BleepingComputer.com: Hit by Cloud AV, TDSSKiller does not find anything

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • This topic is locked

Hit by Cloud AV, TDSSKiller does not find anything (Cloud AV/recurring Google redirects/trojan downloads)

#1 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 27 November 2011 - 10:08 PM

I have Windows 7 Home version, connected to the net by router and ethernet cable. I was hit by Cloud AV two days ago, on 11/25/11. At that time I did not have any anti-virus protection up and also the Windows Firewall was down (my bad -- this I imagine is what let it through so easily). I dl-ed and ran Malware Bytes, and it got rid of the major symptoms of Cloud AV easily. This particular version of Cloud AV claimed that 'mbam is infected and cannot run' etc. but nonetheless was unable to stop Malware Bytes from running, even though I had not renamed the exe file in order for it to fool Cloud AV.

Since then the following symptoms continue to manifest:

-- I cannot turn on Windows Firewall, I get 'Error Code 0x8007042c'

-- The OS installs an infected file, 'PUP.BitMiner' on every reboot, although Malware Bytes has no problem removing it each time.

-- Google (and occasionally some other sites such as Bleeping Computer) redirect or pop-up to advert pages, and I also once got a pop-page for sex ads, etc.

-- For awhile MS Internet Explorer was jamming up and freezing instantly whenever I attempt to boot it up to browse the web. This started from the time Cloud AV first hit my computer and continued up until today (11/27), I just managed to boot it up and see the net on IE for the very first time right now.

-- The computer attempts to DL a trojan whenever I am browsing the net for a certain period of time. I now have AdAware and Windows Defender running, they manage to block it).

I did run TDSSKiller, it cannot find anything on the OS.
When I did not have the ethernet cable plugged into the computer and there was therefore no connection to the web, i was ableo to open Internet Explorer fine. I checked for possible reroute to proxies for this browser by going thru the menu to 'Tools/Internet Options/Connections/LAN settings' and the box 'Use a proxy server for your LAN' is not checkmarked.

(Below are the DDS reports. I was running with Ad-Aware and Windows Defender when I ran DDS but they did not appear, at least, to be interfering with the scripts. My OS is 64-bit so as per your 'how to post' instrux I did not bother to run GMER.

Yours, "Stromberg"

***************************

DDS REPORT:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Run by Jamal at 20:56:48 on 2011-11-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4023.1815 [GMT -6:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uDefault_Page_URL = hxxp://www.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Jamal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{874422C5-865C-4321-BD41-9AB4CC544178} : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jamal\AppData\Roaming\Mozilla\Firefox\Profiles\ll7lokzb.default\
FF - component: C:\Users\Jamal\AppData\Roaming\Mozilla\Firefox\Profiles\ll7lokzb.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Jamal\AppData\Roaming\Move Networks\plugins\npqmp071700000016.dll
FF - plugin: C:\Users\Jamal\AppData\Roaming\Mozilla\Firefox\Profiles\ll7lokzb.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-3 2152152]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-11-25 17152]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe [2010-12-27 25832]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-28 01:58:28 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B663CB67-512F-4DAB-BFFD-2CC05EB47805}\offreg.dll
2011-11-26 06:52:58 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-26 06:51:55 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-11-26 06:51:55 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-11-26 06:51:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-11-26 06:51:55 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-11-26 06:51:55 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-11-26 06:51:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-11-26 06:51:51 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-11-26 06:48:16 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-11-26 06:48:16 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-11-26 06:48:16 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-11-26 06:45:17 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B663CB67-512F-4DAB-BFFD-2CC05EB47805}\mpengine.dll
2011-11-26 04:32:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-26 04:28:00 -------- d-----w- C:\Users\Jamal\AppData\Roaming\Malwarebytes
2011-11-26 04:27:57 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-26 04:27:54 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-26 04:22:53 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-11-26 03:37:54 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-11-26 03:33:32 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-11-26 03:33:27 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-11-26 03:26:08 -------- d-----w- C:\Users\Jamal\AppData\Roaming\vjYCekIVrOtAu2b
2011-11-26 03:26:02 -------- d-----w- C:\Users\Jamal\AppData\Roaming\JtzPNycA1v2b4m5
2011-11-26 03:26:02 -------- d-----w- C:\Users\Jamal\AppData\Roaming\dQJ6dEK8fZhXjCl
2011-11-26 03:23:16 -------- d-----w- C:\Users\Jamal\AppData\Roaming\P5sQJ7dEKgZ
2011-11-26 03:23:16 -------- d-----w- C:\Users\Jamal\AppData\Roaming\OhYXwjUVeItPyAu
2011-11-26 03:18:20 -------- d-----w- C:\Users\Jamal\AppData\Roaming\QlOBtxP0ySiDoF
2011-11-26 03:18:20 -------- d-----w- C:\Users\Jamal\AppData\Roaming\FqhYCwkUV
2011-11-26 02:53:09 -------- d-----w- C:\Users\Jamal\AppData\Roaming\xVelIBtzPyAuDoF
2011-11-26 02:53:08 -------- d-----w- C:\Users\Jamal\AppData\Roaming\w8gRZ9hYXj
2011-11-26 02:49:22 -------- d-----w- C:\Users\Jamal\AppData\Roaming\1BE50
2011-11-26 02:48:49 -------- d-----w- C:\Users\Jamal\AppData\Roaming\6C41B
2011-11-26 02:48:36 -------- d-----w- C:\Users\Jamal\AppData\Roaming\xUUVVelOBtzP0c1
2011-11-26 02:48:35 -------- d-----w- C:\Users\Jamal\AppData\Roaming\u77ddELL8gZqhXw
2011-11-26 02:48:31 -------- d-----w- C:\Users\Jamal\AppData\Roaming\lQQJJ7ddEK8RZhY
2011-11-26 02:48:30 -------- d-----w- C:\Users\Jamal\AppData\Roaming\uddEEL88gRZh
2011-11-26 02:48:30 -------- d-----w- C:\Users\Jamal\AppData\Roaming\jcccS11ivD3oF4m
2011-11-26 02:48:20 -------- d-----we C:\Windows\system64
2011-11-13 07:12:04 -------- d-----w- C:\Users\Jamal\AppData\Local\Apple
2011-11-05 01:01:17 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2011-11-05 01:01:09 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2011-11-05 01:01:07 150696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2011-11-05 01:01:07 107008 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
.
==================== Find3M ====================
.
2011-11-18 19:40:27 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-05 01:01:05 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-11-05 01:01:05 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-10-24 20:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 20:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-29 16:24:44 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-09-29 04:09:30 3141120 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 20:57:12.38 ===============

#2 User is offline   JSntgRvr 

  • Master Surgeon General
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 5,956
  • Joined: 04-March 06
  • Gender:Male
  • Location:Puerto Rico

Posted 27 November 2011 - 10:12 PM

:welcome:

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
Posted Image

#3 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:21 AM

Thanx very much for your help! :-)

Here is the txt file that Farbar generated for me:

****************************************************************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-11-25 22:52 - 2011-02-18 21:32 - 0034304 ____A (Ad

#4 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:24 AM

I think the logfile did not post correctly the first time, as for some reason the connection cut out on me in mid post. Hopefully this time I can give you the complete file:

*********************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-11-25 22:52 - 2011-02-18 21:32 - 0034304 ____A (Adobe

I think the logfile did not post correctly the first time, as for some reason the connection cut out on me in mid post. Hopefully this time I can give you the complete file:

*********************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-11-25 22:52 - 2011-02-18 21:32 - 0034304 ____A (Adobe

I think the logfile did not post correctly the first time, as for some reason the connection cut out on me in mid post. Hopefully this time I can give you the complete file:

*********************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-11-25 22:52 - 2011-02-18 21:32 - 0034304 ____A (Adobe

I think the logfile did not post correctly the first time, as for some reason the connection cut out on me in mid post. Hopefully this time I can give you the complete file:

*********************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-11-25 22:52 - 2011-02-18 21:32 - 0034304 ____A (Adobe

#5 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#6 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#7 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#8 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#9 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#10 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#11 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#12 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#13 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#14 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

#15 User is offline   Stromberg 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 12
  • Joined: 27-November 11

Posted 28 November 2011 - 04:33 AM

Connection to this page continues to cut out in mid-post, for some reason. I will try one more time right now to post you the full log, if it does not work, then I will have a try tomorrow from another computer at another connection:

****************************************

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.0
Ran by SYSTEM at 2011-11-28 02:11:27
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [273528 2011-11-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Jamal\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Jamal\...\Run: [IwwjjUVeelBtzNy] C:\Users\Jamal\AppData\Roaming\dwme.exe [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-11-03] (Lavasoft Limited)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

========================== Drivers (Whitelisted) =============

3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [116240 2010-07-15] (ATI Technologies, Inc.)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-11-25] ()
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-11-03] (Lavasoft AB)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-28 02:11 - 2011-11-28 02:11 - 0000000 ____D C:\FRST
2011-11-27 18:58 - 2011-11-27 18:58 - 0005172 ____A C:\Users\Jamal\Desktop\Attach.txt
2011-11-27 18:57 - 2011-11-27 18:57 - 0017008 ____A C:\Users\Jamal\Desktop\DDS.txt
2011-11-27 18:56 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Desktop\dds.scr
2011-11-27 18:54 - 2011-11-27 18:54 - 0607260 ____R (Swearware) C:\Users\Jamal\Downloads\dds.scr
2011-11-27 17:21 - 2011-11-27 17:21 - 0000244 ____A C:\Users\Jamal\Downloads\defogger_enable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000472 ____A C:\Users\Jamal\Downloads\defogger_disable.log
2011-11-27 17:19 - 2011-11-27 17:21 - 0000000 ____A C:\Users\Jamal\defogger_reenable
2011-11-27 17:18 - 2011-11-27 17:18 - 0050477 ____A C:\Users\Jamal\Downloads\Defogger.exe
2011-11-27 16:06 - 2011-11-27 16:12 - 0001941 ____A C:\Users\Jamal\Desktop\CLOUD REPORT.txt
2011-11-26 15:15 - 2011-11-26 15:18 - 14761224 ____A (Mozilla) C:\Users\Jamal\Downloads\Firefox Setup 8.0.1.exe
2011-11-26 15:12 - 2011-11-26 15:14 - 0072378 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.12.59_log.txt
2011-11-26 15:12 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Desktop\tdsskiller.exe
2011-11-26 15:08 - 2011-11-26 15:09 - 0142860 ____A C:\TDSSKiller.2.6.21.0_26.11.2011_17.08.58_log.txt
2011-11-26 15:08 - 2011-11-26 15:08 - 1566512 ____A (Kaspersky Lab ZAO) C:\Users\Jamal\Downloads\tdsskiller.exe
2011-11-25 23:06 - 2011-11-25 23:07 - 0002323 ____A C:\Windows\IE9_main.log
2011-11-25 22:54 - 2011-09-30 21:24 - 9326080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-11-25 22:54 - 2011-09-30 20:42 - 5990912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-11-25 22:54 - 2011-08-19 21:44 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-11-25 22:54 - 2011-08-19 21:40 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-11-25 22:54 - 2011-08-19 20:38 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-11-25 22:54 - 2011-08-19 20:35 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-11-25 22:53 - 2011-09-30 19:21 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-11-25 22:53 - 2011-09-30 18:59 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-11-25 22:53 - 2011-08-19 21:45 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-11-25 22:53 - 2011-08-19 21:44 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-11-25 22:53 - 2011-08-19 21:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 21:41 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-11-25 22:53 - 2011-08-19 21:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-11-25 22:53 - 2011-08-19 21:37 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-11-25 22:53 - 2011-08-19 20:38 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-11-25 22:53 - 2011-08-19 20:36 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-11-25 22:53 - 2011-08-19 20:35 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-11-25 22:53 - 2011-08-19 20:34 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-11-25 22:53 - 2011-08-19 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-11-25 22:53 - 2011-08-19 20:20 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-11-25 22:53 - 2011-08-19 19:26 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-11-25 22:53 - 2011-07-15 21:26 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-11-25 22:53 - 2011-07-15 21:26 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-11-25 22:53 - 2011-07-15 21:24 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-11-25 22:53 - 2011-07-15 21:21 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 21:17 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-11-25 22:53 - 2011-07-15 21:04 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 21:04 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:36 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-11-25 22:53 - 2011-07-15 20:31 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-11-25 22:53 - 2011-07-15 20:30 - 1048576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-11-25 22:53 - 2011-07-15 20:30 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 20:19 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:26 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-11-25 22:53 - 2011-07-15 18:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-11-25 22:53 - 2011-07-15 18:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:53 - 2011-07-15 18:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:53 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-11-25 22:53 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-11-25 22:53 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-11-25 22:53 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-11-25 22:53 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-11-25 22:53 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-11-25 22:53 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-11-25 22:53 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-11-25 22:52 - 2011-09-29 08:24 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-25 22:52 - 2011-09-28 20:09 - 3141120 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-11-25 22:52 - 2011-08-26 21:40 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 21:40 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-11-25 22:52 - 2011-08-26 20:43 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2011-11-25 22:52 - 2011-08-16 21:32 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 21:27 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 21:27 - 0075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2011-11-25 22:52 - 2011-08-16 20:26 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2011-11-25 22:52 - 2011-08-16 20:22 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2011-11-25 22:52 - 2011-08-16 20:22 - 0059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2011-11-25 22:52 - 2011-07-08 21:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-11-25 22:52 - 2011-07-08 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-11-25 22:52 - 2011-07-08 18:44 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-11-25 22:52 - 2011-06-15 21:31 - 0199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2011-11-25 22:52 - 2011-06-15 20:35 - 0180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:58 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2011-11-25 22:52 - 2011-06-15 01:04 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2011-11-25 22:52 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-11-25 22:52 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-11-25 22:52 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-11-25 22:52 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-11-25 22:52 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-11-25 22:52 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-11-25 22:52 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-11-25 22:52 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-11-25 22:52 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-11-25 22:52 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-11-25 22:52 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-11-25 22:52 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-11-25 22:52 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-11-25 22:52 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-11-25 22:52 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-11-25 22:52 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-11-25 22:52 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-11-25 22:52 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\Syst

Share this topic:


  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users