.
http://downloads.andymanchesta.com/Remo ... /SDFix.exe

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Open the extracted SDFix folder and double click RunThis.bat to start the script.

You will see several choices. (1,2,3,A,B,U,E)
We just want a log.

Type A & hit enter.
It will take a few minutes to complete the scan. Wait till the log pops up.

Post the C:\SystemReport.txt
*=========================*

Using Windows Explore by right-clicking the Start button and left clicking Explore navigate to and find the following files: if found, delete the following:
c:\windows\System32\msethnet.dll
c:\windows\System32\NtmsSvcs.dll

*=========================*

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah
Advertisement
Register to Remove

Unread postby Shekb » October 14th, 2007, 12:52 pm

It's alright :lol:
Here is SDFix log


System Report
*************

Run on Sun 10/14/2007 at 12:50 PM

Microsoft Windows XP [Version 5.1.2600]

Current user is an administrator

Running Processes:

\SystemRoot\System32\smss.exe [624]
\??\C:\WINDOWS\system32\csrss.exe [680]
\??\C:\WINDOWS\system32\winlogon.exe [704]
C:\WINDOWS\system32\services.exe [748]
C:\WINDOWS\system32\lsass.exe [760]
C:\WINDOWS\system32\svchost.exe [912]
C:\WINDOWS\system32\svchost.exe [1016]
C:\Program Files\Windows Defender\MsMpEng.exe [1116]
C:\WINDOWS\System32\svchost.exe [1172]
C:\WINDOWS\System32\svchost.exe [1268]
C:\WINDOWS\System32\svchost.exe [1408]
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [1500]
C:\WINDOWS\Explorer.EXE [1712]
C:\WINDOWS\system32\spoolsv.exe [1792]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [240]
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [260]
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [344]
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [380]
C:\Program Files\Tilt Wheel Mouse\MULTI-DIRECTION OPTICAL MOUSE\1.3\Mouse32B.exe [520]
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [532]
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe [544]
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [604]
C:\WINDOWS\system32\atiptaxx.exe [612]
C:\Program Files\QuickTime\QTTask.exe [684]
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [948]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [944]
C:\Program Files\Windows Defender\MSASCui.exe [1108]
C:\Documents and Settings\Sr\My Documents\S-C\Visual Boy\PSX\IsoBuster\Alcohol 120\StarWind\StarWindServiceAE.exe [1192]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [1204]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [1248]
C:\WINDOWS\System32\svchost.exe [876]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [1444]
C:\WINDOWS\system32\ctfmon.exe [1396]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [1596]
C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2672]
C:\WINDOWS\System32\alg.exe [2224]
C:\WINDOWS\System32\svchost.exe [2992]
C:\Program Files\Windows Live\Messenger\usnsvc.exe [3696]
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE [404]


Files Created/Modified - 60 Days :


C:\

Sep 17 2007 6:44:34p 264 A.SH. "C:\boot.ini"
Oct 14 2007 7:29:30a 8,433 A.... "C:\ComboFix.txt"
Oct 13 2007 12:11:18p 8,011 A.... "C:\ComboFix2.txt"
Oct 14 2007 12:41:04p 268,013,568 A.SH. "C:\hiberfil.sys"
Oct 14 2007 12:41:02p 402,653,184 A.SH. "C:\pagefile.sys"
Oct 13 2007 12:20:04p 236,534 A.... "C:\qoobox.zip"


C:\WINDOWS\

Oct 14 2007 12:43:08p 0 A.... "C:\WINDOWS\0.log"
Oct 14 2007 12:41:10p 2,048 A.S.. "C:\WINDOWS\bootstat.dat"
Sep 28 2007 9:06:10a 135,168 A.... "C:\WINDOWS\catchme.exe"
Oct 10 2007 7:27:26a 339,979 A.... "C:\WINDOWS\comsetup.log"
Sep 5 2007 5:52:46p 238,849 A.... "C:\WINDOWS\DirectX.log"
Oct 7 2007 7:36:14p 75,452 A.... "C:\WINDOWS\DPINST.LOG"
Oct 10 2007 7:27:26a 984,647 A.... "C:\WINDOWS\FaxSetup.log"
Oct 10 2007 5:10:50p 585,791 A.... "C:\WINDOWS\gmer.dll"
Oct 10 2007 5:10:52p 250 A.... "C:\WINDOWS\gmer.ini"
Oct 10 2007 5:10:50p 80 A.... "C:\WINDOWS\gmer_uninstall.cmd"
Oct 10 2007 7:27:26a 1,123,458 A.... "C:\WINDOWS\iis6.log"
Oct 10 2007 7:24:48a 1,393 A.... "C:\WINDOWS\imsins.BAK"
Oct 10 2007 7:27:26a 1,393 A.... "C:\WINDOWS\imsins.log"
Sep 3 2007 10:38:34p 8,290 A.... "C:\WINDOWS\KB915800.log"
Sep 3 2007 10:36:36p 16,247 A.... "C:\WINDOWS\KB915865.log"
Sep 3 2007 10:45:58p 64,911 A.... "C:\WINDOWS\KB917013.log"
Sep 13 2007 5:35:02p 66,838 A.... "C:\WINDOWS\KB917013Uninst.log"
Aug 15 2007 8:20:04a 17,924 A.... "C:\WINDOWS\KB921503.log"
Aug 29 2007 8:06:26a 21,444 A.... "C:\WINDOWS\KB933360.log"
Oct 10 2007 7:27:26a 12,655 A.... "C:\WINDOWS\KB933729.log"
Aug 15 2007 8:20:26a 18,946 A.... "C:\WINDOWS\KB936021.log"
Aug 15 2007 8:12:52a 7,698 A.... "C:\WINDOWS\KB936782.log"
Aug 15 2007 8:16:16a 22,534 A.... "C:\WINDOWS\KB937143-IE7.log"
Aug 15 2007 8:15:18a 11,809 A.... "C:\WINDOWS\KB938127-IE7.log"
Aug 15 2007 8:20:14a 18,455 A.... "C:\WINDOWS\KB938828.log"
Aug 15 2007 8:18:50a 17,716 A.... "C:\WINDOWS\KB938829.log"
Aug 29 2007 4:58:10p 7,713 A.... "C:\WINDOWS\KB939683.log"
Oct 10 2007 7:24:48a 22,514 A.... "C:\WINDOWS\KB939653-IE7.log"
Oct 10 2007 7:23:48a 11,146 A.... "C:\WINDOWS\KB941202.log"
Oct 10 2007 7:27:26a 70,525 A.... "C:\WINDOWS\medctroc.Log"
Oct 10 2007 7:27:26a 51,088 A.... "C:\WINDOWS\msgsocm.log"
Oct 10 2007 7:27:24a 313,718 A.... "C:\WINDOWS\msmqinst.log"
Aug 15 2007 8:13:46a 291,028 A.... "C:\WINDOWS\msxml4-KB936181-enu.LOG"
Aug 15 2007 8:18:30a 512,220 A.... "C:\WINDOWS\msxml6-KB933579-enu-x86.LOG"
Oct 10 2007 7:27:26a 174,832 A.... "C:\WINDOWS\netfxocm.log"
Aug 24 2007 9:19:10a 264,974 A.... "C:\WINDOWS\ntbtlog.txt"
Oct 10 2007 7:27:26a 208,158 A.... "C:\WINDOWS\ntdtcsetup.log"
Oct 10 2007 7:27:26a 505,688 A.... "C:\WINDOWS\ocgen.log"
Oct 10 2007 7:27:26a 55,636 A.... "C:\WINDOWS\ocmsn.log"
Oct 9 2007 10:32:42p 1,409 A.... "C:\WINDOWS\QTFont.for"
Oct 9 2007 10:32:42p 54,156 A..H. "C:\WINDOWS\QTFont.qfn"
Oct 14 2007 11:22:28a 32,648 A.... "C:\WINDOWS\SchedLgU.Txt"
Oct 13 2007 8:34:30p 172,228 A.... "C:\WINDOWS\setupact.log"
Oct 14 2007 7:33:18a 685,763 A.... "C:\WINDOWS\setupapi.log"
Aug 15 2007 8:27:44a 89,604 A.... "C:\WINDOWS\spupdsvc.log"
Sep 17 2007 6:44:34p 254 A.... "C:\WINDOWS\system.ini"
Oct 10 2007 7:27:26a 48,916 A.... "C:\WINDOWS\tabletoc.log"
Oct 10 2007 7:27:26a 472,888 A.... "C:\WINDOWS\tsoc.log"
Oct 10 2007 7:27:20a 88,048 A.... "C:\WINDOWS\updspapi.log"
Oct 14 2007 12:42:26p 159 A.... "C:\WINDOWS\wiadebug.log"
Oct 14 2007 12:42:26p 50 A.... "C:\WINDOWS\wiaservc.log"
Sep 17 2007 6:44:34p 929 A.... "C:\WINDOWS\win.ini"
Oct 14 2007 12:42:42p 1,412,953 A.... "C:\WINDOWS\WindowsUpdate.log"
Aug 15 2007 3:04:48p 578,560 A.... "C:\WINDOWS\WLXPGSS.SCR"
Oct 12 2007 7:59:42a 152,550 A.... "C:\WINDOWS\wmsetup.log"


C:\WINDOWS\system\



C:\WINDOWS\system32\



C:\WINDOWS\system32\drivers\

Sep 21 2007 4:54:54p 821,728 A.... "C:\WINDOWS\system32\drivers\avg7core.sys"
Aug 21 2007 6:21:10p 4,224 A.... "C:\WINDOWS\system32\drivers\avg7rsw.sys"
Aug 21 2007 6:21:10p 27,776 A.... "C:\WINDOWS\system32\drivers\avg7rsxp.sys"
Aug 21 2007 6:21:22p 3,968 A.... "C:\WINDOWS\system32\drivers\avgclean.sys"
Aug 21 2007 6:21:22p 19,904 A.... "C:\WINDOWS\system32\drivers\avgmfx86.sys"
Aug 21 2007 6:21:22p 4,960 A.... "C:\WINDOWS\system32\drivers\avgtdi.sys"
Aug 23 2007 10:04:24a 8,320 A.... "C:\WINDOWS\system32\drivers\AWRTRD.sys"
Oct 10 2007 5:10:50p 70,001 A.... "C:\WINDOWS\system32\drivers\gmer.sys"
Aug 23 2007 10:04:26a 9,344 A.... "C:\WINDOWS\system32\drivers\NSDriver.sys"
Aug 20 2007 11:13:44p 685,816 A.... "C:\WINDOWS\system32\drivers\sptd.sys"


C:\WINDOWS\system32\dllcache\

Aug 20 2007 6:04:34a 124,928 ..... "C:\WINDOWS\system32\dllcache\advpack.dll"
Aug 20 2007 6:04:34a 214,528 A.... "C:\WINDOWS\system32\dllcache\dxtrans.dll"
Aug 20 2007 6:04:34a 132,608 A.... "C:\WINDOWS\system32\dllcache\extmgr.dll"
Aug 20 2007 6:04:34a 63,488 ..... "C:\WINDOWS\system32\dllcache\icardie.dll"
Aug 17 2007 6:20:54a 63,488 ..... "C:\WINDOWS\system32\dllcache\ie4uinit.exe"
Aug 20 2007 6:04:34a 153,088 ..... "C:\WINDOWS\system32\dllcache\ieakeng.dll"
Aug 20 2007 6:04:36a 230,400 ..... "C:\WINDOWS\system32\dllcache\ieaksie.dll"
Aug 17 2007 3:34:26a 161,792 A.... "C:\WINDOWS\system32\dllcache\ieakui.dll"
Aug 20 2007 6:04:36a 383,488 ..... "C:\WINDOWS\system32\dllcache\ieapfltr.dll"
Aug 20 2007 6:04:36a 384,512 ..... "C:\WINDOWS\system32\dllcache\iedkcs32.dll"
Aug 20 2007 6:04:38a 6,058,496 ..... "C:\WINDOWS\system32\dllcache\ieframe.dll"
Aug 20 2007 6:04:38a 44,544 ..... "C:\WINDOWS\system32\dllcache\iernonce.dll"
Aug 20 2007 6:04:38a 267,776 ..... "C:\WINDOWS\system32\dllcache\iertutil.dll"
Aug 17 2007 6:20:54a 13,824 ..... "C:\WINDOWS\system32\dllcache\ieudinit.exe"
Aug 17 2007 6:21:22a 625,152 ..... "C:\WINDOWS\system32\dllcache\iexplore.exe"
Aug 21 2007 2:15:44a 683,520 ..... "C:\WINDOWS\system32\dllcache\inetcomm.dll"
Aug 20 2007 6:04:38a 1,824,768 ..... "C:\WINDOWS\system32\dllcache\inetcpl.cpl"
Aug 20 2007 6:04:40a 27,648 A.... "C:\WINDOWS\system32\dllcache\jsproxy.dll"
Aug 20 2007 6:04:40a 459,264 ..... "C:\WINDOWS\system32\dllcache\msfeeds.dll"
Aug 20 2007 6:04:40a 52,224 ..... "C:\WINDOWS\system32\dllcache\msfeedsbs.dll"
Aug 20 2007 6:04:42a 3,584,512 A.... "C:\WINDOWS\system32\dllcache\mshtml.dll"
Aug 20 2007 6:04:42a 477,696 A.... "C:\WINDOWS\system32\dllcache\mshtmled.dll"
Aug 20 2007 6:04:42a 193,024 A.... "C:\WINDOWS\system32\dllcache\msrating.dll"
Aug 20 2007 6:04:42a 671,232 A.... "C:\WINDOWS\system32\dllcache\mstime.dll"
Aug 20 2007 6:04:42a 102,400 ..... "C:\WINDOWS\system32\dllcache\occache.dll"
Aug 20 2007 6:04:42a 105,984 ..... "C:\WINDOWS\system32\dllcache\url.dll"
Aug 20 2007 6:04:42a 1,152,000 A.... "C:\WINDOWS\system32\dllcache\urlmon.dll"
Aug 20 2007 6:04:42a 232,960 ..... "C:\WINDOWS\system32\dllcache\webcheck.dll"
Aug 20 2007 6:04:44a 824,832 A.... "C:\WINDOWS\system32\dllcache\wininet.dll"


C:\Program Files\

Oct 6 2007 7:38:24p 275 A.... "C:\Program Files\Incomplete\downloads.dat"
Aug 17 2007 6:21:22a 625,152 A.... "C:\Program Files\Internet Explorer\iexplore.exe"
Sep 25 2007 9:41:38p 2,174,456 A.... "C:\Program Files\Microsoft Silverlight\agcore.dll"
Sep 25 2007 9:41:38p 463,352 A.... "C:\Program Files\Microsoft Silverlight\npctrl.dll"
Sep 25 2007 9:41:38p 463,352 A.... "C:\Program Files\Microsoft Silverlight\npctrl.1.0.20926.0.dll"
Sep 25 2007 9:41:38p 91,640 A.... "C:\Program Files\Microsoft Silverlight\slup.exe"
Sep 18 2007 10:46:08p 13,688 A.... "C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll"
Sep 18 2007 10:46:14p 7,644,520 A.... "C:\Program Files\Mozilla Firefox\firefox.exe"
Sep 18 2007 10:46:14p 200,829 A.... "C:\Program Files\Mozilla Firefox\freebl3.dll"
Sep 18 2007 10:46:14p 456,032 A.... "C:\Program Files\Mozilla Firefox\js3250.dll"
Sep 18 2007 10:46:14p 161,128 A.... "C:\Program Files\Mozilla Firefox\nspr4.dll"
Sep 18 2007 10:46:14p 378,208 A.... "C:\Program Files\Mozilla Firefox\nss3.dll"
Sep 18 2007 10:46:14p 271,720 A.... "C:\Program Files\Mozilla Firefox\nssckbi.dll"
Sep 18 2007 10:46:14p 34,160 A.... "C:\Program Files\Mozilla Firefox\plc4.dll"
Sep 18 2007 10:46:14p 30,056 A.... "C:\Program Files\Mozilla Firefox\plds4.dll"
Sep 18 2007 10:46:14p 111,968 A.... "C:\Program Files\Mozilla Firefox\smime3.dll"
Sep 18 2007 10:46:14p 254,060 A.... "C:\Program Files\Mozilla Firefox\softokn3.dll"
Sep 18 2007 10:46:14p 132,448 A.... "C:\Program Files\Mozilla Firefox\ssl3.dll"
Sep 18 2007 10:46:14p 129,920 A.... "C:\Program Files\Mozilla Firefox\updater.exe"
Sep 18 2007 10:46:14p 13,152 A.... "C:\Program Files\Mozilla Firefox\xpcom.dll"
Sep 18 2007 10:46:14p 73,584 A.... "C:\Program Files\Mozilla Firefox\xpcom_compat.dll"
Sep 18 2007 10:46:14p 421,736 A.... "C:\Program Files\Mozilla Firefox\xpcom_core.dll"
Sep 18 2007 10:46:14p 73,072 A.... "C:\Program Files\Mozilla Firefox\xpicleanup.exe"
Sep 18 2007 10:46:14p 12,136 A.... "C:\Program Files\Mozilla Firefox\xpistub.dll"
Sep 30 2007 10:10:04p 56 A.... "C:\Program Files\RegCleaner\DefaultColors.dat"
Sep 30 2007 10:10:04p 121 A.... "C:\Program Files\RegCleaner\DefaultColumns.dat"
Sep 30 2007 10:10:04p 98 A.... "C:\Program Files\RegCleaner\DefaultOptions.dat"
Sep 30 2007 10:13:52p 34 A.... "C:\Program Files\RegCleaner\Disclaimed.dat"
Sep 30 2007 10:10:04p 900 A.... "C:\Program Files\RegCleaner\ignorelist.dat"
Sep 30 2007 10:20:32p 3,868 A.... "C:\Program Files\RegCleaner\old.dat"
Sep 30 2007 10:20:24p 138 A.... "C:\Program Files\RegCleaner\Options.dat"
Sep 30 2007 10:10:04p 773,632 A.... "C:\Program Files\RegCleaner\RegCleanr.exe"
Sep 30 2007 10:10:04p 53,834 A.... "C:\Program Files\RegCleaner\Uninstall.exe"
Aug 22 2007 11:51:58p 2,161 A.... "C:\Program Files\Spybot - Search & Destroy\Default configuration.ini"
Aug 22 2007 11:52:02p 17,061 A.... "C:\Program Files\Spybot - Search & Destroy\unins000.dat"
Aug 22 2007 11:50:38p 649,378 A.... "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Sep 28 2007 10:28:18p 50,504 A.... "C:\Program Files\Dobermann\Halo Zero\Uninstal.exe"
Aug 14 2007 2:07:34p 124,912 A.... "C:\Program Files\Google\Google Updater\GoogleUpdater.exe"
Aug 21 2007 6:20:36p 49,664 A.... "C:\Program Files\Grisoft\AVG7\avg6cmpt.dll"
Aug 21 2007 6:20:50p 374,784 A.... "C:\Program Files\Grisoft\AVG7\avgabout.dll"
Aug 21 2007 6:20:50p 278,016 A.... "C:\Program Files\Grisoft\AVG7\avgamint.dll"
Aug 21 2007 6:20:50p 10,752 A.... "C:\Program Files\Grisoft\AVG7\avgamsps.dll"
Aug 21 2007 6:20:50p 353,280 A.... "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"
Sep 13 2007 4:46:10p 421,888 A.... "C:\Program Files\Grisoft\AVG7\avgcc.exe"
Aug 21 2007 6:20:52p 526,336 A.... "C:\Program Files\Grisoft\AVG7\avgcckrn.dll"
Aug 21 2007 6:20:52p 507,904 A.... "C:\Program Files\Grisoft\AVG7\avgcfg.dll"
Sep 21 2007 4:55:12p 615,936 A.... "C:\Program Files\Grisoft\AVG7\avgcore.dll"
Aug 21 2007 6:20:52p 831,488 A.... "C:\Program Files\Grisoft\AVG7\avgctrl.dll"
Aug 21 2007 6:20:52p 353,280 A.... "C:\Program Files\Grisoft\AVG7\avgemc.exe"
Aug 21 2007 6:20:52p 10,752 A.... "C:\Program Files\Grisoft\AVG7\avgemcps.dll"
Aug 21 2007 6:20:54p 363,520 A.... "C:\Program Files\Grisoft\AVG7\avgemsui.dll"
Aug 21 2007 6:20:54p 138,752 A.... "C:\Program Files\Grisoft\AVG7\avgeud32.dll"
Aug 21 2007 6:20:56p 48,128 A.... "C:\Program Files\Grisoft\AVG7\avgf.dll"
Aug 21 2007 6:20:52p 19,968 A.... "C:\Program Files\Grisoft\AVG7\avghlog.dll"
Aug 21 2007 6:20:54p 121,344 A.... "C:\Program Files\Grisoft\AVG7\avginet.dll"
Sep 13 2007 4:46:12p 438,272 A.... "C:\Program Files\Grisoft\AVG7\avginet.exe"
Aug 21 2007 6:20:54p 61,440 A.... "C:\Program Files\Grisoft\AVG7\avgklib.dll"
Aug 21 2007 6:20:54p 58,368 A.... "C:\Program Files\Grisoft\AVG7\avglng.dll"
Aug 21 2007 6:20:52p 104,960 A.... "C:\Program Files\Grisoft\AVG7\avglog.dll"
Aug 21 2007 6:20:56p 144,384 A.... "C:\Program Files\Grisoft\AVG7\avgmail.dll"
Aug 21 2007 6:20:56p 15,360 A.... "C:\Program Files\Grisoft\AVG7\avgmvfl.dll"
Aug 21 2007 6:20:56p 54,784 A.... "C:\Program Files\Grisoft\AVG7\avgoff2k.dll"
Aug 21 2007 6:20:56p 69,632 A.... "C:\Program Files\Grisoft\AVG7\avgrep.dll"
Aug 21 2007 6:20:56p 1,076,224 A.... "C:\Program Files\Grisoft\AVG7\avgres.dll"
Aug 21 2007 6:20:50p 192,512 A.... "C:\Program Files\Grisoft\AVG7\avgrssvc.exe"
Aug 21 2007 6:20:50p 343,552 A.... "C:\Program Files\Grisoft\AVG7\avgscan.dll"
Aug 21 2007 6:20:56p 61,952 A.... "C:\Program Files\Grisoft\AVG7\avgscan.exe"
Aug 21 2007 6:20:56p 50,688 A.... "C:\Program Files\Grisoft\AVG7\avgse.dll"
Aug 21 2007 6:20:56p 402,432 A.... "C:\Program Files\Grisoft\AVG7\avgset.dll"
Aug 21 2007 6:20:56p 486,912 A.... "C:\Program Files\Grisoft\AVG7\avgtest.dll"
Aug 21 2007 6:20:56p 138,748 A.... "C:\Program Files\Grisoft\AVG7\avgtitle.dat"
Aug 21 2007 6:20:56p 408,576 A.... "C:\Program Files\Grisoft\AVG7\avgtmgr.dll"
Aug 21 2007 6:20:56p 244,224 A.... "C:\Program Files\Grisoft\AVG7\avgtres.dll"
Aug 21 2007 6:20:56p 191,488 A.... "C:\Program Files\Grisoft\AVG7\avgunarc.dll"
Sep 13 2007 4:44:14p 658,432 A.... "C:\Program Files\Grisoft\AVG7\avgupd.dll"
Aug 21 2007 6:20:56p 66,048 A.... "C:\Program Files\Grisoft\AVG7\avgupdln.exe"
Aug 21 2007 6:20:58p 10,240 A.... "C:\Program Files\Grisoft\AVG7\avgupsvc.dll"
Aug 21 2007 6:20:58p 49,664 A.... "C:\Program Files\Grisoft\AVG7\avgupsvc.exe"
Aug 21 2007 6:20:56p 82,944 A.... "C:\Program Files\Grisoft\AVG7\avgvault.dll"
Aug 21 2007 6:20:56p 334,848 A.... "C:\Program Files\Grisoft\AVG7\avgvv.exe"
Aug 21 2007 6:20:56p 145,920 A.... "C:\Program Files\Grisoft\AVG7\avgw.exe"
Sep 13 2007 4:46:14p 273,920 A.... "C:\Program Files\Grisoft\AVG7\avgwb.dat"
Aug 21 2007 6:21:00p 1,038,848 A.... "C:\Program Files\Grisoft\AVG7\dbghelp.dll"
Aug 21 2007 6:20:58p 48,997 A.... "C:\Program Files\Grisoft\AVG7\dfncfg.dat"
Aug 21 2007 6:20:58p 48,955 A.... "C:\Program Files\Grisoft\AVG7\dfncfgfr.dat"
Aug 21 2007 6:20:52p 46,080 A.... "C:\Program Files\Grisoft\AVG7\libsasl.dll"
Aug 21 2007 6:21:00p 1,060,864 A.... "C:\Program Files\Grisoft\AVG7\mfc71.dll"
Aug 21 2007 6:20:52p 10,240 A.... "C:\Program Files\Grisoft\AVG7\saslcrammd5.dll"
Aug 21 2007 6:20:52p 27,648 A.... "C:\Program Files\Grisoft\AVG7\sasldigestmd5.dll"
Aug 21 2007 6:20:52p 9,216 A.... "C:\Program Files\Grisoft\AVG7\sasllogin.dll"
Aug 21 2007 6:20:52p 9,216 A.... "C:\Program Files\Grisoft\AVG7\saslplain.dll"
Sep 13 2007 4:46:14p 676,083 A.... "C:\Program Files\Grisoft\AVG7\setup.dat"
Aug 21 2007 6:21:02p 1,334,272 A.... "C:\Program Files\Grisoft\AVG7\setup.exe"
Aug 21 2007 6:20:58p 8,464 A.... "C:\Program Files\Grisoft\AVG7\sporder.dll"
Sep 30 2007 10:48:50p 74,580 A.... "C:\Program Files\Grisoft\AVG Anti-Rootkit Free\Uninstall.exe"
Sep 14 2007 7:23:44a 18,557 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\heuristic.dat"
Aug 21 2007 6:21:24p 31 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\lang.ini"
Aug 21 2007 6:21:46p 475,893 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll"
Sep 28 2007 8:47:48p 574,808 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"
Sep 3 2007 10:36:46a 87,392 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe"
Sep 28 2007 8:47:56p 2,327,888 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe"
Sep 28 2007 8:48:04p 2,250,104 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe"
Sep 28 2007 8:47:50p 726,376 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll"
Aug 29 2007 5:44:58p 1,815,912 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\LSUpdateManager.exe"
Aug 29 2007 5:44:42p 525,664 A.... "C:\Program Files\Lavasoft\Ad-Aware 2007\update.dll"
Sep 17 2007 12:38:06p 10,745,184 A...R "C:\Program Files\Microsoft Office\Office10\WINWORD.EXE"
Sep 18 2007 10:46:08p 66,408 A.... "C:\Program Files\Mozilla Firefox\components\jar50.dll"
Sep 18 2007 10:46:08p 54,112 A.... "C:\Program Files\Mozilla Firefox\components\jsd3250.dll"
Sep 18 2007 10:46:08p 34,688 A.... "C:\Program Files\Mozilla Firefox\components\myspell.dll"
Sep 18 2007 10:46:08p 46,456 A.... "C:\Program Files\Mozilla Firefox\components\spellchk.dll"
Sep 18 2007 10:46:08p 171,880 A.... "C:\Program Files\Mozilla Firefox\components\xpinstal.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll"
Sep 18 2007 10:46:14p 22,400 A.... "C:\Program Files\Mozilla Firefox\plugins\npnul32.dll"
Sep 16 2007 5:18:10p 144,720 A.... "C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll"
Sep 16 2007 5:18:50p 24,576 A.... "C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll"
Sep 16 2007 5:17:50p 81,920 A.... "C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll"
Sep 18 2007 10:46:14p 431,144 A.... "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Sep 26 2007 2:17:54p 790,224 A.... "C:\Program Files\M‚t‚oM‚dia\M‚t‚oIM‚dia\MMTWNLiveUpdate.exe"
Oct 4 2007 6:39:30p 57,238 A.... "C:\Program Files\M‚t‚oM‚dia\M‚t‚oIM‚dia\WeatherEye.dat"
Sep 26 2007 2:14:24p 4,484,816 A.... "C:\Program Files\M‚t‚oM‚dia\M‚t‚oIM‚dia\WeatherEye.exe"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin5.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin6.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin7.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin2.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin3.dll"
Oct 9 2007 10:34:26p 131,072 A.... "C:\Program Files\QuickTime\Plugins\npqtplugin4.dll"
Sep 16 2007 5:17:46p 1,030 A.... "C:\Program Files\Real\RealPlayer\autoplaylist.dat"
Sep 16 2007 5:17:48p 331,776 A.... "C:\Program Files\Real\RealPlayer\cddbrealcontrol.dll"
Sep 16 2007 5:18:26p 719,360 A.... "C:\Program Files\Real\RealPlayer\dbghelp.dll"
Sep 16 2007 5:19:18p 339,968 A.... "C:\Program Files\Real\RealPlayer\dtdr3260.dll"
Sep 16 2007 5:19:02p 139,264 A.... "C:\Program Files\Real\RealPlayer\dunzip32.dll"
Sep 16 2007 5:18:46p 20,480 A.... "C:\Program Files\Real\RealPlayer\fixrjb.exe"
Sep 16 2007 5:18:50p 49,152 A.... "C:\Program Files\Real\RealPlayer\ierjplug.dll"
Sep 16 2007 5:18:10p 480 A.... "C:\Program Files\Real\RealPlayer\keys.dat"
Sep 16 2007 5:18:44p 49,152 A.... "C:\Program Files\Real\RealPlayer\mmcdda32.dll"
Sep 16 2007 5:17:48p 57,344 A.... "C:\Program Files\Real\RealPlayer\rdsf3260.dll"
Sep 16 2007 5:17:32p 20,480 A.... "C:\Program Files\Real\RealPlayer\realjbox.exe"
Sep 16 2007 5:17:16p 214,296 A.... "C:\Program Files\Real\RealPlayer\realplay.exe"
Sep 16 2007 5:18:54p 667,648 A.... "C:\Program Files\Real\RealPlayer\rjbres.dll"
Sep 16 2007 5:18:56p 335,872 A.... "C:\Program Files\Real\RealPlayer\rjdlg.dll"
Sep 16 2007 5:18:56p 32,768 A.... "C:\Program Files\Real\RealPlayer\rjprog.dll"
Sep 16 2007 5:18:24p 61,440 A.... "C:\Program Files\Real\RealPlayer\rjwmapln.dll"
Sep 16 2007 5:18:18p 45,056 A.... "C:\Program Files\Real\RealPlayer\rpau3260.dll"
Sep 16 2007 5:17:32p 20,480 A.... "C:\Program Files\Real\RealPlayer\rphelperapp.exe"
Sep 16 2007 5:17:48p 86,016 A.... "C:\Program Files\Real\RealPlayer\rpplugprot.dll"
Sep 16 2007 5:17:46p 54,584 A.... "C:\Program Files\Real\RealPlayer\rpshell.dll"
Sep 16 2007 5:18:28p 54,600 A.... "C:\Program Files\Real\RealPlayer\rpshellsearch.dll"
Sep 16 2007 5:18:34p 32,768 A.... "C:\Program Files\Real\RealPlayer\rpwa3260.dll"
Sep 16 2007 5:17:44p 50 A.... "C:\Program Files\Real\RealPlayer\strs23.dat"
Sep 16 2007 5:17:44p 13 A.... "C:\Program Files\Real\RealPlayer\strs26.dat"
Sep 16 2007 5:18:46p 32,768 A.... "C:\Program Files\Real\RealPlayer\tnetdtct.dll"
Sep 16 2007 5:18:44p 57,344 A.... "C:\Program Files\Real\RealPlayer\tpasdk.dll"
Sep 16 2007 5:18:44p 102,400 A.... "C:\Program Files\Real\RealPlayer\tsasdk.dll"
Sep 16 2007 5:19:34p 28,672 A.... "C:\Program Files\Real\RealPlayer\wmdmhelper.dll"
Sep 30 2007 10:20:12p 81 A.... "C:\Program Files\RegCleaner\Backups\9.30.2007.10.20.11....174.dat"
Sep 30 2007 10:20:12p 137 A.... "C:\Program Files\RegCleaner\Backups\9.30.2007.10.20.11....174.reg"
Oct 10 2007 7:33:22a 238,018 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\desc.english.zip"
Oct 12 2007 7:33:24a 7,829 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\downloaded.ini"
Sep 26 2007 5:56:04p 471,585 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\help.english.zip"
Sep 5 2007 6:39:56p 94,942 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.pups.zip"
Oct 4 2007 9:02:28a 279,957 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.trojans.zip"
Oct 10 2007 7:33:18a 151,420 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.spybots.zip"
Oct 10 2007 7:33:20a 725,201 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.zip"
Aug 29 2007 5:02:08p 148,924 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.hijackers.zip"
Oct 4 2007 9:02:24a 49,386 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.keyloggers.zip"
Oct 4 2007 9:02:26a 303,628 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\includes.malware.zip"
Oct 13 2007 5:36:30p 57,428 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\online.ini"
Sep 26 2007 5:56:10p 683,907 A.... "C:\Program Files\Spybot - Search & Destroy\Updates\startup.zip"
Oct 2 2007 5:35:10p 396,288 A.... "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
Oct 2 2007 5:35:10p 396,288 A.... "C:\Program Files\Trend Micro\HijackThis\Sr.exe"
Aug 23 2007 3:31:24p 17,408 A.... "C:\Program Files\Windows Live\installer\DashboardLoc.dll"
Aug 23 2007 3:32:12p 178,176 A.... "C:\Program Files\Windows Live\installer\Dashboard.exe"
Aug 23 2007 3:31:24p 114,176 A.... "C:\Program Files\Windows Live\installer\DashboardRes.dll"
Aug 14 2007 4:35:22p 134,144 A.... "C:\Program Files\Windows Live\installer\SqmApi.dll"
Aug 15 2007 11:32:42a 838,144 A.... "C:\Program Files\Windows Live\installer\UXCore.dll"
Aug 23 2007 3:32:00p 261,120 A.... "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
Aug 17 2007 8:48:46a 109,424 A.... "C:\Program Files\Windows Live\Mail\ABImport.dll"
Aug 17 2007 8:49:08a 453,488 A.... "C:\Program Files\Windows Live\Mail\abssm.dll"
Aug 17 2007 8:48:52a 131,952 A.... "C:\Program Files\Windows Live\Mail\actorbas.dll"
Aug 17 2007 8:48:50a 123,248 A.... "C:\Program Files\Windows Live\Mail\adorner.dll"
Aug 17 2007 8:49:06a 194,416 A.... "C:\Program Files\Windows Live\Mail\aimg.dll"
Aug 17 2007 8:49:02a 182,640 A.... "C:\Program Files\Windows Live\Mail\alayout.dll"
Aug 17 2007 8:48:44a 104,304 A.... "C:\Program Files\Windows Live\Mail\canproxy.dll"
Aug 17 2007 8:49:06a 349,552 A.... "C:\Program Files\Windows Live\Mail\canvas.dll"
Aug 17 2007 8:48:50a 124,272 A.... "C:\Program Files\Windows Live\Mail\cnvsshrd.dll"
Aug 17 2007 8:48:56a 154,992 A.... "C:\Program Files\Windows Live\Mail\contact.dll"
Aug 17 2007 8:49:12a 471,408 A.... "C:\Program Files\Windows Live\Mail\contactsUX.dll"
Aug 17 2007 8:48:54a 135,536 A.... "C:\Program Files\Windows Live\Mail\dgeneral.dll"
Aug 17 2007 8:49:16a 1,019,248 A.... "C:\Program Files\Windows Live\Mail\lmcdata.dll"
Aug 17 2007 8:49:02a 184,688 A.... "C:\Program Files\Windows Live\Mail\mailacct.dll"
Aug 17 2007 8:49:14a 934,768 A.... "C:\Program Files\Windows Live\Mail\mailcomm.dll"
Aug 17 2007 8:48:44a 99,696 A.... "C:\Program Files\Windows Live\Mail\mailimp.dll"
Aug 17 2007 8:49:20a 3,212,144 A.... "C:\Program Files\Windows Live\Mail\maillang.dll"
Aug 17 2007 8:49:18a 2,291,568 A.... "C:\Program Files\Windows Live\Mail\mailres2.dll"
Aug 17 2007 8:48:50a 120,176 A.... "C:\Program Files\Windows Live\Mail\mailrt2.dll"
Aug 17 2007 8:49:18a 2,558,832 A.... "C:\Program Files\Windows Live\Mail\msmail.dll"
Aug 17 2007 8:49:02a 177,008 A.... "C:\Program Files\Windows Live\Mail\msncore.dll"
Aug 17 2007 8:48:32a 30,576 A.... "C:\Program Files\Windows Live\Mail\piBase.dll"
Aug 17 2007 8:48:46a 119,664 A.... "C:\Program Files\Windows Live\Mail\piOrg.dll"
Aug 17 2007 8:48:40a 64,880 A.... "C:\Program Files\Windows Live\Mail\smapi.dll"
Aug 15 2007 1:30:48p 134,144 A.... "C:\Program Files\Windows Live\Mail\sqmapi.dll"
Oct 13 2007 4:25:30p 47,658 A.... "C:\Program Files\Windows Live\Mail\sUBs.ini"
Aug 17 2007 8:48:56a 142,192 A.... "C:\Program Files\Windows Live\Mail\ucspell.dll"
Aug 17 2007 8:49:14a 851,312 A.... "C:\Program Files\Windows Live\Mail\uxcore.dll"
Aug 17 2007 8:49:08a 346,992 A.... "C:\Program Files\Windows Live\Mail\wab32res.dll"
Aug 17 2007 8:49:12a 491,888 A.... "C:\Program Files\Windows Live\Mail\wabapi.dll"
Aug 17 2007 8:48:38a 43,888 A.... "C:\Program Files\Windows Live\Mail\wabfind.dll"
Aug 17 2007 8:48:32a 38,768 A.... "C:\Program Files\Windows Live\Mail\wldlog.dll"
Aug 17 2007 8:48:56a 156,528 A.... "C:\Program Files\Windows Live\Mail\wlmail.exe"
Aug 15 2007 1:24:14p 3,611,432 A.... "C:\Program Files\Windows Live\Mail\wlmfilter.dat"
Aug 15 2007 1:24:12p 454,048 A.... "C:\Program Files\Windows Live\Mail\wlmfilter.dll"
Aug 16 2007 4:17:42p 425,328 A.... "C:\Program Files\Windows Live\Messenger\abssm.dll"
Aug 16 2007 4:17:36p 189,808 A.... "C:\Program Files\Windows Live\Messenger\contact.dll"
Aug 16 2007 4:17:40p 339,824 A.... "C:\Program Files\Windows Live\Messenger\contactsUX.dll"
Aug 16 2007 4:18:28p 1,736,048 A.... "C:\Program Files\Windows Live\Messenger\dfsr.dll"
Aug 16 2007 4:17:38p 329,584 A.... "C:\Program Files\Windows Live\Messenger\fsshext.8.5.1288.0816.dll"
Aug 16 2007 4:17:42p 483,696 A.... "C:\Program Files\Windows Live\Messenger\lmcdata.dll"
Aug 16 2007 4:17:24p 66,416 A.... "C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll"
Aug 16 2007 4:17:36p 241,520 A.... "C:\Program Files\Windows Live\Messenger\msgsc.8.5.1288.0816.dll"
Aug 16 2007 4:17:56p 1,680,240 A.... "C:\Program Files\Windows Live\Messenger\msgslang.8.5.1288.0816.dll"
Aug 16 2007 4:18:52p 2,491,760 A.... "C:\Program Files\Windows Live\Messenger\msgsres.dll"
Aug 16 2007 4:17:44p 669,552 A.... "C:\Program Files\Windows Live\Messenger\msgswcam.dll"
Aug 16 2007 4:17:44p 1,015,152 A.... "C:\Program Files\Windows Live\Messenger\msncore.dll"
Aug 16 2007 4:19:00p 5,728,112 A.... "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"
Aug 16 2007 4:17:22p 62,320 A.... "C:\Program Files\Windows Live\Messenger\psmsong.8.5.1288.0816.dll"
Aug 16 2007 4:17:24p 98,672 A.... "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
Aug 16 2007 4:17:18p 55,664 A.... "C:\Program Files\Windows Live\Messenger\usnsvcps.dll"
Aug 16 2007 3:44:20p 598,856 A.... "C:\Program Files\Windows Live\Messenger\wmaecdmort.dll"
Aug 15 2007 3:10:20p 204,672 A.... "C:\Program Files\Windows Live\Photo Gallery\ImagingDevice.dll"
Aug 15 2007 3:10:32p 420,224 A.... "C:\Program Files\Windows Live\Photo Gallery\ImagingServices.dll"
Aug 15 2007 3:10:06p 83,840 A.... "C:\Program Files\Windows Live\Photo Gallery\LiveAlbumXCtrl.dll"
Aug 15 2007 3:10:52p 1,722,752 A.... "C:\Program Files\Windows Live\Photo Gallery\MicrosoftEffects.dll"
Aug 15 2007 3:09:48p 46,464 A.... "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll"
Aug 15 2007 3:09:54p 54,656 A.... "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShimx64.dll"
Aug 15 2007 3:09:42p 12,672 A.... "C:\Program Files\Windows Live\Photo Gallery\RegRes.dll"
Aug 15 2007 3:10:16p 143,744 A.... "C:\Program Files\Windows Live\Photo Gallery\sqmapi.dll"
Aug 15 2007 3:10:30p 382,848 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoLibraryDatabase.dll"
Aug 15 2007 3:09:50p 49,024 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoSqm.dll"
Aug 15 2007 3:10:44p 1,558,400 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoLibraryMain.dll"
Aug 15 2007 3:10:50p 1,705,856 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoLibraryResources.dll"
Aug 15 2007 3:10:44p 1,488,768 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll"
Aug 15 2007 3:10:42p 1,250,688 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoVoyager.dll"
Aug 15 2007 3:10:30p 370,560 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe"
Aug 15 2007 3:10:22p 287,616 A.... "C:\Program Files\Windows Live\Photo Gallery\wlxclip.dll"
Aug 15 2007 3:10:18p 193,920 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXDSPA.dll"
Aug 15 2007 3:10:12p 129,920 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXGrinderScheduler.dll"
Aug 15 2007 3:09:58p 57,728 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXImageTranscode.dll"
Aug 15 2007 3:10:34p 570,240 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXMediaPublishSubscribe.dll"
Aug 15 2007 3:10:46p 1,603,456 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcq.dll"
Aug 15 2007 3:10:22p 229,760 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe"
Aug 15 2007 3:09:44p 22,400 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoBase.dll"
Aug 15 2007 3:10:10p 103,296 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe"
Aug 15 2007 3:10:10p 86,912 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoCinematic.dll"
Aug 15 2007 3:09:50p 46,464 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe"
Aug 15 2007 3:10:04p 83,840 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoClassic.dll"
Aug 15 2007 3:10:40p 757,632 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPipeline.dll"
Aug 15 2007 3:10:38p 734,592 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXPipetran.dll"
Aug 15 2007 3:10:00p 70,528 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXQuickTimeShellExt.dll"
Aug 15 2007 3:09:52p 53,120 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXSendMail.dll"
Aug 15 2007 3:10:08p 85,376 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXThumbCache.dll"
Aug 15 2007 3:10:16p 144,768 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXVAFilt.dll"
Aug 15 2007 3:10:24p 303,488 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXVideoTrim.dll"
Aug 15 2007 3:10:36p 669,056 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe"
Aug 15 2007 3:09:58p 68,992 A.... "C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe"
Aug 16 2007 3:45:10p 214,376 A.... "C:\Program Files\Windows Live\Writer\ssceonf1.dll"
Aug 16 2007 3:41:42p 71,016 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Client.dll"
Aug 16 2007 3:43:42p 1,054,056 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.CoreServices.dll"
Aug 16 2007 3:41:44p 83,304 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.FileDestinations.dll"
Aug 16 2007 3:41:42p 75,112 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.HtmlParser.dll"
Aug 16 2007 3:43:40p 435,560 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Localization.dll"
Aug 16 2007 3:43:32p 263,528 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.HtmlEditor.dll"
Aug 16 2007 3:43:32p 284,008 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Controls.dll"
Aug 16 2007 3:41:54p 140,648 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Interop.dll"
Aug 16 2007 3:41:32p 62,824 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Passport.dll"
Aug 16 2007 3:43:12p 169,320 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Interop.Mshtml.dll"
Aug 16 2007 3:43:34p 390,504 A.... "C:\Program Files\Windows Live\Writer\WindowsLiveLocal.WriterPlugin.dll"
Aug 16 2007 3:41:52p 120,168 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Mshtml.dll"
Aug 16 2007 3:45:02p 143,208 A.... "C:\Program Files\Windows Live\Writer\WindowsLiveWriter.Application.dll"
Aug 16 2007 3:41:52p 136,552 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Interop.SHDocVw.dll"
Aug 16 2007 3:45:02p 136,552 A.... "C:\Program Files\Windows Live\Writer\WindowsLiveWriter.Filter.dll"
Aug 16 2007 3:41:34p 54,632 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Extensibility.dll"
Aug 16 2007 3:45:00p 79,208 A.... "C:\Program Files\Windows Live\Writer\WindowsLiveWriter.Toolbar.dll"
Aug 16 2007 3:41:52p 107,880 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.SpellChecker.dll"
Aug 16 2007 3:43:48p 2,880,872 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.PostEditor.dll"
Aug 16 2007 3:41:34p 54,632 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.Api.dll"
Aug 16 2007 3:43:42p 447,848 A.... "C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe"
Aug 16 2007 3:43:42p 595,304 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.ApplicationFramework.dll"
Aug 16 2007 3:43:32p 320,872 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.BlogClient.dll"
Aug 16 2007 3:41:42p 79,208 A.... "C:\Program Files\Windows Live\Writer\WindowsLive.Writer.BrowserControl.dll"
Aug 16 2007 3:45:10p 154,984 A.... "C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll"
Sep 16 2007 5:18:06p 77,824 A.... "C:\Program Files\Common Files\Real\Codecs\atrc.dll"
Sep 16 2007 5:18:06p 65,536 A.... "C:\Program Files\Common Files\Real\Codecs\cook.dll"
Sep 16 2007 5:18:08p 102,400 A.... "C:\Program Files\Common Files\Real\Codecs\drv1.dll"
Sep 16 2007 5:18:08p 176,128 A.... "C:\Program Files\Common Files\Real\Codecs\drv2.dll"
Sep 16 2007 5:18:08p 266,240 A.... "C:\Program Files\Common Files\Real\Codecs\drvc.dll"
Sep 16 2007 5:18:08p 241,664 A.... "C:\Program Files\Common Files\Real\Codecs\hxltcolor.dll"
Sep 16 2007 5:18:06p 552,960 A.... "C:\Program Files\Common Files\Real\Codecs\raac.dll"
Sep 16 2007 5:18:08p 49,152 A.... "C:\Program Files\Common Files\Real\Codecs\rv10.dll"
Sep 16 2007 5:18:08p 57,344 A.... "C:\Program Files\Common Files\Real\Codecs\rv20.dll"
Sep 16 2007 5:18:08p 49,152 A.... "C:\Program Files\Common Files\Real\Codecs\rv30.dll"
Sep 16 2007 5:18:08p 49,152 A.... "C:\Program Files\Common Files\Real\Codecs\rv40.dll"
Sep 16 2007 5:18:06p 106,496 A.... "C:\Program Files\Common Files\Real\Codecs\sipr.dll"
Sep 16 2007 5:19:32p 2,534 A.... "C:\Program Files\Common Files\Real\Common\devices.ini"
Sep 16 2007 5:18:20p 172,032 A.... "C:\Program Files\Common Files\Real\Common\objb3201.dll"
Sep 16 2007 5:17:06p 1,310,720 A.... "C:\Program Files\Common Files\Real\Common\pnen3260.dll"
Sep 16 2007 5:17:32p 421,888 A.... "C:\Program Files\Common Files\Real\Common\pngu3267.dll"
Sep 16 2007 5:17:32p 28,672 A.... "C:\Program Files\Common Files\Real\Common\pnrs3260.dll"
Sep 16 2007 5:18:18p 147,456 A.... "C:\Program Files\Common Files\Real\Common\rjbviz.dll"
Sep 16 2007 5:17:32p 28,672 A.... "C:\Program Files\Common Files\Real\Common\rppr3260.dll"
Sep 16 2007 5:19:34p 36,864 A.... "C:\Program Files\Common Files\Real\Common\rpun3260.dll"
Sep 16 2007 5:18:44p 45,056 A.... "C:\Program Files\Common Files\Real\Common\security.dll"
Sep 16 2007 5:17:52p 81,920 A.... "C:\Program Files\Common Files\Real\Common\twebbrowse.dll"
Sep 16 2007 5:18:22p 110,592 A.... "C:\Program Files\Common Files\Real\GToolbar\barcontrol.dll"
Sep 16 2007 5:18:22p 1,145,896 A.... "C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller.exe"
Sep 16 2007 5:18:22p 733,712 A.... "C:\Program Files\Common Files\Real\GToolbar\googletoolbarinstaller98.exe"
Sep 16 2007 5:18:24p 69,632 A.... "C:\Program Files\Common Files\Real\Plugins\aacff.dll"
Sep 16 2007 5:18:32p 86,016 A.... "C:\Program Files\Common Files\Real\Plugins\audplin.dll"
Sep 16 2007 5:17:04p 53,248 A.... "C:\Program Files\Common Files\Real\Plugins\authmgr.dll"
Sep 16 2007 5:17:04p 36,864 A.... "C:\Program Files\Common Files\Real\Plugins\cdda3260.dll"
Sep 16 2007 5:17:04p 40,960 A.... "C:\Program Files\Common Files\Real\Plugins\clbascauth.dll"
Sep 16 2007 5:17:06p 53,248 A.... "C:\Program Files\Common Files\Real\Plugins\clntxres.dll"
Sep 16 2007 5:18:32p 65,536 A.... "C:\Program Files\Common Files\Real\Plugins\cont3260.dll"
Sep 16 2007 5:19:18p 233,472 A.... "C:\Program Files\Common Files\Real\Plugins\fpsechnd.dll"
Sep 16 2007 5:17:04p 176,128 A.... "C:\Program Files\Common Files\Real\Plugins\httpfsys.dll"
Sep 16 2007 5:17:04p 40,960 A.... "C:\Program Files\Common Files\Real\Plugins\hxsdp.dll"
Sep 16 2007 5:18:20p 86,016 A.... "C:\Program Files\Common Files\Real\Plugins\hxxml.dll"
Sep 16 2007 5:18:10p 532,480 A.... "C:\Program Files\Common Files\Real\Plugins\imgrender.dll"
Sep 16 2007 5:17:04p 77,824 A.... "C:\Program Files\Common Files\Real\Plugins\memfsys.dll"
Sep 16 2007 5:18:18p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\mp3fformat.dll"
Sep 16 2007 5:18:18p 65,536 A.... "C:\Program Files\Common Files\Real\Plugins\mp3metaff.dll"
Sep 16 2007 5:18:18p 151,552 A.... "C:\Program Files\Common Files\Real\Plugins\mp3render.dll"
Sep 16 2007 5:18:24p 126,976 A.... "C:\Program Files\Common Files\Real\Plugins\mp4arender.dll"
Sep 16 2007 5:18:24p 73,728 A.... "C:\Program Files\Common Files\Real\Plugins\mp4fformat.dll"
Sep 16 2007 5:18:42p 98,304 A.... "C:\Program Files\Common Files\Real\Plugins\mp4wrtr.dll"
Sep 16 2007 5:18:34p 69,632 A.... "C:\Program Files\Common Files\Real\Plugins\mpgfformat.dll"
Sep 16 2007 5:18:34p 172,032 A.... "C:\Program Files\Common Files\Real\Plugins\mpgrender.dll"
Sep 16 2007 5:17:04p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\ntlmauth.dll"
Sep 16 2007 5:17:04p 360,448 A.... "C:\Program Files\Common Files\Real\Plugins\pacplin.dll"
Sep 16 2007 5:19:26p 73,728 A.... "C:\Program Files\Common Files\Real\Plugins\pdgenxferfsys.dll"
Sep 16 2007 5:17:04p 57,344 A.... "C:\Program Files\Common Files\Real\Plugins\plusplin.dll"
Sep 16 2007 5:17:04p 40,960 A.... "C:\Program Files\Common Files\Real\Plugins\pxcb3210.dll"
Sep 16 2007 5:17:04p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\ramfformat.dll"
Sep 16 2007 5:17:04p 57,344 A.... "C:\Program Files\Common Files\Real\Plugins\ramrender.dll"
Sep 16 2007 5:18:06p 151,552 A.... "C:\Program Files\Common Files\Real\Plugins\rarender.dll"
Sep 16 2007 5:18:32p 36,864 A.... "C:\Program Files\Common Files\Real\Plugins\recf3260.dll"
Sep 16 2007 5:17:04p 176,128 A.... "C:\Program Files\Common Files\Real\Plugins\rmfformat.dll"
Sep 16 2007 5:18:42p 282,624 A.... "C:\Program Files\Common Files\Real\Plugins\rmwrtr.dll"
Sep 16 2007 5:18:46p 65,536 A.... "C:\Program Files\Common Files\Real\Plugins\rmxfpln.dll"
Sep 16 2007 5:18:44p 106,496 A.... "C:\Program Files\Common Files\Real\Plugins\rmxrend.dll"
Sep 16 2007 5:17:04p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\rn5auth.dll"
Sep 16 2007 5:18:10p 110,592 A.... "C:\Program Files\Common Files\Real\Plugins\rtfformat.dll"
Sep 16 2007 5:18:10p 122,880 A.... "C:\Program Files\Common Files\Real\Plugins\rtrender.dll"
Sep 16 2007 5:18:08p 172,032 A.... "C:\Program Files\Common Files\Real\Plugins\rvrender.dll"
Sep 16 2007 5:18:16p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\sdpplin.dll"
Sep 16 2007 5:18:44p 45,056 A.... "C:\Program Files\Common Files\Real\Plugins\security.dll"
Sep 16 2007 5:17:04p 61,440 A.... "C:\Program Files\Common Files\Real\Plugins\smlfformat.dll"
Sep 16 2007 5:17:04p 532,480 A.... "C:\Program Files\Common Files\Real\Plugins\smlrender.dll"
Sep 16 2007 5:17:04p 57,344 A.... "C:\Program Files\Common Files\Real\Plugins\smmrender.dll"
Sep 16 2007 5:17:06p 69,632 A.... "C:\Program Files\Common Files\Real\Plugins\smplfsys.dll"
Sep 16 2007 5:18:20p 32,768 A.... "C:\Program Files\Common Files\Real\Plugins\stubdrm.dll"
Sep 16 2007 5:18:08p 94,208 A.... "C:\Program Files\Common Files\Real\Plugins\swfformat.dll"
Sep 16 2007 5:18:08p 614,400 A.... "C:\Program Files\Common Files\Real\Plugins\swfrender.dll"
Sep 16 2007 5:18:46p 57,344 A.... "C:\Program Files\Common Files\Real\Plugins\tfilesys.dll"
Sep 16 2007 5:18:32p 167,936 A.... "C:\Program Files\Common Files\Real\Plugins\vidplin.dll"
Sep 16 2007 5:17:04p 376,832 A.... "C:\Program Files\Common Files\Real\Plugins\vidsite.dll"
Sep 16 2007 5:17:08p 135,168 A.... "C:\Program Files\Common Files\Real\Plugins\vsrcplin.dll"
Sep 16 2007 5:17:08p 94,208 A.... "C:\Program Files\Common Files\Real\Plugins\vsrlocal.dll"
Sep 16 2007 5:18:26p 176,128 A.... "C:\Program Files\Common Files\Real\Plugins\wm9fformat.dll"
Sep 16 2007 5:18:26p 28,672 A.... "C:\Program Files\Common Files\Real\Plugins\wm9writer.dll"
Sep 16 2007 5:18:26p 180,224 A.... "C:\Program Files\Common Files\Real\Plugins\wmsechnd.dll"
Sep 16 2007 5:17:06p 172,032 A.... "C:\Program Files\Common Files\Real\Plugins\zipf3260.dll"
Sep 16 2007 5:18:20p 155,648 A.... "C:\Program Files\Common Files\Real\RCAPlugins\gct23201.dll"
Sep 16 2007 5:18:20p 90,112 A.... "C:\Program Files\Common Files\Real\RCAPlugins\gema3201.dll"
Sep 16 2007 5:18:20p 450,560 A.... "C:\Program Files\Common Files\Real\RCAPlugins\gemx3201.dll"
Sep 16 2007 5:18:32p 102,400 A.... "C:\Program Files\Common Files\Real\RCAPlugins\locd3210.dll"
Sep 16 2007 5:18:20p 757,760 A.... "C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols1.dll"
Sep 16 2007 5:18:20p 692,224 A.... "C:\Program Files\Common Files\Real\RCAPlugins\rpcontrols2.dll"
Sep 16 2007 5:18:30p 196,608 A.... "C:\Program Files\Common Files\Real\RCAPlugins\sonr3210.dll"
Sep 16 2007 5:18:20p 446,464 A.... "C:\Program Files\Common Files\Real\RCAPlugins\uisy3201.dll"
Sep 16 2007 5:18:20p 53,248 A.... "C:\Program Files\Common Files\Real\RCAPlugins\xmlc3201.dll"
Sep 16 2007 5:16:50p 397,312 A.... "C:\Program Files\Common Files\Real\Update_OB\faus3270.dll"
Sep 16 2007 5:16:54p 36,864 A.... "C:\Program Files\Common Files\Real\Update_OB\pnmi3270.dll"
Sep 16 2007 5:16:44p 193,816 A.... "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe"
Sep 16 2007 5:16:52p 69,632 A.... "C:\Program Files\Common Files\Real\Update_OB\realonemessagecenter.exe"
Sep 16 2007 5:16:54p 185,632 A.... "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
Sep 16 2007 5:16:54p 98,304 A.... "C:\Program Files\Common Files\Real\Update_OB\rnad3201.dll"
Sep 16 2007 5:16:58p 335,872 A.... "C:\Program Files\Common Files\Real\Update_OB\rnms3270.dll"
Sep 16 2007 5:16:44p 311,296 A.... "C:\Program Files\Common Files\Real\Update_OB\rnqu3270.dll"
Sep 16 2007 5:16:44p 184,320 A.... "C:\Program Files\Common Files\Real\Update_OB\rnup3270.dll"
Sep 16 2007 5:16:58p 58,648 A.... "C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe"
Sep 16 2007 5:16:44p 124,480 A.... "C:\Program Files\Common Files\Real\Update_OB\rpelevation.dll"
Sep 16 2007 5:16:44p 311,296 A.... "C:\Program Files\Common Files\Real\Update_OB\setu3270.dll"
Sep 16 2007 5:16:44p 348,160 A.... "C:\Program Files\Common Files\Real\Update_OB\upgr3270.dll"
Sep 16 2007 5:16:44p 335,872 A.... "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe"
Sep 16 2007 5:18:38p 352,256 A.... "C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll"
Aug 14 2007 2:07:34p 908,800 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\ci.dll"
Aug 14 2007 2:07:36p 126,464 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\cires_en.dll"
Aug 14 2007 2:07:34p 124,912 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\GoogleUpdaterRestartManager.exe"
Aug 14 2007 2:07:36p 124,400 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\GoogleUpdaterSetup.exe"
Aug 14 2007 2:07:36p 664,560 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\GoogleUpdaterInstallMgr.exe"
Aug 14 2007 2:07:36p 185,840 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\GoogleUpdaterAdminPrefs.exe"
Aug 14 2007 2:07:34p 83,968 A.... "C:\Program Files\Google\Google Updater\2.2.940.34809\npCIDetect11.dll"
Aug 14 2007 2:07:48p 127,472 A.... "C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\gtn.dll"
Aug 14 2007 2:07:48p 654,832 A.... "C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll"
Aug 21 2007 6:48:16p 28,479 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3117.dat"
Aug 21 2007 6:48:16p 12,893 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3118.dat"
Aug 21 2007 6:48:16p 17,778 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3119.dat"
Aug 21 2007 6:48:16p 11,152 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3120.dat"
Aug 21 2007 6:48:16p 14,218 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3121.dat"
Aug 21 2007 6:48:18p 23,827 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3122.dat"
Aug 21 2007 6:48:18p 21,071 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3123.dat"
Aug 21 2007 6:48:18p 80 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3124.dat"
Aug 21 2007 6:48:18p 662 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3125.dat"
Aug 21 2007 6:48:18p 22,551 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3126.dat"
Aug 21 2007 6:48:20p 34,616 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3127.dat"
Aug 21 2007 6:48:20p 137 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3128.dat"
Aug 21 2007 6:48:20p 18,280 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3129.dat"
Aug 21 2007 6:48:20p 77 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3130.dat"
Aug 21 2007 6:48:20p 79 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3131.dat"
Aug 21 2007 6:48:20p 20,834 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3132.dat"
Aug 21 2007 6:48:20p 15,534 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3133.dat"
Aug 21 2007 6:48:20p 10,115 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3134.dat"
Aug 21 2007 6:48:20p 76 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3135.dat"
Aug 21 2007 6:48:22p 16,658 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3136.dat"
Aug 21 2007 6:48:22p 19,392 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3137.dat"
Aug 21 2007 6:48:22p 251 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3138.dat"
Aug 21 2007 6:48:22p 61 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3139.dat"
Aug 21 2007 6:48:22p 8,027 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3140.dat"
Aug 21 2007 6:48:22p 2,187 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3141.dat"
Aug 21 2007 6:48:22p 5,025 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3142.dat"
Aug 21 2007 6:48:22p 3,358 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3143.dat"
Aug 21 2007 6:48:22p 193 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3144.dat"
Aug 21 2007 6:48:24p 2,209 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3145.dat"
Aug 21 2007 6:48:24p 1,074 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3146.dat"
Aug 21 2007 6:48:24p 25,174 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3147.dat"
Aug 21 2007 6:48:24p 48,732 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3148.dat"
Aug 21 2007 6:48:24p 3,416 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3149.dat"
Aug 21 2007 6:48:24p 2,463 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3150.dat"
Aug 21 2007 6:48:26p 2,378 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3151.dat"
Aug 21 2007 6:48:26p 241 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3152.dat"
Aug 21 2007 6:48:26p 64,904 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3153.dat"
Aug 21 2007 6:48:28p 14,997 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3154.dat"
Aug 21 2007 6:48:28p 2,579 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3155.dat"
Aug 21 2007 6:48:28p 4,384 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3156.dat"
Aug 21 2007 6:48:28p 2,410 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3157.dat"
Aug 21 2007 6:48:28p 71,617 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3158.dat"
Aug 21 2007 6:48:30p 190 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3159.dat"
Aug 21 2007 6:48:30p 3,331 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3160.dat"
Aug 21 2007 6:48:30p 3,509 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3161.dat"
Aug 21 2007 6:48:30p 1,897 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3162.dat"
Aug 21 2007 6:48:30p 1,931 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3163.dat"
Aug 21 2007 6:48:30p 2,098 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3164.dat"
Aug 21 2007 6:48:30p 1,292 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3165.dat"
Aug 21 2007 6:48:30p 1,919 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3166.dat"
Aug 21 2007 6:48:30p 1,777 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3167.dat"
Aug 21 2007 6:48:30p 1,918 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3168.dat"
Aug 21 2007 6:48:30p 1,973 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3169.dat"
Aug 21 2007 6:48:32p 2,089 A.... "C:\Program Files\Grisoft\AVG
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Shekb » October 14th, 2007, 12:59 pm

It got cut off XD

Aug 21 2007 6:48:32p 2,089 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3170.dat"
Aug 21 2007 6:48:32p 1,906 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3171.dat"
Aug 21 2007 6:48:32p 77 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3172.dat"
Aug 21 2007 6:48:32p 1,247 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3173.dat"
Aug 21 2007 6:48:32p 1,966 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3174.dat"
Aug 21 2007 6:48:32p 2,157 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3175.dat"
Aug 21 2007 6:48:32p 1,737 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3176.dat"
Aug 21 2007 6:48:32p 1,908 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3177.dat"
Aug 21 2007 6:48:32p 2,245 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3178.dat"
Aug 21 2007 6:48:32p 1,954 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3179.dat"
Aug 21 2007 6:48:32p 2,002 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3180.dat"
Aug 21 2007 6:48:32p 2,311 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3181.dat"
Aug 21 2007 6:48:32p 1,718 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3182.dat"
Aug 21 2007 6:48:32p 1,904 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3183.dat"
Aug 21 2007 6:48:34p 2,367 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3184.dat"
Aug 21 2007 6:48:34p 1,724 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3185.dat"
Aug 21 2007 6:48:34p 2,203 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3186.dat"
Aug 21 2007 6:48:34p 2,162 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3187.dat"
Aug 21 2007 6:48:34p 1,565 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3188.dat"
Aug 21 2007 6:48:34p 1,806 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3189.dat"
Aug 21 2007 6:48:34p 1,961 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3190.dat"
Aug 21 2007 6:48:34p 2,207 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3191.dat"
Aug 21 2007 6:48:34p 2,152 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3192.dat"
Aug 21 2007 6:48:34p 1,993 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3193.dat"
Aug 21 2007 6:48:36p 1,403 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3194.dat"
Aug 21 2007 6:48:36p 1,445 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3195.dat"
Aug 21 2007 6:48:36p 2,422 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3196.dat"
Aug 21 2007 6:48:36p 2,388 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3197.dat"
Aug 22 2007 8:32:06a 2,807 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3198.dat"
Aug 22 2007 8:32:06a 79 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3199.dat"
Aug 23 2007 9:31:00a 2,244 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3200.dat"
Aug 24 2007 8:48:14a 2,081 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3201.dat"
Aug 25 2007 9:38:36a 2,044 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3202.dat"
Aug 26 2007 10:20:54a 1,662 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3203.dat"
Aug 27 2007 8:31:58a 1,860 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3204.dat"
Aug 28 2007 8:58:12a 1,861 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3205.dat"
Aug 29 2007 7:36:16a 2,184 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3206.dat"
Aug 30 2007 7:21:32a 2,038 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3207.dat"
Aug 31 2007 7:27:36a 1,971 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3208.dat"
Sep 1 2007 7:39:26a 2,051 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3209.dat"
Sep 2 2007 7:49:28a 1,969 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3210.dat"
Sep 3 2007 7:59:16a 2,047 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3211.dat"
Sep 4 2007 7:25:34a 2,645 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3212.dat"
Sep 5 2007 7:24:26a 3,880 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3213.dat"
Sep 6 2007 7:27:44a 2,107 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3214.dat"
Sep 7 2007 7:07:08a 2,070 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3215.dat"
Sep 8 2007 8:43:38a 1,897 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3216.dat"
Sep 8 2007 10:45:14a 84 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3217.dat"
Sep 9 2007 10:27:34a 3,495 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3218.dat"
Sep 10 2007 7:12:00a 2,230 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3219.dat"
Sep 11 2007 6:52:54a 2,251 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3220.dat"
Sep 12 2007 7:10:24a 1,875 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3221.dat"
Sep 13 2007 7:08:28a 1,819 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3222.dat"
Sep 14 2007 7:23:42a 1,968 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3223.dat"
Sep 15 2007 11:59:20a 4,960 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3224.dat"
Sep 15 2007 11:59:20a 1,860 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3225.dat"
Sep 16 2007 8:16:04a 2,301 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3226.dat"
Sep 17 2007 7:07:58a 2,359 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3227.dat"
Sep 18 2007 7:24:38a 2,448 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3228.dat"
Sep 19 2007 7:05:40a 2,291 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3229.dat"
Sep 21 2007 7:34:20a 3,402 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3230.dat"
Sep 27 2007 6:39:08p 2,205 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3231.dat"
Sep 27 2007 6:39:08p 2,981 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3232.dat"
Sep 27 2007 6:39:08p 2,800 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3233.dat"
Sep 29 2007 11:43:26a 2,037 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3234.dat"
Sep 29 2007 11:43:28a 2,040 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3235.dat"
Oct 10 2007 5:28:54p 1,719 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3236.dat"
Oct 10 2007 5:28:54p 3,391 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3237.dat"
Oct 10 2007 5:28:54p 376 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3238.dat"
Oct 10 2007 5:28:56p 14,703 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3239.dat"
Oct 10 2007 5:28:56p 16,969 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3240.dat"
Oct 10 2007 5:28:56p 2,394 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3241.dat"
Oct 10 2007 5:28:56p 1,901 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3242.dat"
Oct 10 2007 5:28:56p 1,746 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3243.dat"
Oct 10 2007 5:28:56p 1,449 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3244.dat"
Oct 10 2007 5:28:56p 5,157 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3245.dat"
Oct 10 2007 5:28:56p 3,044 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3246.dat"
Oct 10 2007 5:28:56p 3,023 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3247.dat"
Oct 10 2007 5:28:56p 134 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3248.dat"
Oct 11 2007 4:42:34p 3,235 A.... "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\3249.dat"
Sep 25 2007 1:11:44a 1,671,168 A.... "C:\Program Files\Java\jre1.6.0_03\bin\awt.dll"
Sep 25 2007 1:11:44a 114,688 A.... "C:\Program Files\Java\jre1.6.0_03\bin\axbridge.dll"
Sep 25 2007 1:11:44a 192,512 A.... "C:\Program Files\Java\jre1.6.0_03\bin\cmm.dll"
Sep 25 2007 1:11:44a 143,360 A.... "C:\Program Files\Java\jre1.6.0_03\bin\dcpr.dll"
Sep 25 2007 1:11:44a 69,632 A.... "C:\Program Files\Java\jre1.6.0_03\bin\deploy.dll"
Sep 25 2007 1:11:44a 16,896 A.... "C:\Program Files\Java\jre1.6.0_03\bin\dt_shmem.dll"
Sep 25 2007 1:11:44a 13,312 A.... "C:\Program Files\Java\jre1.6.0_03\bin\dt_socket.dll"
Sep 25 2007 1:11:44a 335,872 A.... "C:\Program Files\Java\jre1.6.0_03\bin\fontmanager.dll"
Sep 25 2007 1:11:44a 15,872 A.... "C:\Program Files\Java\jre1.6.0_03\bin\hpi.dll"
Sep 25 2007 1:11:44a 139,264 A.... "C:\Program Files\Java\jre1.6.0_03\bin\hprof.dll"
Sep 25 2007 1:11:44a 98,304 A.... "C:\Program Files\Java\jre1.6.0_03\bin\instrument.dll"
Sep 25 2007 1:11:44a 12,800 A.... "C:\Program Files\Java\jre1.6.0_03\bin\ioser12.dll"
Sep 25 2007 1:11:44a 7,680 A.... "C:\Program Files\Java\jre1.6.0_03\bin\j2pcsc.dll"
Sep 25 2007 1:11:44a 37,376 A.... "C:\Program Files\Java\jre1.6.0_03\bin\j2pkcs11.dll"
Sep 25 2007 1:11:44a 10,240 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jaas_nt.dll"
Sep 24 2007 10:54:04p 25,088 A.... "C:\Program Files\Java\jre1.6.0_03\bin\java-rmi.exe"
Sep 25 2007 1:11:44a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\java.dll"
Sep 24 2007 10:30:28p 135,168 A.... "C:\Program Files\Java\jre1.6.0_03\bin\java.exe"
Sep 24 2007 11:31:42p 37,376 A.... "C:\Program Files\Java\jre1.6.0_03\bin\javacpl.exe"
Sep 24 2007 10:30:30p 135,168 A.... "C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"
Sep 24 2007 11:31:42p 139,264 A.... "C:\Program Files\Java\jre1.6.0_03\bin\javaws.exe"
Sep 25 2007 1:11:44a 14,336 A.... "C:\Program Files\Java\jre1.6.0_03\bin\java_crw_demo.dll"
Sep 25 2007 1:11:44a 5,120 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jawt.dll"
Sep 25 2007 1:11:44a 36,352 A.... "C:\Program Files\Java\jre1.6.0_03\bin\JdbcOdbc.dll"
Sep 25 2007 1:11:44a 167,936 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jdwp.dll"
Sep 25 2007 1:11:44a 77,824 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jli.dll"
Sep 25 2007 1:11:44a 147,456 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpeg.dll"
Sep 25 2007 1:11:44a 98,304 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpicom.dll"
Sep 25 2007 1:11:44a 110,592 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpiexp.dll"
Sep 25 2007 1:11:44a 98,304 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpinscp.dll"
Sep 25 2007 1:11:44a 65,536 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpioji.dll"
Sep 25 2007 1:11:44a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jpishare.dll"
Sep 25 2007 1:11:44a 147,456 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jsound.dll"
Sep 25 2007 1:11:44a 18,432 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jsoundds.dll"
Sep 25 2007 1:11:36a 329,104 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe"
Sep 25 2007 1:11:36a 54,672 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jureg.exe"
Sep 25 2007 1:11:36a 132,496 A.... "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
Sep 24 2007 10:42:32p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\keytool.exe"
Sep 24 2007 10:43:14p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\kinit.exe"
Sep 24 2007 10:43:18p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\klist.exe"
Sep 24 2007 10:43:20p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\ktab.exe"
Sep 25 2007 1:11:44a 18,432 A.... "C:\Program Files\Java\jre1.6.0_03\bin\management.dll"
Sep 25 2007 1:25:26a 348,160 A.... "C:\Program Files\Java\jre1.6.0_03\bin\msvcr71.dll"
Sep 25 2007 1:11:44a 77,824 A.... "C:\Program Files\Java\jre1.6.0_03\bin\net.dll"
Sep 25 2007 1:11:44a 20,480 A.... "C:\Program Files\Java\jre1.6.0_03\bin\nio.dll"
Sep 25 2007 1:11:44a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjava11.dll"
Sep 25 2007 1:11:44a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjava12.dll"
Sep 25 2007 1:11:44a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjava13.dll"
Sep 25 2007 1:11:46a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjava14.dll"
Sep 25 2007 1:11:46a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjava32.dll"
Sep 25 2007 1:11:34a 132,496 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll"
Sep 25 2007 1:11:46a 126,976 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npoji610.dll"
Sep 25 2007 1:11:46a 8,192 A.... "C:\Program Files\Java\jre1.6.0_03\bin\npt.dll"
Sep 24 2007 11:01:32p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\orbd.exe"
Sep 24 2007 11:02:12p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\pack200.exe"
Sep 24 2007 10:43:12p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\policytool.exe"
Sep 25 2007 1:25:26a 233,472 A.... "C:\Program Files\Java\jre1.6.0_03\bin\regutils.dll"
Sep 25 2007 1:11:46a 5,120 A.... "C:\Program Files\Java\jre1.6.0_03\bin\rmi.dll"
Sep 24 2007 10:53:56p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\rmid.exe"
Sep 24 2007 10:53:46p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\rmiregistry.exe"
Sep 24 2007 11:01:36p 25,600 A.... "C:\Program Files\Java\jre1.6.0_03\bin\servertool.exe"
Sep 25 2007 1:11:46a 131,072 A.... "C:\Program Files\Java\jre1.6.0_03\bin\splashscreen.dll"
Sep 25 2007 1:11:34a 501,136 A.... "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll"
Sep 25 2007 1:11:46a 16,384 A.... "C:\Program Files\Java\jre1.6.0_03\bin\sunmscapi.dll"
Sep 24 2007 11:01:20p 26,112 A.... "C:\Program Files\Java\jre1.6.0_03\bin\tnameserv.exe"
Sep 25 2007 1:11:46a 61,440 A.... "C:\Program Files\Java\jre1.6.0_03\bin\unpack.dll"
Sep 24 2007 11:02:08p 122,880 A.... "C:\Program Files\Java\jre1.6.0_03\bin\unpack200.exe"
Sep 25 2007 1:11:46a 31,744 A.... "C:\Program Files\Java\jre1.6.0_03\bin\verify.dll"
Sep 25 2007 1:11:46a 24,701 A.... "C:\Program Files\Java\jre1.6.0_03\bin\w2k_lsa_auth.dll"
Sep 25 2007 1:11:46a 110,592 A.... "C:\Program Files\Java\jre1.6.0_03\bin\wsdetect.dll"
Sep 25 2007 1:11:46a 47,104 A.... "C:\Program Files\Java\jre1.6.0_03\bin\zip.dll"
Sep 16 2007 5:19:10p 147,456 A.... "C:\Program Files\Real\RealPlayer\CDBurning\cdrmmc32.dll"
Sep 16 2007 5:19:10p 167,936 A.... "C:\Program Files\Real\RealPlayer\CDBurning\cdrw32.dll"
Sep 16 2007 5:19:12p 139,264 A.... "C:\Program Files\Real\RealPlayer\CDBurning\cdrwex32.dll"
Sep 16 2007 5:19:12p 196,608 A.... "C:\Program Files\Real\RealPlayer\CDBurning\data32.dll"
Sep 16 2007 5:19:12p 102,400 A.... "C:\Program Files\Real\RealPlayer\CDBurning\dataex32.dll"
Sep 16 2007 5:19:14p 49,152 A.... "C:\Program Files\Real\RealPlayer\CDBurning\ntiaspi.dll"
Sep 16 2007 5:19:14p 24,576 A.... "C:\Program Files\Real\RealPlayer\CDBurning\pdno3210.dll"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\nikejbx.ini"
Sep 16 2007 5:19:22p 34 A.... "C:\Program Files\Real\RealPlayer\Devices\openmgpd.ini"
Sep 16 2007 5:19:08p 174 A.... "C:\Program Files\Real\RealPlayer\Devices\pdbm3210.ini"
Sep 16 2007 5:19:26p 95 A.... "C:\Program Files\Real\RealPlayer\Devices\pdgenxferplug.ini"
Sep 16 2007 5:19:22p 34 A.... "C:\Program Files\Real\RealPlayer\Devices\pdnomad.ini"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\pdnomadjb.ini"
Sep 16 2007 5:19:22p 34 A.... "C:\Program Files\Real\RealPlayer\Devices\pdrioone.ini"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\rio300.ini"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\rio500.ini"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\rio6jbx.ini"
Sep 16 2007 5:19:22p 64 A.... "C:\Program Files\Real\RealPlayer\Devices\rio8jbx.ini"
Sep 16 2007 5:19:22p 57 A.... "C:\Program Files\Real\RealPlayer\Devices\sdplugin.ini"
Sep 16 2007 5:18:10p 144,720 A.... "C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll"
Sep 16 2007 5:18:50p 24,576 A.... "C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll"
Sep 16 2007 5:17:50p 81,920 A.... "C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll"
Sep 16 2007 5:18:54p 450,560 A.... "C:\Program Files\Real\RealPlayer\plugins\mpamedia.dll"
Sep 16 2007 5:18:58p 36,864 A.... "C:\Program Files\Real\RealPlayer\plugins\mpazip.dll"
Sep 16 2007 5:19:04p 28,672 A.... "C:\Program Files\Real\RealPlayer\plugins\pdbm3210.dll"
Sep 16 2007 5:19:26p 73,728 A.... "C:\Program Files\Real\RealPlayer\plugins\pdgenxferplug.dll"
Sep 16 2007 5:18:24p 49,152 A.... "C:\Program Files\Real\RealPlayer\plugins\rjcfspln.dll"
Sep 16 2007 5:18:20p 61,440 A.... "C:\Program Files\Real\RealPlayer\plugins\rjm4pln.dll"
Sep 16 2007 5:18:20p 45,056 A.... "C:\Program Files\Real\RealPlayer\plugins\rjmp3pln.dll"
Sep 16 2007 5:18:24p 24,576 A.... "C:\Program Files\Real\RealPlayer\plugins\rjrmapln.dll"
Sep 16 2007 5:18:52p 409,600 A.... "C:\Program Files\Real\RealPlayer\plugins\rjrmjpln.dll"
Sep 16 2007 5:18:52p 73,728 A.... "C:\Program Files\Real\RealPlayer\plugins\rjrmxpln.dll"
Sep 16 2007 5:18:46p 176,128 A.... "C:\Program Files\Real\RealPlayer\plugins\tcdinfo.dll"
Sep 16 2007 5:18:48p 430,080 A.... "C:\Program Files\Real\RealPlayer\plugins\tdwnmgr.dll"
Sep 16 2007 5:18:38p 57,344 A.... "C:\Program Files\Real\RealPlayer\plugins\teall.dll"
Sep 16 2007 5:18:38p 61,440 A.... "C:\Program Files\Real\RealPlayer\plugins\team4a.dll"
Sep 16 2007 5:18:38p 98,304 A.... "C:\Program Files\Real\RealPlayer\plugins\teamp3.dll"
Sep 16 2007 5:18:36p 61,440 A.... "C:\Program Files\Real\RealPlayer\plugins\teasdk.dll"
Sep 16 2007 5:18:36p 36,864 A.... "C:\Program Files\Real\RealPlayer\plugins\teawave.dll"
Sep 16 2007 5:18:26p 45,056 A.... "C:\Program Files\Real\RealPlayer\plugins\teawma.dll"
Sep 16 2007 5:18:50p 77,824 A.... "C:\Program Files\Real\RealPlayer\plugins\tpdmgr.dll"
Sep 16 2007 5:18:24p 86,016 A.... "C:\Program Files\Real\RealPlayer\plugins\wmaimprtpln.dll"
Sep 16 2007 5:17:32p 434,176 A.... "C:\Program Files\Real\RealPlayer\rpplugins\cdpl3210.dll"
Sep 16 2007 5:18:10p 577,536 A.... "C:\Program Files\Real\RealPlayer\rpplugins\embd3260.dll"
Sep 16 2007 5:19:16p 163,840 A.... "C:\Program Files\Real\RealPlayer\rpplugins\fftr3210.dll"
Sep 16 2007 5:17:46p 288,088 A.... "C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll"
Sep 16 2007 5:17:32p 253,952 A.... "C:\Program Files\Real\RealPlayer\rpplugins\mpacore.dll"
Sep 16 2007 5:19:00p 36,864 A.... "C:\Program Files\Real\RealPlayer\rpplugins\mpazip.dll"
Sep 16 2007 5:17:32p 733,184 A.... "C:\Program Files\Real\RealPlayer\rpplugins\myde3260.dll"
Sep 16 2007 5:19:06p 733,184 A.... "C:\Program Files\Real\RealPlayer\rpplugins\pdbu3210.dll"
Sep 16 2007 5:19:30p 135,168 A.... "C:\Program Files\Real\RealPlayer\rpplugins\pdctnomad.dll"
Sep 16 2007 5:19:26p 942,080 A.... "C:\Program Files\Real\RealPlayer\rpplugins\pdge3260.dll"
Sep 16 2007 5:19:34p 307,200 A.... "C:\Program Files\Real\RealPlayer\rpplugins\pdwmdm.dll"
Sep 16 2007 5:17:32p 364,544 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjbc3260.dll"
Sep 16 2007 5:17:34p 2,027,520 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjbdll.dll"
Sep 16 2007 5:17:36p 122,880 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjbe3260.dll"
Sep 16 2007 5:17:36p 110,592 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjbs3260.dll"
Sep 16 2007 5:17:36p 110,592 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjbxfade.dll"
Sep 16 2007 5:17:36p 565,248 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rjmisc.dll"
Sep 16 2007 5:17:38p 933,888 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpap3260.dll"
Sep 16 2007 5:17:38p 53,248 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpappdemon.dll"
Sep 16 2007 5:17:38p 524,288 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpcl3260.dll"
Sep 16 2007 5:17:38p 57,344 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpcomproxy.dll"
Sep 16 2007 5:17:48p 274,432 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpds3260.dll"
Sep 16 2007 5:17:38p 180,224 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpgu3260.dll"
Sep 16 2007 5:18:18p 53,248 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpho3260.dll"
Sep 16 2007 5:17:40p 278,528 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpme3260.dll"
Sep 16 2007 5:17:40p 548,864 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpmn3260.dll"
Sep 16 2007 5:17:40p 53,248 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpms3260.dll"
Sep 16 2007 5:17:42p 274,432 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rppl3260.dll"
Sep 16 2007 5:17:42p 98,304 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpqt3260.dll"
Sep 16 2007 5:17:44p 598,016 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rput3260.dll"
Sep 16 2007 5:17:44p 352,256 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpwe3260.dll"
Sep 16 2007 5:18:24p 188,416 A.... "C:\Program Files\Real\RealPlayer\rpplugins\rpwm3260.dll"
Sep 16 2007 5:17:44p 516,096 A.... "C:\Program Files\Real\RealPlayer\rpplugins\tmde3210.dll"
Sep 16 2007 5:18:16p 16,881,160 A.... "C:\Program Files\Real\RealPlayer\Setup\setup.exe"
Aug 15 2007 1:24:04p 1,277 A.... "C:\Program Files\Windows Live\Mail\Stationery\Desktop.ini"
Sep 25 2007 1:11:46a 2,314,240 A.... "C:\Program Files\Java\jre1.6.0_03\bin\client\jvm.dll"
Sep 24 2007 11:31:42p 16,801 A.... "C:\Program Files\Java\jre1.6.0_03\lib\deploy\ffjcext.zip"
Sep 18 2007 10:46:08p 99,576 A.... "C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\BrandRes.dll"
Sep 18 2007 10:46:08p 156,280 A.... "C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\fullsoft.dll"
Sep 18 2007 10:46:08p 3,323 A.... "C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\master.ini"
Sep 18 2007 10:46:08p 14,192 A.... "C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll"
Sep 18 2007 10:46:08p 406,776 A.... "C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe"
Sep 16 2007 5:17:52p 134 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\bottomchrome_a.ini"
Sep 16 2007 5:17:52p 134 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\bottomchrome_d.ini"
Sep 16 2007 5:17:52p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\burntransfer_b.ini"
Sep 16 2007 5:17:52p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\burntransfer_h.ini"
Sep 16 2007 5:17:52p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\cddvd.ini"
Sep 16 2007 5:17:54p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\musicguide.ini"
Sep 16 2007 5:17:54p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\musicstore.ini"
Sep 16 2007 5:17:54p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\mymedia.ini"
Sep 16 2007 5:17:54p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\radio.ini"
Sep 16 2007 5:17:54p 121 A.... "C:\Program Files\Real\RealPlayer\DataCache\admodules\rollingstone.ini"
Sep 16 2007 5:17:54p 590 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\cdburningprintcd.ini"
Sep 16 2007 5:17:54p 614 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\cdburningtimedupsell.ini"
Sep 16 2007 5:17:54p 554 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\cdmodetype.ini"
Sep 16 2007 5:17:54p 608 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\crossfadetransition.ini"
Sep 16 2007 5:17:54p 632 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\datacdartistalbumfolder.ini"
Sep 16 2007 5:17:54p 602 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\datacdartistfolder.ini"
Sep 16 2007 5:17:54p 288 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\disabledupselltext.ini"
Sep 16 2007 5:17:54p 554 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\finalizecd.ini"
Sep 16 2007 5:17:54p 584 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\mediafinalizecd.ini"
Sep 16 2007 5:17:54p 584 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\normalizetracks.ini"
Sep 16 2007 5:17:54p 590 A.... "C:\Program Files\Real\RealPlayer\DataCache\CDBurning\remove2secondgap.ini"
Sep 16 2007 5:17:54p 122 A.... "C:\Program Files\Real\RealPlayer\DataCache\Channels\channels.ini"
Sep 16 2007 5:17:54p 166 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\cd_validation_failure.ini"
Sep 16 2007 5:17:54p 165 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\cd_validation_rights.ini"
Sep 16 2007 5:17:56p 165 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\cd_validation_update.ini"
Sep 16 2007 5:17:56p 168 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\devices.ini"
Sep 16 2007 5:17:56p 86 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\deviceshome.ini"
Sep 16 2007 5:17:56p 83 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\nodevice.ini"
Sep 16 2007 5:17:56p 143 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\pd_revocation_rights.ini"
Sep 16 2007 5:17:56p 174 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\pd_validation_failure.ini"
Sep 16 2007 5:17:56p 173 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\pd_validation_rights.ini"
Sep 16 2007 5:17:56p 173 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\pd_validation_update.ini"
Sep 16 2007 5:17:56p 31 A.... "C:\Program Files\Real\RealPlayer\DataCache\Devices\providernamemap.ini"
Sep 16 2007 5:17:56p 1,448 A.... "C:\Program Files\Real\RealPlayer\DataCache\Formats\encoders.ini"
Sep 16 2007 5:17:56p 1,939 A.... "C:\Program Files\Real\RealPlayer\DataCache\Formats\fldrscan.ini"
Sep 16 2007 5:17:58p 10,556 A.... "C:\Program Files\Real\RealPlayer\DataCache\Formats\formats.ini"
Sep 16 2007 5:17:58p 388 A.... "C:\Program Files\Real\RealPlayer\DataCache\GetMedia\getmedia.ini"
Sep 16 2007 5:17:58p 115 A.... "C:\Program Files\Real\RealPlayer\DataCache\GetMedia\getmediahome.ini"
Sep 16 2007 5:17:58p 117 A.... "C:\Program Files\Real\RealPlayer\DataCache\GetMedia\skins.ini"
Sep 16 2007 5:17:58p 188 A.... "C:\Program Files\Real\RealPlayer\DataCache\GetMedia\viz.ini"
Sep 16 2007 5:18:00p 536 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\ak30.ini"
Sep 16 2007 5:18:00p 530 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\bu20.ini"
Sep 16 2007 5:18:00p 229 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\cdrecordingupsell.ini"
Sep 16 2007 5:18:00p 536 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\cn05.ini"
Sep 16 2007 5:18:00p 348 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\default.ini"
Sep 16 2007 5:18:00p 537 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\df44.ini"
Sep 16 2007 5:18:00p 174 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\encoding.ini"
Sep 16 2007 5:18:00p 548 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\fu32.ini"
Sep 16 2007 5:18:00p 536 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\il54.ini"
Sep 16 2007 5:18:00p 174 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\importwizard.ini"
Sep 16 2007 5:18:00p 524 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\jk93.ini"
Sep 16 2007 5:18:00p 38 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\libraryfirstrun.ini"
Sep 16 2007 5:18:00p 720 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\medialibraryshown.ini"
Sep 16 2007 5:18:00p 518 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\normalization.ini"
Sep 16 2007 5:18:00p 506 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\nx61.ini"
Sep 16 2007 5:18:00p 514 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\ok93.ini"
Sep 16 2007 5:18:00p 238 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\pccontrols.ini"
Sep 16 2007 5:18:00p 236 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\pcontrol.ini"
Sep 16 2007 5:18:00p 174 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\playlocaltracks.ini"
Sep 16 2007 5:18:00p 154 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\skins.ini"
Sep 16 2007 5:18:00p 542 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\sn24.ini"
Sep 16 2007 5:18:00p 141 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\testconnection.ini"
Sep 16 2007 5:18:00p 524 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\th53.ini"
Sep 16 2007 5:18:00p 548 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\uf01.ini"
Sep 16 2007 5:18:00p 524 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\vk88.ini"
Sep 16 2007 5:18:00p 524 A.... "C:\Program Files\Real\RealPlayer\DataCache\GPFeat\vt99.ini"
Sep 16 2007 5:18:00p 90 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\about.ini"
Sep 16 2007 5:18:02p 136 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\gsg.ini"
Sep 16 2007 5:18:02p 105 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\myacct.ini"
Sep 16 2007 5:18:02p 130 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\prodsurv.ini"
Sep 16 2007 5:18:02p 170 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\servsupp.ini"
Sep 16 2007 5:18:02p 132 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\techreq.ini"
Sep 16 2007 5:18:02p 122 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\tutorial.ini"
Sep 16 2007 5:18:02p 142 A.... "C:\Program Files\Real\RealPlayer\DataCache\Help\upgrade.ini"
Sep 16 2007 5:18:02p 3,378 A.... "C:\Program Files\Real\RealPlayer\DataCache\howto\howto.ini"
Sep 16 2007 5:18:02p 104 A.... "C:\Program Files\Real\RealPlayer\DataCache\keywords\keywords.ini"
Sep 16 2007 5:18:02p 85 A.... "C:\Program Files\Real\RealPlayer\DataCache\Login\firstrun.ini"
Sep 16 2007 5:18:02p 50 A.... "C:\Program Files\Real\RealPlayer\DataCache\Login\login.ini"
Sep 16 2007 5:18:02p 38 A.... "C:\Program Files\Real\RealPlayer\DataCache\Login\manage.ini"
Sep 16 2007 5:18:02p 95 A.... "C:\Program Files\Real\RealPlayer\DataCache\Login\welcome.ini"
Sep 16 2007 5:18:04p 270 A.... "C:\Program Files\Real\RealPlayer\DataCache\mstore\mstore.ini"
Sep 16 2007 5:18:04p 274 A.... "C:\Program Files\Real\RealPlayer\DataCache\mstore\mstorehome.ini"
Sep 16 2007 5:18:04p 167 A.... "C:\Program Files\Real\RealPlayer\DataCache\musicguide\musicguide.ini"
Sep 16 2007 5:18:04p 171 A.... "C:\Program Files\Real\RealPlayer\DataCache\musicguide\musicguidehome.ini"
Sep 16 2007 5:18:04p 553 A.... "C:\Program Files\Real\RealPlayer\DataCache\prefs\prefs.ini"
Sep 16 2007 5:18:04p 118 A.... "C:\Program Files\Real\RealPlayer\DataCache\Radio\radio.ini"
Sep 16 2007 5:18:04p 122 A.... "C:\Program Files\Real\RealPlayer\DataCache\Radio\radiohome.ini"
Sep 16 2007 5:17:58p 173 A.... "C:\Program Files\Real\RealPlayer\DataCache\RollingStone\rollingstone.ini"
Sep 16 2007 5:17:58p 173 A.... "C:\Program Files\Real\RealPlayer\DataCache\RollingStone\rollingstonehome.ini"
Sep 16 2007 5:18:04p 118 A.... "C:\Program Files\Real\RealPlayer\DataCache\search\search.ini"
Sep 16 2007 5:18:04p 387 A.... "C:\Program Files\Real\RealPlayer\DataCache\sendlink\sendlink.ini"
Sep 16 2007 5:18:04p 116 A.... "C:\Program Files\Real\RealPlayer\DataCache\web\web.ini"
Sep 16 2007 5:18:04p 41 A.... "C:\Program Files\Real\RealPlayer\DataCache\webresources\webresources.ini"
Sep 16 2007 5:18:42p 98,304 A.... "C:\Program Files\Real\RealPlayer\producer\plugins\mp4wrtr.dll"
Sep 16 2007 5:18:42p 282,624 A.... "C:\Program Files\Real\RealPlayer\producer\plugins\rmwrtr.dll"
Sep 16 2007 5:18:42p 69,632 A.... "C:\Program Files\Real\RealPlayer\producer\plugins\smplfsys.dll"
Sep 16 2007 5:18:26p 28,672 A.... "C:\Program Files\Real\RealPlayer\producer\plugins\wm9writer.dll"
Sep 16 2007 5:18:38p 327,767 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\audioresampler.dll"
Sep 16 2007 5:18:38p 847,940 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\encsession.dll"
Sep 16 2007 5:18:38p 241,744 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\hxfilewriter.dll"
Sep 16 2007 5:18:40p 53,321 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\mediasink.dll"
Sep 16 2007 5:18:40p 53,328 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\packetsource.dll"
Sep 16 2007 5:18:40p 86,110 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\rmsessionformat.dll"
Sep 16 2007 5:18:40p 241,736 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\rmwriter.dll"
Sep 16 2007 5:18:40p 69,718 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\rnaudiocodec.dll"
Sep 16 2007 5:18:40p 77,920 A.... "C:\Program Files\Real\RealPlayer\producer\Tools\rnaudiopacketizer.dll"
Sep 16 2007 5:17:14p 398 A.... "C:\Program Files\Real\RealPlayer\Setup\accesspoints\accesspoints.ini"
Sep 25 2007 1:25:20a 9,685,797 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core1.zip"
Sep 25 2007 1:25:22a 10,238,372 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core2.zip"
Sep 25 2007 1:25:22a 4,868,848 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core3.zip"
Aug 15 2007 1:30:46p 86,016 A.... "C:\Program Files\Windows Live\Mail\Proof\prf0009\2\MSSpell3.DLL"
Aug 15 2007 1:30:46p 65 A.... "C:\Program Files\Windows Live\Mail\Proof\prf0009\2\spell.ini"
Sep 25 2007 1:25:24a 3,584 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\launcher.exe"
Sep 25 2007 1:25:26a 348,160 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\msvcr71.dll"
Sep 25 2007 1:25:24a 2,540,904 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\patchjre.exe"
Sep 25 2007 1:25:26a 233,472 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\regutils.dll"
Sep 25 2007 1:25:18a 20,480 A.... "C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\zipper.exe"


Program Folders:

C:\Program Files\

Adobe
Analog Devices
Apple Software Update
ASCII
ASUS
Common Files
ComPlus Applications
Creative
CyberLink
DivX
Dobermann
EPSON
EsetOnlineScanner
Google
Grisoft
Hasbro Interactive
Incomplete
InstallShield Installation Information
Internet Explorer
Java
Lavasoft
LimeWire
Messenger
M‚t‚oM‚dia
Microsoft ActiveSync
Microsoft Calculator Plus
microsoft frontpage
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Visual Studio
Movie Maker
Mozilla Firefox
Mozilla Thunderbird
MSBuild
MSECache
MSN
MSN Games
MSN Gaming Zone
MSN Messenger
MsnMusic
MSXML 4.0
MSXML 6.0
Musicmatch
NCH Swift Sound
NetMeeting
Online Services
Outlook Express
QuickTime
Real
Reference Assemblies
RegCleaner
SoundSpectrum
Spybot - Search & Destroy
Thomson
Tilt Wheel Mouse
Trend Micro
Uninstall Information
Windows Defender
Windows Desktop Search
Windows Journal Viewer
Windows Live
Windows Live Favorites
Windows Live Safety Center
Windows Live Toolbar
Windows Media Bonus Pack for Windows XP
Windows Media Components
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
xerox

C:\Program Files\Common Files\

Adobe
Designer
EasyInfo
InstallShield
Java
L&H
Microsoft Shared
MSSoap
ODBC
Real
Services
SpeechEngines
System
Wise Installation Wizard
xing shared


Add/Remove Programs:

Adobe Flash Player ActiveX
Adobe Flash Player Plugin
ASUS Display Drivers
ATI Display Driver
Plus! MP3 Audio Converter LE
AVG 7.5
AVG Anti-Rootkit Free
AVG Anti-Spyware 7.5
Personal License Update Wizard for Windows Media Player
ESET Online Scanner
Google Updater
Halo Zero - Version 1.8.6.3
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
Call of Duty(R) 2
Doom 3
Call of Duty(R) 2 Demo
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Security Update for Windows XP (KB890046)
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows Genuine Advantage Validation Tool (KB892130)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Windows Installer 3.1 (KB893803)
Update for Windows XP (KB894391)
Hotfix for Windows XP (KB896344)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Update for Windows XP (KB898461)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Update for Windows XP (KB900485)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Update for Windows XP (KB904942)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Microsoft Base Smart Card Cryptographic Service Provider Package
Update for Windows XP (KB910437)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Hotfix for Windows XP (KB914440)
Update for Windows XP (KB914882)
Hotfix for Windows XP (KB915800)
Hotfix for Windows XP (KB915865)
Security Update for Windows XP (KB916281)
Update for Windows XP (KB916595)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Update for Windows XP (KB920342)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Update for Windows XP (KB920872)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Update for Windows XP (KB922582)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Update for Windows XP (KB923845)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Security Update for Windows XP (KB925902)
Hotfix for Windows XP (KB926239)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Update for Windows XP (KB927891)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Update for Windows XP (KB929338)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows XP (KB930178)
Update for Windows XP (KB930916)
Security Update for Windows XP (KB931261)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows XP (KB931784)
Update for Windows XP (KB931836)
Security Update for Windows XP (KB932168)
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Update for Windows XP (KB933360)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Update for Windows XP (KB938828)
Security Update for Windows XP (KB938829)
Security Update for Windows Internet Explorer 7 (KB939653)
Hotfix for Windows Media Player 11 (KB939683)
Security Update for Windows XP (KB941202)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
Mozilla Firefox (2.0.0.7)
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Tray Control
Microsoft Compression Client Pack 1.0 for Windows XP
MSN Music Assistant
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
RealPlayer
Roll
RPG Maker 2000 - Mario
RPG Maker 2000 - Blaze: Soul of the overlord
Spybot - Search & Destroy 1.4
MULTI-DIRECTION OPTICAL MOUSE 1.3
VIA Rhine-Family Fast-Ethernet Adapter
Windows Media Player Skin Importer
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Live OneCare safety scanner
Windows Live Toolbar
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 2
WinRAR archiver
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
XML Paper Specification Shared Components Pack 1.0
MSXML 6.0 Parser (KB933579)
Popup Blocker (Windows Live Toolbar)
Microsoft .NET Framework 3.0
Windows Live Writer
Java(TM) 6 Update 3
Lyra Jukebox Applications
Windows Live Toolbar Extension (Windows Live Toolbar)
MSXML 4.0 SP2 (KB927978)
Microsoft Windows Journal Viewer
Windows Communication Foundation
Windows Live Messenger
OneCare Advisor (Windows Live Toolbar)
GTOneCare
Microsoft .NET Framework 2.0
MSXML 4.0 SP2 Parser and SDK
DivX Codec
Windows Live installer
Windows Workflow Foundation
Microsoft Calculator Plus
Microsoft Silverlight
Microsoft Office XP Professional
QuickTime
Smart Menus (Windows Live Toolbar)
Windows Defender
Apple Software Update
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery Beta
Adobe Reader 8.1.0
Windows Presentation Foundation
MSXML 4.0 SP2 (KB936181)
Windows Live Toolbar
Microsoft .NET Framework 1.1
Windows Live Sign-in Assistant
Call of Duty(R) 2
Windows Live Favorites for Windows Live Toolbar
Ad-Aware 2007
Windows Media Encoder 9 Series
Map Button (Windows Live Toolbar)
Windows Live Mail
Doom 3
SoundMAX
Microsoft SQL Server 2005 Compact Edition [ENU]
ICatch (VI) PC Camera
Call of Duty(R) 2 Demo


Run Values:

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"anvshell"="anvshell.exe"
"LiveNote"="livenote.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"MOUSE32B"="C:\\Program Files\\Tilt Wheel Mouse\\MULTI-DIRECTION OPTICAL MOUSE\\1.3\\Mouse32B.exe"
"LyraHD2TrayApp"="\"C:\\Program Files\\Thomson\\Lyra Jukebox\\LyraHDTrayApp\\LYRAHD2TrayApp.exe\""
"SchedulingAgent"="mstinit.exe /firstlogon"
"AtiPTA"="atiptaxx.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"SchedulingAgent"="mstask.exe"


Bot Check:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"Start"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sharedaccess]
"Start"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
"Start"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"


ShellExecuteHooks:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"



Environment:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Documents and Settings\Sr\My Documents\gimp\2.0\bin;C:\Program Files\QuickTime\QTSystem\
windir REG_EXPAND_SZ %SystemRoot%
OS REG_SZ Windows_NT
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
CLASSPATH REG_SZ .;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
QTJAVA REG_SZ C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

SecurityProviders:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Authentication Packages:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0


Non-Default IFEO Debugger:


Non-Default Installed Components:


HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73fa19d0-2d75-11d2-995d-00c04f98bbc9}
<NO NAME> REG_SZ Web Folders
StubPath REG_SZ
Version REG_SZ 10,0,0,1


Non-Default Safeboot Minimal:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\avg anti-spyware driver
<NO NAME> REG_SZ Driver


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\avg anti-spyware guard
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\windefend
<NO NAME> REG_SZ Service


File Associations:


[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="C:\\PROGRA~1\\MOZILL~1\\FIREFOX.EXE -requestPending -osint -url \"%1\""

[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"

[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"


Finished!
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Shekb » October 14th, 2007, 1:07 pm

Rogue wrote:*=========================*

Using Windows Explore by right-clicking the Start button and left clicking Explore navigate to and find the following files: if found, delete the following:
c:\windows\System32\msethnet.dll
c:\windows\System32\NtmsSvcs.dll

*=========================*

Rogue

I can't find these files with Explore
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 14th, 2007, 1:33 pm

Hi Shekb,

Looking OK so far. How is the PC running after we removed those RATs?


Start in Safe Mode
Please print the instructions below or copy and paste to Notepad since you will not have internet access while in Safe Mode.
  1. Restart your computer
  2. After hearing your computer beep once during startup, but before the Windows icon appears, continually press F8.
  3. Instead of Windows loading as normal, a menu should appear
  4. Select the first option, to run Windows in Safe Mode.

*=========================*

Please run a GMER Rootkit scan:

Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.
This will copy the results to your clipboard.
Paste the results in your next reply.

Warning ! Please, do not select the "Show all" checkbox during the scan.
*=========================*

Resart in Normal Mode
*=========================*


Post the GMER log.

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 14th, 2007, 2:09 pm

Rogue wrote:Hi Shekb,

Looking OK so far. How is the PC running after we removed those RATs?


Start in Safe Mode
Please print the instructions below or copy and paste to Notepad since you will not have internet access while in Safe Mode.
  1. Restart your computer
  2. After hearing your computer beep once during startup, but before the Windows icon appears, continually press F8.
  3. Instead of Windows loading as normal, a menu should appear
  4. Select the first option, to run Windows in Safe Mode.
*=========================*

Please run a GMER Rootkit scan:

Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.
This will copy the results to your clipboard.
Paste the results in your next reply.

Warning ! Please, do not select the "Show all" checkbox during the scan.
*=========================*

Resart in Normal Mode
*=========================*


Post the GMER log.

Rogue
Ohhh, I get it, if I can't see the files, it's because they are gone XD
I thought you were worried about them being STILL there :roll:
Anyway, the computer is running quite fine, I'm gonna post the log in a while, Thanks 8)
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 14th, 2007, 2:35 pm

Hi Shekb,

Sorry I didn't see the post about not finding the files.
Need to make it so you can see them. If they are gone that would be a good thing.

If you would try again doing the following

Enable the Show Hidden Folders option, like this:
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.
*=========================*

Using Windows Explore by right-clicking the Start button and left clicking Explore navigate to and find the following files: if found, delete the following:
c:\windows\System32\msethnet.dll
c:\windows\System32\NtmsSvcs.dll

*=========================*

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 14th, 2007, 2:57 pm

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-14 14:49:26
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT sptd.sys ZwCreateKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload F97F362C 5 Bytes JMP 82A721C8
? System32\Drivers\ajomu3i6.SYS The system cannot find the file specified.

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F9A7E06C] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F9A7E018] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F9AA09AE] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F9A7E06C] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F9A67AD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F9A67C1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F9A67B9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F9A68748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F9A6861E] sptd.sys
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F9A7D29A] sptd.sys

---- Devices - GMER 1.0.13 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 82BD91E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 82BD91E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 829541E8
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 829541E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 82A711E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 82B6F1E8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 82B6F1E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 82A711E8
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_CREATE [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_CREATE_NAMED_PIPE [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_CLOSE [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_READ [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_WRITE [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_QUERY_INFORMATION [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SET_INFORMATION [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_QUERY_EA [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SET_EA [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_FLUSH_BUFFERS [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_QUERY_VOLUME_INFORMATION [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SET_VOLUME_INFORMATION [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_DIRECTORY_CONTROL [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_FILE_SYSTEM_CONTROL [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_DEVICE_CONTROL [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_INTERNAL_DEVICE_CONTROL [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SHUTDOWN [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_LOCK_CONTROL [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_CLEANUP [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_CREATE_MAILSLOT [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_QUERY_SECURITY [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SET_SECURITY [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_POWER [F9A76EA8] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SYSTEM_CONTROL [F9A9A2C8] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_DEVICE_CHANGE [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_QUERY_QUOTA [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_SET_QUOTA [F9A9DB0E] sptd.sys
Device \Driver\PCI_NTPNP2422 \Device\00000053 IRP_MJ_PNP [F9A9B238] sptd.sys
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CREATE 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CLOSE 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_POWER 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_PNP 82A4F1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Shekb » October 14th, 2007, 2:58 pm

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 82BDB1E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 82A41638
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 82A41638
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CREATE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_CLOSE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_POWER 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_SYSTEM_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 IRP_MJ_PNP 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLOSE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_POWER 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SYSTEM_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_PNP 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CLOSE 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_POWER 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SYSTEM_CONTROL 82BDA1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_PNP 82BDA1E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 82A711E8
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 82A711E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CREATE 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CLOSE 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_POWER 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 82A4F1E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_PNP 82A4F1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 82BDB1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 82BDB1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_CREATE 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_CLOSE 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_DEVICE_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_POWER 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_SYSTEM_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61 IRP_MJ_PNP 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_CREATE 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_CLOSE 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_POWER 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 82A3C1E8
Device \Driver\ajomu3i6 \Device\Scsi\ajomu3i61Port2Path0Target0Lun0 IRP_MJ_PNP 82A3C1E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 829541E8
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 829541E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 829271E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 829271E8
Device \FileSystem\Cdfs \Cdfs FastIoCheckIfPossible F925ABCE

---- Files - GMER 1.0.13 ----

ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\mak_makalister@hotmail.com\SharingMetadata\x_roxy_1255@hotmail.com\DFSR\Staging\CS{1AF82CC4-CB9F-7BB3-02EB-FC6A1F68F959}\01\10-{1AF82CC4-CB9F-7BB3-02EB-FC6A1F68F959}-v1-{BFC6E304-438F-46FA-8958-6768924A29C0}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\01\88-{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}-v1-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\25\89-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v25-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v89-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\26\90-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v26-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v90-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\27\91-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v27-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\27\91-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v27-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\28\92-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v28-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v92-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\28\92-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v28-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v92-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\29\93-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v29-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v93-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\29\93-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v29-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v93-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\30\94-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v30-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v94-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\30\94-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v30-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v94-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\31\95-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v31-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\31\95-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v31-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\32\96-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v32-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\32\96-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v32-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\33\97-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v33-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\33\97-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v33-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\34\98-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v34-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\34\98-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v34-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\35\99-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v35-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v99-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\35\99-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v35-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v99-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\36\100-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v36-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v100-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\36\100-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v36-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v100-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\37\101-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v37-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v101-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Sr\Local Settings\Application Data\Microsoft\Messenger\roy.seb@hotmail.com\SharingMetadata\fox_1_2_3_4_5@hotmail.com\DFSR\Staging\CS{CB02BC0F-6533-0DAF-E812-612F9C2DE47C}\37\101-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v37-{27CC4563-01F1-4BCA-B96C-887337607ED5}-v101-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Sr\Local Settings\Applicat
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 14th, 2007, 5:02 pm

Hi Shekb,
This was our most recent file System32\Drivers\ajomu3i6.SYS If you can verfiy with AVG RK that it is still the name of it. Then do the following.
If nothing is found I am at a loss and will consult with some people

Download IceSword
http://majorgeeks.com/Icesword_d5199.html
Extract from zip folder and click on IceSword.exe to run.
This is in two parts
Part One:
On the left menu bar is a File tab.
Use this like windows explorer to navigate to c:\windows\system32/drivers folder.
Then scroll down through the files which are listed alphabetically until you find our mystery file.
Highlight the line and right click with mouse.Use Copy To file function
Save it to your desktop
Save as suspect.sys

Part Two:
Click the Win32 Service under Functions on the left Menu Bar
If any red entries are found:
Click the LOG button at the top of the screen
Save the log to a place where you can easily find it with the name ISservice-list.txt
Please post ISservicelist.txt in your next post, or let me know that there were no red entries.
*=========================*

Please Submit File to VirusTotal for analysis if our file has been found

Click Virus Total Site

Use the "Browse" button and locate the following file on your computer:

suspect.sys

Click the "Submit" button.
Please copy and post (reply) with the results
Do the above steps for each file listed
*=========================*

Please post any results

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 14th, 2007, 5:15 pm

The rootkit has changed name because of the reboot, but I will still try
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Shekb » October 14th, 2007, 5:18 pm

I can't download Icesword, the link is broken
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 14th, 2007, 5:43 pm

Intresting I downloaded it just before I posted it.
Any way this one works
http://mail.ustc.edu.cn/%7Ejfpan/downlo ... d122en.zip
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah

Unread postby Shekb » October 14th, 2007, 5:52 pm

Icesword is unable to see the file, I still can't find it
Shekb
Regular Member
 
Posts: 62
Joined: October 2nd, 2007, 5:51 pm

Unread postby Rogue » October 15th, 2007, 2:35 pm

Hi Shekb,

The only tool that see's this thing is AVG RK and GMER which reports it as 'missing'. Since none of the tools are able to capture this thing I'm going to have to consult with some others as to how to get a copy.
I really believe it's part of one of the games you have installed but want to make sure before sending you on your way.

I'll be back as soon as I can.

Rogue
User avatar
Rogue
MRU Teacher Emeritus
 
Posts: 4782
Joined: November 3rd, 2005, 3:21 pm
Location: Salt Lake City, Utah
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 331 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware