Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM found Trojan dropper 100% cpu usage webpages not opening


  • This topic is locked This topic is locked
30 replies to this topic

#1 DEATHlLINK

DEATHlLINK

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 10 June 2010 - 01:58 AM

I originally posted in the am i infected topic and Boopme had me run smitfraud which access was denied then i was directed to run these and post the logs here. Topic referenced is here: http://www.bleepingcomputer.com/forums/t/323019/mbam-found-trojandropper-please-help/ ~ OB


DDS (Ver_10-03-17.01) - NTFSx86
Run by DEATH-ZZ at 22:48:04.19 on Wed 06/09/2010
Internet Explorer: 8.0.6001.18928
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1599 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\DEATH-ZZ\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2010\IEToolbar.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2010\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2010\IEShow.exe"
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\death-zz\appdata\roaming\mozilla\firefox\profiles\atxj8cqo.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-5 164048]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\drivers\BdfNdisf6.sys [2009-6-26 72784]
R1 SASDIFSV;SASDIFSV;c:\users\death-zz\appdata\local\temp\sas_selfextract\sasdifsv.sys [2010-6-9 9968]
R1 SASKUTIL;SASKUTIL;c:\users\death-zz\appdata\local\temp\sas_selfextract\SASKUTIL.SYS [2010-6-9 74480]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2010-5-25 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-5 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-5 51792]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-5 40384]
R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2010\bdvedisk.sys [2009-4-1 85128]
R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2009-6-29 153448]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2010-5-25 111616]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2009-6-26 183880]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-5 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-5 40384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

=============== Created Last 30 ================

2010-06-10 05:45:44 0 ----a-w- c:\users\death-zz\defogger_reenable
2010-06-09 06:43:23 0 d-sh--w- C:\$RECYCLE.BIN
2010-06-09 06:32:06 98816 ----a-w- c:\windows\sed.exe
2010-06-09 06:32:06 77312 ----a-w- c:\windows\MBR.exe
2010-06-09 06:32:06 256512 ----a-w- c:\windows\PEV.exe
2010-06-09 06:32:06 161792 ----a-w- c:\windows\SWREG.exe
2010-06-09 06:06:58 0 d-----w- c:\users\death-zz\appdata\roaming\SUPERAntiSpyware.com
2010-06-09 06:06:58 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-06-08 18:52:50 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-08 18:52:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-08 18:52:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-05 22:26:36 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-05 22:25:43 0 d-----w- c:\programdata\Alwil Software
2010-06-05 01:54:54 0 d-----w- c:\users\death-zz\appdata\roaming\Malwarebytes
2010-06-05 01:54:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-05 01:54:44 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-05 01:54:44 0 d-----w- c:\programdata\Malwarebytes
2010-06-05 01:54:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-04 19:14:22 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-26 17:12:10 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-05-26 15:21:18 0 d-----w- c:\programdata\Yahoo!
2010-05-26 15:19:39 0 d-----w- c:\program files\Yahoo!
2010-05-26 04:16:42 0 d-----w- c:\programdata\Sun
2010-05-26 04:14:35 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-26 03:57:01 0 d-----w- c:\windows\system32\Adobe
2010-05-26 03:06:15 0 d-----w- c:\program files\Windows Portable Devices
2010-05-26 03:04:40 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-05-26 03:03:37 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-05-26 03:03:37 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-05-26 03:03:37 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-05-26 03:01:27 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-05-26 03:01:26 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-05-26 03:01:26 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-05-26 02:47:50 0 d-----w- c:\windows\system32\vi-VN
2010-05-26 02:47:50 0 d-----w- c:\windows\system32\eu-ES
2010-05-26 02:47:50 0 d-----w- c:\windows\system32\ca-ES
2010-05-26 02:36:14 0 d-----w- c:\windows\system32\EventProviders
2010-05-26 02:19:59 67584 ----a-w- c:\windows\system32\slwmi.dll
2010-05-26 02:18:57 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-05-26 02:18:57 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-05-26 02:18:57 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-05-26 02:18:57 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-05-26 02:18:57 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-05-26 02:18:57 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-05-26 02:18:57 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-05-26 02:18:56 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-05-26 02:18:54 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-05-26 02:18:54 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-05-26 02:18:50 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-05-26 02:03:29 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-05-26 01:56:02 0 d-----w- c:\programdata\Office Genuine Advantage
2010-05-26 01:49:30 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-05-26 01:49:29 270848 ----a-w- c:\windows\system32\schannel.dll
2010-05-26 01:19:53 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-05-26 01:12:21 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-05-25 21:52:43 52 ----a-w- c:\windows\system32\ashttpstats.csv
2010-05-25 21:18:07 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-05-25 21:17:52 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
2010-05-25 21:06:02 57667 ----a-w- c:\windows\system32\ieuinit.inf
2010-05-25 21:01:58 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-05-25 21:01:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-05-25 21:01:52 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-05-25 21:00:12 0 d-----w- c:\program files\MSXML 4.0
2010-05-25 20:59:18 2868224 ----a-w- c:\windows\system32\mf.dll
2010-05-25 20:59:17 98816 ----a-w- c:\windows\system32\mfps.dll
2010-05-25 20:59:17 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-05-25 20:59:17 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-05-25 20:59:16 2048 ----a-w- c:\windows\system32\mferror.dll
2010-05-25 20:58:41 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-05-25 20:54:37 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-25 20:54:26 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-25 20:54:21 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-05-25 20:53:13 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-05-25 20:53:12 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-05-25 20:53:12 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-05-25 20:53:12 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-05-25 20:53:12 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-05-25 20:53:12 10240 ----a-w- c:\windows\system32\finger.exe
2010-05-25 20:53:11 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-05-25 20:53:11 17920 ----a-w- c:\windows\system32\netevent.dll
2010-05-25 20:53:11 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-05-25 20:51:58 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-05-25 20:50:59 243712 ----a-w- c:\windows\system32\rastls.dll
2010-05-25 19:55:38 385 ----a-w- c:\windows\system32\user_gensett.xml
2010-05-25 19:53:51 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-05-25 19:30:14 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-05-25 19:30:13 98304 ----a-w- c:\windows\system32\cabview.dll
2010-05-25 19:26:42 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-05-25 19:26:42 16 ----a-w- c:\windows\system32\asdict.dat
2010-05-25 19:26:42 0 ----a-w- c:\windows\system32\pcwords.dat
2010-05-25 19:26:42 0 ----a-w- c:\windows\system32\pc_sign.slf
2010-05-25 19:26:42 0 ----a-w- c:\windows\system32\ab_bl.sig
2010-05-25 19:23:01 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-05-25 19:22:48 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-05-25 19:22:41 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-05-25 19:22:41 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-05-25 19:13:11 0 d-----w- c:\users\death-zz\appdata\roaming\BitDefender
2010-05-25 19:13:03 0 d-----w- c:\program files\common files\MSSoap
2010-05-25 19:13:03 0 d-----w- C:\Binaries
2010-05-25 19:12:45 0 d-----w- c:\programdata\BitDefender
2010-05-25 19:12:45 0 d-----w- c:\program files\BitDefender
2010-05-25 19:11:35 0 d-----w- c:\windows\system32\URTTEMP
2010-05-25 19:11:07 0 d-----w- c:\program files\common files\BitDefender
2010-05-25 18:49:06 0 d-----w- c:\windows\Panther
2010-05-25 18:48:53 8192 --s-a-r- C:\BOOTSECT.BAK
2010-05-25 18:48:51 333257 --sha-r- C:\bootmgr
2010-05-25 18:48:51 0 d-----w- C:\Boot
2010-05-25 18:48:37 304920 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-05-25 18:48:18 24 ---ha-r- c:\windows\dell_version
2010-05-25 18:48:18 0 d-----w- c:\windows\system32\OEM
2010-05-25 18:46:54 76 --sh--r- c:\windows\CT4CET.bin
2010-05-25 18:46:16 0 d-----w- c:\program files\common files\Reallusion
2010-05-25 18:45:53 5627904 ----a-w- c:\windows\system32\LiveCamVirtual.ocx
2010-05-25 18:45:19 0 d-----w- c:\program files\Creative Live! Cam
2010-05-25 18:44:50 0 d-----w- c:\program files\Creative
2010-05-25 18:40:22 0 d-----w- c:\programdata\CyberLink
2010-05-25 18:39:51 89088 ----a-w- c:\windows\system32\atl71.dll
2010-05-25 18:35:11 16052 ----a-w- c:\windows\system32\results.xml
2010-05-25 18:32:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-05-25 18:32:11 0 d-----w- c:\program files\DellTPad
2010-05-25 18:31:57 164400 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2010-05-25 18:31:57 1419232 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2010-05-25 18:31:57 100542 ----a-w- c:\windows\system32\Vxdif.dll
2010-05-25 18:29:10 920088 ----a-w- c:\windows\system32\igxpun.exe
2010-05-25 18:29:10 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-05-25 18:29:10 0 d-----w- c:\windows\system32\Lang
2010-05-25 18:28:07 0 d-----w- c:\program files\Marvell
2010-05-25 18:27:44 0 d-----w- c:\users\death-zz\appdata\roaming\TMP
2010-05-25 18:23:51 0 d-----w- c:\program files\Cisco
2010-05-25 18:23:13 987136 ----a-w- c:\windows\system32\BCMLogon.dll
2010-05-25 18:21:43 7424 ----a-w- c:\windows\system32\drivers\OEM02Vfx.sys
2010-05-25 18:20:58 0 d-----w- c:\program files\CONEXANT
2010-05-25 18:20:41 986624 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2010-05-25 18:20:41 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2010-05-25 18:20:41 8192 ----a-w- c:\windows\system32\drivers\XAudio.sys
2010-05-25 18:20:41 659968 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2010-05-25 18:20:41 386560 ----a-w- c:\windows\system32\drivers\XAudio.exe
2010-05-25 18:20:41 206848 ----a-w- c:\windows\system32\drivers\HSXHWAZL.sys
2010-05-25 18:20:41 172032 ----a-w- c:\windows\system32\Uci32114.dll
2010-05-25 18:20:41 144360 ----a-w- c:\windows\system32\drivers\del1028.cty
2010-05-25 18:20:41 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2010-05-25 18:19:27 0 d-----w- C:\Intel
2010-05-25 18:17:55 90112 ----a-w- c:\windows\system32\snymsico.dll
2010-05-25 18:17:55 42496 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2010-05-25 18:17:55 39936 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2010-05-25 18:17:55 37376 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2010-05-25 18:17:55 16480 ----a-w- c:\windows\system32\rixdicon.dll
2010-05-25 18:16:17 0 d-----w- c:\program files\SigmaTel
2010-05-25 18:11:25 0 d-----w- C:\Dell
2010-05-25 18:11:19 0 d-----w- c:\programdata\SupportSoft
2010-05-25 18:11:07 0 d-----w- c:\program files\Dell Support Center
2010-05-25 18:11:06 0 d-----w- c:\program files\common files\supportsoft
2010-05-25 18:10:52 0 d-----w- c:\programdata\Dell
2010-05-25 18:08:20 0 d-----w- c:\windows\system32\vmm32
2010-05-25 18:08:20 0 d-----w- c:\program files\Dell
2010-05-25 18:06:32 0 d-sh--w- c:\windows\Installer

==================== Find3M ====================

2010-05-26 03:06:12 86016 ----a-w- c:\windows\inf\infstor.dat
2010-05-26 03:06:12 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-26 03:06:12 51200 ----a-w- c:\windows\inf\infpub.dat
2010-05-26 03:06:12 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-05-26 02:43:20 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2010-05-25 19:35:44 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys
2010-05-25 19:35:43 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys
2010-05-25 19:34:58 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2010-05-25 19:28:29 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 22:50:27.65 ===============
Attached File  Attach.zip   3.21KB   5 downloads
Attached File  ark.zip   61.39KB   8 downloads


EDIT:Adding OP omboFix log~~boopme

Here is my combo fix log
ComboFix 10-06-08.03 - DEATH-ZZ 06/08/2010 23:33:03.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1405 [GMT -7:00]
Running from: c:\users\DEATH-ZZ\Desktop\schrauber.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\oem11.inf

.
((((((((((((((((((((((((( Files Created from 2010-05-09 to 2010-06-09 )))))))))))))))))))))))))))))))
.

2010-06-09 06:40 . 2010-06-09 06:40 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\temp
2010-06-09 06:40 . 2010-06-09 06:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-09 06:06 . 2010-06-09 06:06 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\SUPERAntiSpyware.com
2010-06-09 06:06 . 2010-06-09 06:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-06-08 18:52 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-08 18:52 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-08 18:52 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-06 21:32 . 2010-06-06 21:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-05 22:26 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-05 22:26 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-05 22:26 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-05 22:26 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-05 22:26 . 2010-05-06 20:34 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-05 22:25 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-06-05 22:25 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-05 22:25 . 2010-06-05 22:25 -------- d-----w- c:\programdata\Alwil Software
2010-06-05 22:25 . 2010-06-05 22:25 -------- d-----w- c:\program files\Alwil Software
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\Malwarebytes
2010-06-05 01:54 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\programdata\Malwarebytes
2010-06-05 01:54 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-04 20:03 . 2010-06-04 20:03 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Mozilla
2010-06-04 19:14 . 2010-05-21 21:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-26 15:22 . 2010-05-26 15:22 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\Yahoo!
2010-05-26 15:22 . 2010-05-26 15:22 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Yahoo
2010-05-26 15:21 . 2010-05-26 15:21 -------- d-----w- c:\windows\system32\Macromed
2010-05-26 15:21 . 2010-05-26 15:21 -------- d-----w- c:\programdata\Yahoo!
2010-05-26 15:21 . 2010-04-20 23:45 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2010-05-26 15:19 . 2010-05-26 15:21 -------- d-----w- c:\program files\Yahoo!
2010-05-26 04:16 . 2010-05-26 04:16 -------- d-----w- c:\program files\Common Files\Java
2010-05-26 04:14 . 2010-05-26 04:14 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-26 04:14 . 2010-05-26 04:14 -------- d-----w- c:\program files\Java
2010-05-26 03:57 . 2010-05-26 03:57 -------- d-----w- c:\windows\system32\Adobe
2010-05-26 03:19 . 2010-05-26 03:23 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Deployment
2010-05-26 03:19 . 2010-05-26 03:19 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Apps
2010-05-26 03:06 . 2010-05-26 03:06 -------- d-----w- c:\program files\Windows Portable Devices
2010-05-26 03:04 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-05-26 03:04 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-05-26 03:04 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-05-26 03:04 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-05-26 03:04 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-05-26 03:04 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-05-26 03:04 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-05-26 03:04 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-05-26 03:04 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-05-26 03:04 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-05-26 03:04 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-05-26 03:04 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-05-26 03:03 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-05-26 03:03 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-05-26 03:03 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-05-26 03:01 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-05-26 03:01 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-05-26 03:01 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\ca-ES
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\eu-ES
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\vi-VN
2010-05-26 02:36 . 2010-05-26 02:36 -------- d-----w- c:\windows\system32\EventProviders
2010-05-26 02:19 . 2009-04-11 06:28 199680 ----a-w- c:\windows\system32\WebClnt.dll
2010-05-26 02:18 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-05-26 02:18 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-05-26 02:18 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-05-26 02:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-05-26 02:18 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-05-26 02:18 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-05-26 02:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-05-26 02:18 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-05-26 02:18 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-05-26 02:18 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-05-26 02:18 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-05-26 02:03 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-05-26 01:56 . 2010-05-26 01:56 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-05-26 01:49 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-05-26 01:49 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-05-26 01:19 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-05-26 01:12 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-05-25 21:29 . 2010-05-25 21:29 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\WindowsUpdate
2010-05-25 21:18 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-05-25 21:17 . 2010-05-25 21:17 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Dell
2010-05-25 21:01 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-05-25 21:01 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-05-25 21:01 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-05-25 21:00 . 2010-05-25 21:00 -------- d-----w- c:\program files\MSXML 4.0
2010-05-25 20:59 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2010-05-25 20:59 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll
2010-05-25 20:59 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-05-25 20:59 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-05-25 20:59 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll
2010-05-25 20:58 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-05-25 20:54 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-25 20:54 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-25 20:54 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-05-25 20:53 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-05-25 20:53 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-05-25 20:53 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-05-25 20:53 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-05-25 20:53 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-05-25 20:53 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2010-05-25 20:53 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2010-05-25 20:53 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-05-25 20:53 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-05-25 20:51 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-05-25 20:50 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2010-05-25 19:53 . 2010-05-25 19:53 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-05-25 19:30 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-05-25 19:30 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-05-25 19:26 . 2010-05-25 19:26 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-05-25 19:26 . 2010-05-25 19:26 16 ----a-w- c:\windows\system32\asdict.dat
2010-05-25 19:26 . 2010-05-25 19:26 0 ----a-w- c:\windows\system32\pcwords.dat
2010-05-25 19:23 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-05-25 19:23 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2010-05-25 19:23 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2010-05-25 19:23 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-05-25 19:22 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2010-05-25 19:22 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-05-25 19:22 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-05-25 19:22 . 2009-08-07 02:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-05-25 19:22 . 2009-08-07 01:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-05-25 19:18 . 2010-06-09 03:58 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\ApplicationHistory
2010-05-25 19:13 . 2010-05-25 19:13 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\BitDefender
2010-05-25 19:13 . 2010-05-25 19:13 -------- d-----w- C:\Binaries
2010-05-25 19:12 . 2010-05-25 20:15 -------- d-----w- c:\programdata\BitDefender
2010-05-25 19:12 . 2010-05-25 19:12 -------- d-----w- c:\program files\BitDefender
2010-05-25 19:11 . 2010-05-25 19:11 -------- d-----w- c:\windows\system32\URTTEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-08 19:11 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-05 22:19 . 2010-05-25 18:02 1356 ----a-w- c:\users\DEATH-ZZ\AppData\Local\d3d9caps.dat
2010-05-26 17:12 . 2010-05-26 17:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-05-26 03:06 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-05-26 01:04 . 2010-05-25 18:02 49168 ----a-w- c:\users\DEATH-ZZ\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-25 19:35 . 2009-06-29 21:12 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys
2010-05-25 19:35 . 2009-06-29 21:12 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys
2010-05-25 19:34 . 2009-06-24 20:13 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2010-05-25 19:28 . 2009-06-27 01:01 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-05-25 18:46 . 2010-05-25 18:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-25 18:32 . 2010-05-25 18:32 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-05-25 18:28 . 2010-05-25 18:28 -------- d-----w- c:\program files\Marvell
2010-05-25 18:27 . 2010-05-25 18:16 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-25 18:23 . 2010-05-25 18:23 -------- d-----w- c:\program files\Cisco
2010-05-25 18:23 . 2010-05-25 18:23 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\InstallShield
2010-05-25 18:16 . 2010-05-25 18:16 -------- d-----w- c:\program files\SigmaTel
2010-05-04 05:59 . 2010-06-08 18:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-08 18:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-08 18:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-08 18:53 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-08 18:53 2037248 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-05-20 184320]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-05-25 1123360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2010-05-25 71152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(:6b,9d,5a,c4,7e,fc,ca,01

R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-05-25 183880]
R3 SASENUM;SASENUM;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASENUM.SYS [x]
S1 aswSP;aswSP; [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-05-25 72784]
S1 SASDIFSV;SASDIFSV;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-05-25 85128]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-25 153448]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-07 111616]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - 73CC0FFE
*NewlyCreated* - E8AC0CDE
*NewlyCreated* - SASDIFSV
*NewlyCreated* - SASKUTIL
*Deregistered* - 73cc0ffe
*Deregistered* - e8ac0cde

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-08 23:40
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-06-08 23:43:18
ComboFix-quarantined-files.txt 2010-06-09 06:43

Pre-Run: 214,193,094,656 bytes free
Post-Run: 214,206,685,184 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - E353A89D46FA1BF46CFEC53EB967BF53

Edited by Orange Blossom, 10 June 2010 - 08:15 PM.


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 15 June 2010 - 05:37 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 15 June 2010 - 09:45 PM

First I will describe the symptoms and issues then I will post the logs. I appreciate your help and look forward to having a clean computer. A while back I noticed webpages acting funny I opened task manager and my cpu usage was spiking at 100% when only like 60 processes were running I believe the main source hog was a svc host one. Then my MBAM found a trojan dropper so I posted a log but I also tried to clean it up myself. I kind of freaked out and used combo-fix myself to try and clean my cpu. Boop me responded to my post and was very helpful. Smitfraud wouldnt run at first saying it didnt have access or something. But something I have noticed recently is now when i turn on my cpu and hook up to my wireless router my bitdefender firewall tells me different wireless devices are connecting and there is multiple IP addresses. There is some strange ones. the computers in my hope are not networked. Anyways my laptop acts possessed. here is my logs

OTL logfile created on: 6/15/2010 6:51:23 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\DEATH-ZZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

OTL Extras logfile created on: 6/15/2010 6:51:23 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\DEATH-ZZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 202.53 Gb Free Space | 91.82% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 8.15 Gb Free Space | 83.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THEGRIND
Current User Name: DEATH-ZZ
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1287D904-1970-439A-9D0B-A34F87859689}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{235C13E3-EB46-413F-9A98-6B5C0AD7FCFB}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{3085704C-3EE5-4001-813F-C9589F966532}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{747E2BFD-E1F5-4566-96F5-0215569B5AF4}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{BA6BA53B-7019-4FDD-9A2E-AAF1B057BD69}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{DD1F93E2-770B-43AC-9D27-3DF412283270}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85E563C7-E45B-47AA-BF6D-34983C2BEEF8}" = BitDefender Total Security 2010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"avast5" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"HDMI" = Intel® Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/11/2010 10:37:39 PM | Computer Name = TheGrind | Source = EventSystem | ID = 4621
Description =

Error - 6/11/2010 11:01:23 PM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

Error - 6/11/2010 11:07:52 PM | Computer Name = TheGrind | Source = EventSystem | ID = 4621
Description =

Error - 6/12/2010 7:25:55 PM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

Error - 6/12/2010 10:38:20 PM | Computer Name = TheGrind | Source = EventSystem | ID = 4621
Description =

Error - 6/13/2010 12:54:54 AM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

Error - 6/13/2010 5:12:59 AM | Computer Name = TheGrind | Source = EventSystem | ID = 4621
Description =

Error - 6/13/2010 11:51:49 PM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

Error - 6/15/2010 2:59:36 AM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 6/15/2010 2:59:37 AM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 2:59:37 AM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7026
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =

Error - 6/15/2010 9:35:23 PM | Computer Name = TheGrind | Source = Service Control Manager | ID = 7000
Description =


< End of report >

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 202.53 Gb Free Space | 91.82% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 8.15 Gb Free Space | 83.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THEGRIND
Current User Name: DEATH-ZZ
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
PRC - [2010/06/13 22:06:12 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/25 12:30:37 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2010/05/25 12:30:18 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2010/05/25 12:28:39 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2010/05/25 12:28:22 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/01/20 19:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/25 13:31:20 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
MOD - [2010/05/25 12:27:18 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_net.m32
MOD - [2010/05/25 12:27:17 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_extra.m32
MOD - [2010/05/25 12:27:15 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_nt.m32
MOD - [2010/05/25 12:27:14 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_base.m32
MOD - [2010/05/25 12:27:13 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_fragments.m32
MOD - [2010/05/25 12:27:12 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_registry.m32
MOD - [2010/05/25 12:27:11 | 000,217,088 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\midas32.dll
MOD - [2010/05/25 12:27:08 | 000,116,224 | ---- | M] (BitDefender SRL) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\leaktests.m32
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/25 12:34:39 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2010/05/25 12:34:35 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2010/05/25 12:30:37 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/05/25 12:28:22 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2010/05/25 12:35:47 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2010/05/25 12:35:43 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2010/05/25 12:35:30 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2010/05/25 12:35:28 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2010/05/25 12:34:58 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/05/25 12:32:41 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/05/25 12:28:29 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\BdfNdisf6.sys -- (BdfNdisf)
DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 21:52:48 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/12/06 09:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/10/11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/21 10:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 18:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 18:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 18:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 9B 88 95 0B 08 CB 01 [binary data]
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/06/04 17:40:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/04 13:03:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/13 20:51:06 | 000,000,000 | ---D | M]

[2010/06/04 13:03:28 | 000,000,000 | ---D | M] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Extensions
[2010/06/13 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\extensions
[2010/06/05 00:02:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/04 13:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/06/08 23:40:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/15 18:38:12 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
[2010/06/13 01:44:49 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\Agent.OMZ.Fix.exe
[2010/06/13 01:44:48 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe
[2010/06/13 01:44:48 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
[2010/06/13 01:44:48 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe
[2010/06/13 01:44:48 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
[2010/06/13 01:44:48 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe
[2010/06/13 01:44:48 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\o4Patch.exe
[2010/06/13 01:44:48 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe
[2010/06/13 01:44:47 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe
[2010/06/13 01:44:47 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe
[2010/06/13 01:44:47 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe
[2010/06/10 00:26:45 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\DEATH-ZZ\Desktop\ATF-Cleaner.exe
[2010/06/10 00:15:23 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix
[2010/06/08 23:43:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/08 23:43:21 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\temp
[2010/06/08 23:32:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/08 23:32:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/08 23:32:06 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/08 23:31:55 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/08 23:31:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/08 23:30:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/08 23:06:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\SUPERAntiSpyware.com
[2010/06/08 23:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/06/08 11:53:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/06/08 11:53:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/06/08 11:53:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/06/08 11:53:26 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/06/08 11:53:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/06/08 11:53:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/06/08 11:53:25 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/06/08 11:53:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/06/08 11:53:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/06/08 11:53:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/06/08 11:53:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/06/08 11:53:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/06/08 11:53:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/06/08 11:53:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/06/08 11:53:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/06/08 11:53:23 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/06/08 11:52:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/06/08 11:52:42 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/06/08 11:52:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/06/06 14:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/06/05 15:26:47 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/05 15:26:42 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/05 15:26:41 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/05 15:26:36 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/05 15:26:36 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/05 15:25:53 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/05 15:25:53 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/06/05 15:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/05 15:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/04 18:54:54 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Malwarebytes
[2010/06/04 18:54:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/04 18:54:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/04 18:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/04 18:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/04 13:03:18 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla
[2010/06/04 13:03:18 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Mozilla
[2010/06/04 13:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/06/04 12:14:22 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/26 10:15:48 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Desktop\Favorites
[2010/05/26 10:15:35 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\Desktop\Mobsters
[2010/05/26 08:22:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Macromedia
[2010/05/26 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Yahoo!
[2010/05/26 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Yahoo
[2010/05/26 08:21:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/05/26 08:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/05/26 08:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/05/25 21:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/25 21:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/05/25 21:14:35 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/25 21:14:35 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/25 21:14:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/25 21:14:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/25 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/25 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Deployment
[2010/05/25 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Apps
[2010/05/25 20:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/05/25 20:05:38 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/05/25 20:05:37 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/05/25 20:05:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/05/25 20:05:06 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/05/25 20:05:05 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/05/25 20:05:03 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/05/25 20:05:03 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/05/25 20:05:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/05/25 20:05:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/05/25 20:05:02 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/05/25 20:05:02 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/05/25 20:05:02 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/05/25 20:05:02 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/05/25 20:05:02 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/05/25 20:05:02 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/05/25 20:05:02 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/05/25 20:05:02 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/05/25 20:05:02 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/05/25 20:05:02 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/05/25 20:05:02 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/05/25 20:05:02 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/05/25 20:05:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/05/25 20:05:02 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/05/25 20:05:02 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/05/25 20:05:02 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/05/25 20:05:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/05/25 20:05:02 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/05/25 20:05:01 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/05/25 20:04:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/05/25 20:04:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/05/25 20:04:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/05/25 20:04:32 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/05/25 20:04:31 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/05/25 20:04:31 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/05/25 20:04:31 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/05/25 20:04:31 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/05/25 20:04:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/05/25 20:03:37 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/05/25 20:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/05/25 20:01:27 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/05/25 20:01:26 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/05/25 20:01:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/05/25 19:36:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/05/25 19:20:36 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/05/25 19:20:32 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/05/25 19:20:31 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/05/25 19:20:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/05/25 19:20:29 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/05/25 19:20:27 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/05/25 19:20:26 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/05/25 19:20:26 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/05/25 19:20:24 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/05/25 19:20:24 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/05/25 19:20:23 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/05/25 19:20:22 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/05/25 19:20:21 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/05/25 19:20:21 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/05/25 19:20:19 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/05/25 19:20:18 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010/05/25 19:20:18 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/05/25 19:20:17 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/05/25 19:20:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/05/25 19:20:16 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/05/25 19:20:16 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/05/25 19:20:16 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/05/25 19:20:14 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/05/25 19:20:14 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010/05/25 19:20:13 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/05/25 19:20:13 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/05/25 19:20:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/05/25 19:20:13 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/05/25 19:20:12 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/05/25 19:20:12 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/05/25 19:20:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/05/25 19:20:11 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/05/25 19:20:11 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/05/25 19:20:11 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/05/25 19:20:11 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/05/25 19:20:11 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/05/25 19:20:11 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/05/25 19:20:09 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/05/25 19:20:08 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/05/25 19:20:08 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/05/25 19:20:07 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/05/25 19:20:07 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/05/25 19:20:07 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/05/25 19:20:06 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/05/25 19:20:06 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/05/25 19:20:06 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/05/25 19:20:06 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/05/25 19:20:06 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/05/25 19:20:06 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/05/25 19:20:05 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/05/25 19:20:05 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/05/25 19:20:05 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/05/25 19:20:05 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/05/25 19:20:04 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/05/25 19:20:03 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/05/25 19:20:03 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/05/25 19:20:03 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/05/25 19:20:03 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/05/25 19:20:02 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/05/25 19:20:02 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/05/25 19:20:02 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/05/25 19:20:02 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010/05/25 19:20:02 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/05/25 19:20:01 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/05/25 19:20:01 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/05/25 19:20:01 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010/05/25 19:20:01 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010/05/25 19:20:00 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/05/25 19:19:59 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/05/25 19:19:59 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/05/25 19:19:59 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/05/25 19:19:59 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/05/25 19:19:59 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/05/25 19:19:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/05/25 19:19:58 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/05/25 19:19:58 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010/05/25 19:19:57 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/05/25 19:19:57 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/05/25 19:19:57 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/05/25 19:19:57 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/05/25 19:19:57 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/05/25 19:19:57 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/05/25 19:19:57 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/05/25 19:19:57 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/05/25 19:19:56 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/05/25 19:19:56 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/05/25 19:19:55 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/05/25 19:19:55 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/05/25 19:19:55 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/05/25 19:19:55 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/05/25 19:19:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/05/25 19:19:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/05/25 19:19:54 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/05/25 19:19:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/05/25 19:19:53 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/05/25 19:19:53 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/05/25 19:19:53 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/05/25 19:19:53 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/05/25 19:19:53 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/05/25 19:19:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/05/25 19:19:51 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/05/25 19:19:51 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/05/25 19:19:50 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/05/25 19:19:49 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/05/25 19:19:48 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/05/25 19:19:48 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/05/25 19:19:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/05/25 19:19:48 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/05/25 19:19:48 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/05/25 19:19:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/05/25 19:19:48 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/05/25 19:19:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/05/25 19:19:47 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/05/25 19:19:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/05/25 19:19:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/05/25 19:19:46 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/05/25 19:19:45 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/05/25 19:19:45 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/05/25 19:19:45 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/05/25 19:19:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/05/25 19:19:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/05/25 19:19:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/05/25 19:19:44 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/05/25 19:19:44 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/05/25 19:19:44 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/05/25 19:19:44 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/05/25 19:19:43 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/05/25 19:19:42 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/05/25 19:19:42 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/05/25 19:19:42 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/05/25 19:19:42 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/05/25 19:19:42 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/05/25 19:19:42 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/05/25 19:19:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/05/25 19:19:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/05/25 19:19:41 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/05/25 19:19:41 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/05/25 19:19:41 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/05/25 19:19:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/05/25 19:19:41 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/05/25 19:19:41 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/05/25 19:19:40 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/05/25 19:19:40 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/05/25 19:19:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/05/25 19:19:40 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/05/25 19:19:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/05/25 19:19:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/05/25 19:19:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/05/25 19:19:40 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/05/25 19:19:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/05/25 19:19:39 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/05/25 19:19:39 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/05/25 19:19:39 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/05/25 19:19:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/05/25 19:19:39 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/05/25 19:19:39 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/05/25 19:19:38 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/05/25 19:19:38 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/05/25 19:19:38 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/05/25 19:19:38 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/05/25 19:19:37 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/05/25 19:19:37 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/05/25 19:19:36 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/05/25 19:19:36 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/05/25 19:19:36 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/05/25 19:19:36 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/05/25 19:19:35 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/05/25 19:19:35 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/05/25 19:19:35 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/05/25 19:19:35 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/05/25 19:19:35 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/05/25 19:19:35 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/05/25 19:19:35 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/05/25 19:19:35 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/05/25 19:19:35 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/05/25 19:19:34 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/05/25 19:19:34 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/05/25 19:19:34 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/05/25 19:19:34 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/05/25 19:19:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/05/25 19:19:34 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/05/25 19:19:33 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/05/25 19:19:33 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/05/25 19:19:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/05/25 19:19:33 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/05/25 19:19:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/05/25 19:19:33 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/05/25 19:19:33 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/05/25 19:19:33 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/05/25 19:19:33 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/05/25 19:19:32 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/05/25 19:19:32 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/05/25 19:19:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/05/25 19:19:32 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/05/25 19:19:31 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/05/25 19:19:31 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/05/25 19:19:31 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/05/25 19:19:31 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/05/25 19:19:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/05/25 19:19:31 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/05/25 19:19:31 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/05/25 19:19:31 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/05/25 19:19:31 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/05/25 19:19:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/05/25 19:19:30 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/05/25 19:19:30 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/05/25 19:19:30 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/05/25 19:19:30 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/05/25 19:19:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/05/25 19:19:30 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/05/25 19:19:30 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/05/25 19:19:30 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/05/25 19:19:29 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/05/25 19:19:29 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/05/25 19:19:29 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/05/25 19:19:29 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/05/25 19:19:29 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/05/25 19:19:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/05/25 19:19:29 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/05/25 19:19:29 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/05/25 19:19:29 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/05/25 19:19:29 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/05/25 19:19:29 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/05/25 19:19:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/05/25 19:19:28 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/05/25 19:19:28 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/05/25 19:19:28 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/05/25 19:19:28 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/05/25 19:19:28 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/05/25 19:19:28 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/05/25 19:19:28 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/05/25 19:19:28 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/05/25 19:19:27 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/05/25 19:19:27 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/05/25 19:19:27 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/05/25 19:19:27 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/05/25 19:19:27 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/05/25 19:19:27 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/05/25 19:19:27 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/05/25 19:19:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/05/25 19:19:27 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/05/25 19:19:26 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/05/25 19:19:25 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/05/25 19:19:25 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/05/25 19:19:25 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/05/25 19:19:25 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/05/25 19:19:24 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/05/25 19:19:24 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/05/25 19:19:24 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/05/25 19:19:24 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/05/25 19:19:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/05/25 19:19:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/05/25 19:19:23 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/05/25 19:19:23 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/05/25 19:19:23 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/05/25 19:19:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/05/25 19:19:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/05/25 19:19:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/05/25 19:19:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/05/25 19:19:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/05/25 19:19:22 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/05/25 19:19:22 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/05/25 19:19:22 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/05/25 19:19:22 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/05/25 19:19:22 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/05/25 19:19:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/05/25 19:19:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/05/25 19:19:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/05/25 19:19:21 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/05/25 19:19:21 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/05/25 19:19:21 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/05/25 19:19:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/05/25 19:19:21 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/05/25 19:19:20 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/05/25 19:19:20 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/05/25 19:19:20 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/05/25 19:19:20 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/05/25 19:19:20 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/05/25 19:19:20 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/05/25 19:19:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/05/25 19:19:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/05/25 19:19:20 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/05/25 19:19:20 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/05/25 19:19:20 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/05/25 19:19:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/05/25 19:19:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/05/25 19:19:19 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/05/25 19:19:19 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/05/25 19:19:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/05/25 19:19:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/05/25 19:19:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/05/25 19:19:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/05/25 19:19:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/05/25 19:19:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/05/25 19:19:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/05/25 19:19:18 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/05/25 19:19:18 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/05/25 19:19:18 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/05/25 19:19:18 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/05/25 19:19:18 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/05/25 19:19:18 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/05/25 19:19:18 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/05/25 19:19:18 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/05/25 19:19:18 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/05/25 19:19:18 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/05/25 19:19:18 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/05/25 19:19:18 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/05/25 19:19:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/05/25 19:19:18 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/05/25 19:19:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/05/25 19:19:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/05/25 19:19:18 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/05/25 19:19:18 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/05/25 19:19:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/05/25 19:19:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/05/25 19:19:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/05/25 19:19:17 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/05/25 19:19:17 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/05/25 19:19:17 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/05/25 19:19:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2010/05/25 19:19:17 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/05/25 19:19:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/05/25 19:19:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/05/25 19:19:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/05/25 19:19:16 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/05/25 19:19:16 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/05/25 19:19:16 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/05/25 19:19:16 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/05/25 19:19:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/05/25 19:19:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/05/25 19:19:16 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/05/25 19:19:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/05/25 19:19:16 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/05/25 19:19:16 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/05/25 19:19:16 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/05/25 19:19:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/05/25 19:19:16 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/05/25 19:19:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/05/25 19:19:15 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/05/25 19:19:15 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/05/25 19:19:15 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/05/25 19:19:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/05/25 19:19:15 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/05/25 19:19:15 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/05/25 19:19:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/05/25 19:19:15 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/05/25 19:19:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/05/25 19:19:14 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/05/25 19:19:14 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/05/25 19:19:14 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/05/25 19:19:14 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/05/25 19:19:14 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/05/25 19:19:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/05/25 19:19:14 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/05/25 19:19:14 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/05/25 19:19:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/05/25 19:19:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/05/25 19:19:14 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/05/25 19:19:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/05/25 19:19:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/05/25 19:19:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/05/25 19:19:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/05/25 19:19:13 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/05/25 19:19:13 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/05/25 19:19:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/05/25 19:19:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/05/25 19:19:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/05/25 19:19:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/05/25 19:19:13 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/05/25 19:19:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/05/25 19:19:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/05/25 19:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/05/25 19:19:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/05/25 19:19:12 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/05/25 19:19:12 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/05/25 19:19:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/05/25 19:19:12 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/05/25 19:19:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/05/25 19:19:12 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/05/25 19:19:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/05/25 19:19:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/05/25 19:19:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/05/25 19:19:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/05/25 19:19:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/05/25 19:19:12 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/05/25 19:19:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/05/25 19:19:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/05/25 19:19:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/05/25 19:19:12 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/05/25 19:19:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/05/25 19:19:11 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/05/25 19:19:11 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/05/25 19:19:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/05/25 19:19:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/05/25 19:19:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/05/25 19:19:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/05/25 19:19:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/05/25 19:19:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/05/25 19:19:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/05/25 19:19:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/05/25 19:19:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/05/25 19:19:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/05/25 19:19:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/05/25 19:19:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/05/25 19:19:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/05/25 19:19:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/05/25 19:19:10 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/05/25 19:19:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/05/25 19:19:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/05/25 19:19:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/05/25 19:19:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/05/25 19:19:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/05/25 19:19:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/05/25 19:19:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/05/25 19:19:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/05/25 19:19:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/05/25 19:19:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/05/25 19:19:09 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/05/25 19:19:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/05/25 19:19:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/05/25 19:19:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/05/25 19:19:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/05/25 19:18:56 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/05/25 19:18:54 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/05/25 19:18:54 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/05/25 19:18:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/05/25 18:56:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/05/25 18:19:53 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/05/25 18:12:21 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/05/25 18:12:20 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/05/25 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\WindowsUpdate
[2010/05/25 14:17:46 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Dell
[2010/05/25 14:05:26 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/05/25 14:05:26 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/05/25 14:05:26 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/05/25 14:05:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/05/25 14:05:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/05/25 14:05:26 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/05/25 14:05:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/05/25 14:05:25 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/05/25 14:05:25 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/05/25 14:05:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/05/25 14:05:25 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/05/25 14:05:25 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/05/25 14:05:24 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/05/25 14:05:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/05/25 14:05:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/05/25 14:05:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/05/25 14:05:23 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/05/25 14:05:23 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/05/25 14:05:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/05/25 14:05:21 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/05/25 14:05:21 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/05/25 14:05:21 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/05/25 14:05:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/05/25 14:05:21 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/05/25 14:05:21 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/05/25 14:01:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/05/25 14:01:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/05/25 14:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/05/25 13:59:19 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/05/25 13:59:18 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/05/25 13:59:17 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/05/25 13:59:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/05/25 13:59:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/05/25 13:59:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/05/25 13:58:41 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/05/25 13:54:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/25 13:54:21 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/05/25 13:53:13 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/05/25 13:53:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/05/25 13:53:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/05/25 13:53:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/05/25 13:53:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/05/25 13:53:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/05/25 13:53:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/05/25 13:53:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/05/25 13:53:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/05/25 13:52:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/05/25 13:52:54 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/05/25 13:52:53 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/05/25 13:52:53 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/05/25 13:52:52 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/05/25 13:52:52 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/05/25 13:52:52 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/05/25 13:52:52 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/05/25 13:52:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/05/25 13:52:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/05/25 13:52:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/05/25 13:52:25 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/05/25 13:52:21 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/05/25 13:52:21 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/05/25 13:52:21 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/05/25 13:52:21 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/05/25 13:52:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/05/25 13:52:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/05/25 13:51:58 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/05/25 13:51:58 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/05/25 13:51:40 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/05/25 13:51:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/05/25 13:51:38 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/05/25 13:51:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/05/25 13:51:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/05/25 13:51:35 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/05/25 13:51:35 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/05/25 13:51:32 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/05/25 13:51:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/05/25 13:50:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/05/25 13:49:56 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/05/25 13:49:54 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/05/25 13:49:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/05/25 13:49:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/05/25 13:49:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/05/25 13:49:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/05/25 13:49:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/05/25 13:49:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/05/25 13:49:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/05/25 12:23:01 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/05/25 12:23:01 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/05/25 12:22:48 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/05/25 12:22:48 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/05/25 12:22:48 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/05/25 12:22:41 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/05/25 12:22:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/05/25 12:18:05 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\ApplicationHistory
[2010/05/25 12:13:11 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\BitDefender
[2010/05/25 12:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/05/25 12:13:03 | 000,000,000 | ---D | C] -- C:\Binaries
[2010/05/25 12:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/05/25 12:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2010/05/25 12:11:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/05/25 12:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/05/25 12:09:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Adobe
[2010/05/25 11:49:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/05/25 11:48:51 | 000,000,000 | ---D | C] -- C:\Boot
[2010/05/25 11:48:37 | 000,304,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2010/05/25 11:48:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/05/25 11:46:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2010/05/25 11:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2010/05/25 11:45:53 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2010/05/25 11:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2010/05/25 11:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010/05/25 11:40:37 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\MediaDirect
[2010/05/25 11:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/05/25 11:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/05/25 11:39:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010/05/25 11:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/05/25 11:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2010/05/25 11:31:57 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01005.dll
[2010/05/25 11:31:57 | 000,164,400 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2010/05/25 11:31:57 | 000,100,542 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2010/05/25 11:29:10 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2010/05/25 11:29:10 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010/05/25 11:29:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/05/25 11:28:56 | 000,111,616 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2010/05/25 11:28:55 | 000,530,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2010/05/25 11:28:55 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2010/05/25 11:28:55 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
[2010/05/25 11:28:55 | 000,069,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2010/05/25 11:28:54 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2010/05/25 11:28:54 | 002,580,480 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2010/05/25 11:28:54 | 002,416,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2010/05/25 11:28:54 | 002,016,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys
[2010/05/25 11:28:54 | 001,658,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2010/05/25 11:28:54 | 000,241,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2010/05/25 11:28:54 | 000,204,800 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2010/05/25 11:28:54 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
[2010/05/25 11:28:54 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2010/05/25 11:28:54 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2010/05/25 11:28:54 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2010/05/25 11:28:54 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2010/05/25 11:28:54 | 000,159,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2010/05/25 11:28:54 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2010/05/25 11:28:54 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2010/05/25 11:28:54 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2010/05/25 11:28:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2010/05/25 11:28:54 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2010/05/25 11:28:54 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2010/05/25 11:28:54 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2010/05/25 11:28:54 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2010/05/25 11:28:54 | 000,048,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2010/05/25 11:28:54 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2010/05/25 11:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010/05/25 11:27:44 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\TMP
[2010/05/25 11:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/05/25 11:23:13 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vcredist_x86.exe
[2010/05/25 11:23:13 | 000,987,136 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMLogon.dll
[2010/05/25 11:23:12 | 005,967,872 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLCPL.CPL
[2010/05/25 11:23:12 | 003,895,296 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmttls.dll
[2010/05/25 11:23:12 | 003,579,904 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvsrv.dll
[2010/05/25 11:23:12 | 003,244,032 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvui.dll
[2010/05/25 11:23:12 | 001,044,984 | ---- | C] (Broadcom Corp.) -- C:\Windows\System32\drivers\BCMWL6.SYS
[2010/05/25 11:23:12 | 000,278,528 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmwlu00.exe
[2010/05/25 11:23:12 | 000,087,328 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\bcmwlcoi.dll
[2010/05/25 11:23:12 | 000,065,536 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\wltrynt.dll
[2010/05/25 11:23:01 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\InstallShield
[2010/05/25 11:21:43 | 000,393,216 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2010/05/25 11:21:43 | 000,335,872 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2010/05/25 11:21:43 | 000,235,648 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2010/05/25 11:21:43 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2010/05/25 11:21:43 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2010/05/25 11:21:43 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2010/05/25 11:21:43 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2010/05/25 11:21:43 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2010/05/25 11:21:43 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2010/05/25 11:21:43 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2010/05/25 11:21:43 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2010/05/25 11:21:42 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2010/05/25 11:21:42 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2010/05/25 11:21:42 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2010/05/25 11:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/05/25 11:20:41 | 000,986,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys
[2010/05/25 11:20:41 | 000,659,968 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys
[2010/05/25 11:20:41 | 000,206,848 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys
[2010/05/25 11:20:41 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\Windows\System32\Uci32114.dll
[2010/05/25 11:20:41 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2010/05/25 11:20:41 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys
[2010/05/25 11:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/05/25 11:19:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/05/25 11:17:55 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2010/05/25 11:17:55 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2010/05/25 11:17:55 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2010/05/25 11:17:55 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2010/05/25 11:16:37 | 004,947,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacgui.cpl
[2010/05/25 11:16:37 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2010/05/25 11:16:37 | 000,647,168 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010/05/25 11:16:37 | 000,131,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010/05/25 11:16:37 | 000,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2010/05/25 11:16:37 | 000,073,728 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
[2010/05/25 11:16:37 | 000,053,248 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010/05/25 11:16:18 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2010/05/25 11:16:17 | 000,595,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2010/05/25 11:16:17 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2010/05/25 11:16:17 | 000,330,240 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010/05/25 11:16:17 | 000,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2010/05/25 11:16:17 | 000,299,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/05/25 11:16:17 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2010/05/25 11:16:17 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/25 11:16:17 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/05/25 11:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/05/25 11:11:28 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\SupportSoft
[2010/05/25 11:11:25 | 000,000,000 | ---D | C] -- C:\Dell
[2010/05/25 11:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2010/05/25 11:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2010/05/25 11:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2010/05/25 11:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2010/05/25 11:08:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010/05/25 11:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/05/25 11:06:32 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/05/25 11:02:37 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Searches
[2010/05/25 11:02:30 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Identities
[2010/05/25 11:02:28 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Contacts
[2010/05/25 11:02:28 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\VirtualStore
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\Temporary Internet Files
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Templates
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Start Menu
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\SendTo
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Recent
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\PrintHood
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\NetHood
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Videos
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Pictures
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Music
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\My Documents
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Local Settings
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\History
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Cookies
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Application Data
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\Application Data
[2010/05/25 11:02:24 | 000,000,000 | --SD | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Microsoft
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Videos
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Saved Games
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Pictures
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Music
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Links
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Favorites
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Downloads
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Documents
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Desktop
[2010/05/25 11:02:24 | 000,000,000 | -H-D | C] -- C:\Users\DEATH-ZZ\AppData
[2010/05/25 11:02:24 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Microsoft
[2010/05/25 11:02:24 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Media Center Programs
[2010/05/25 10:59:17 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/05/25 10:52:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/05/25 10:49:55 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/05/25 10:49:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2010/06/15 18:54:08 | 001,310,720 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT
[2010/06/15 18:46:59 | 000,293,376 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\ydo5l2qt.exe
[2010/06/15 18:41:22 | 000,747,142 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/15 18:41:22 | 000,634,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/15 18:41:22 | 000,117,244 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
[2010/06/15 18:33:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/15 18:33:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/15 18:33:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/15 18:33:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/15 02:55:55 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010/06/15 02:55:51 | 000,524,288 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/15 02:55:51 | 000,065,536 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/13 22:20:04 | 002,670,316 | -H-- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\IconCache.db
[2010/06/13 01:45:21 | 000,003,752 | ---- | M] () -- C:\Windows\System32\tmp.reg
[2010/06/10 00:26:46 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\DEATH-ZZ\Desktop\ATF-Cleaner.exe
[2010/06/10 00:12:41 | 001,872,472 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix.exe
[2010/06/09 23:57:03 | 000,062,860 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\ark.zip
[2010/06/09 22:45:44 | 000,000,000 | ---- | M] () -- C:\Users\DEATH-ZZ\defogger_reenable
[2010/06/09 22:07:09 | 000,525,824 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\dds.scr
[2010/06/09 22:06:32 | 000,050,477 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\Defogger.exe
[2010/06/08 23:40:44 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/08 23:40:37 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/06/08 22:46:04 | 003,704,641 | R--- | M] () -- C:\Users\DEATH-ZZ\Desktop\schrauber.exe
[2010/06/08 12:13:35 | 000,228,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/06 14:34:56 | 000,003,584 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 15:26:47 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/05 15:26:36 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/05 15:19:59 | 000,001,356 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\d3d9caps.dat
[2010/06/05 14:01:21 | 000,114,050 | ---- | M] () -- C:\Users\DEATH-ZZ\Documents\doc.jpg
[2010/06/04 18:54:49 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/04 13:03:15 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/27 22:08:41 | 000,039,424 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\RSM Warlist.xls
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\wsbl.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_white.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_summ.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_spoof.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_sign.slf
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_black.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010/05/26 10:12:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/05/25 21:14:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/25 21:14:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/25 21:14:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/25 21:14:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/25 19:32:46 | 000,000,025 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Roaming\bdfvconp.ini
[2010/05/25 18:04:42 | 000,049,168 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/25 12:55:38 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2010/05/25 12:53:51 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010/05/25 12:35:44 | 000,106,464 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdhv.sys
[2010/05/25 12:35:43 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdfm.sys
[2010/05/25 12:34:58 | 000,291,352 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2010/05/25 12:28:29 | 000,072,784 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2010/05/25 12:26:42 | 000,000,016 | ---- | M] () -- C:\Windows\System32\asdict.dat
[2010/05/25 12:26:42 | 000,000,004 | ---- | M] () -- C:\Windows\System32\aspdict-en.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ab_bl.sig
[2010/05/25 12:13:12 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2010/05/25 12:02:23 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2010/05/25 11:48:53 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/05/25 11:35:11 | 000,016,052 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/05/25 11:32:36 | 000,524,288 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 11:32:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/05/25 11:26:41 | 000,022,729 | ---- | M] () -- C:\newkey
[2010/05/25 11:26:41 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2010/05/25 11:11:17 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/05/25 11:02:25 | 000,000,020 | -HS- | M] () -- C:\Users\DEATH-ZZ\ntuser.ini
[2010/05/25 10:52:50 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2010/06/15 18:46:58 | 000,293,376 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\ydo5l2qt.exe
[2010/06/13 01:45:20 | 000,003,752 | ---- | C] () -- C:\Windows\System32\tmp.reg
[2010/06/13 01:44:48 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2010/06/13 01:44:48 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2010/06/13 01:44:47 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2010/06/10 00:12:35 | 001,872,472 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix.exe
[2010/06/09 23:57:03 | 000,062,860 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\ark.zip
[2010/06/09 22:45:44 | 000,000,000 | ---- | C] () -- C:\Users\DEATH-ZZ\defogger_reenable
[2010/06/09 22:07:08 | 000,525,824 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\dds.scr
[2010/06/09 22:06:32 | 000,050,477 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\Defogger.exe
[2010/06/08 23:32:06 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/08 23:32:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/08 23:32:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/08 23:32:06 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/08 23:32:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/08 22:46:02 | 003,704,641 | R--- | C] () -- C:\Users\DEATH-ZZ\Desktop\schrauber.exe
[2010/06/06 14:34:54 | 000,003,584 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 15:26:47 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/05 14:01:19 | 000,114,050 | ---- | C] () -- C:\Users\DEATH-ZZ\Documents\doc.jpg
[2010/06/04 18:54:49 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/04 13:03:15 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/27 22:08:40 | 000,039,424 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\RSM Warlist.xls
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_spoof.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_sign.slf
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/05/26 10:12:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/05/25 19:32:46 | 000,000,025 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Roaming\bdfvconp.ini
[2010/05/25 19:20:05 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/05/25 19:20:03 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010/05/25 19:19:57 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/05/25 19:19:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/05/25 19:19:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/05/25 19:19:53 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/05/25 19:19:53 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/05/25 19:19:48 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/05/25 19:19:38 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/05/25 19:19:35 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/05/25 19:19:09 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/05/25 19:19:05 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/05/25 14:52:43 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010/05/25 14:18:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/05/25 14:17:52 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/05/25 14:06:02 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/05/25 13:52:22 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/05/25 12:55:38 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2010/05/25 12:53:51 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/05/25 12:26:42 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/05/25 12:26:42 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ab_bl.sig
[2010/05/25 12:13:12 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2010/05/25 11:48:53 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/05/25 11:48:51 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2010/05/25 11:48:18 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version
[2010/05/25 11:46:54 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/05/25 11:35:11 | 000,016,052 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/05/25 11:32:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/05/25 11:28:56 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2010/05/25 11:28:55 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2010/05/25 11:28:55 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2010/05/25 11:28:55 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2010/05/25 11:28:55 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2010/05/25 11:28:55 | 000,027,152 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/05/25 11:28:55 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/05/25 11:28:55 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2010/05/25 11:23:13 | 000,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2010/05/25 11:23:13 | 000,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2010/05/25 11:23:12 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/05/25 11:23:12 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2010/05/25 11:23:02 | 000,022,729 | ---- | C] () -- C:\newkey
[2010/05/25 11:23:02 | 000,022,729 | ---- | C] () -- C:\newfile.enc
[2010/05/25 11:21:43 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2010/05/25 11:21:43 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2010/05/25 11:21:43 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2010/05/25 11:21:43 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2010/05/25 11:20:41 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2010/05/25 11:17:55 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2010/05/25 11:11:17 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/05/25 11:02:25 | 000,524,288 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 11:02:25 | 000,524,288 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 11:02:25 | 000,065,536 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/05/25 11:02:25 | 000,001,356 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Local\d3d9caps.dat
[2010/05/25 11:02:25 | 000,000,020 | -HS- | C] () -- C:\Users\DEATH-ZZ\ntuser.ini
[2010/05/25 11:02:24 | 001,310,720 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT
[2010/05/25 11:02:24 | 000,262,144 | -H-- | C] () -- C:\Users\DEATH-ZZ\ntuser.dat.LOG1
[2010/05/25 11:02:24 | 000,000,000 | -H-- | C] () -- C:\Users\DEATH-ZZ\ntuser.dat.LOG2
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >


#4 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 15 June 2010 - 09:57 PM


My Gmer wont post it says it is too long so im attaching it:
Attached File  june15gmer.zip   45.17KB   9 downloads

Thanks again for helping me


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 16 June 2010 - 05:04 AM

Hello there,

Please delete your old copy of combofix, download a new one and run it as instructed below.

COMBOFIX
---------------
Please download ComboFix from one of these locations:
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 16 June 2010 - 04:13 PM

Hi,
Ok so when I turned my laptop back on it came up with a windows error report stating:
Problem signature
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Files that help describe the problem (some files may no longer be available)
Mini061610-01.dmp
sysdata.xml
Version.txt

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

Extra information about the problem
BCCode: 1000008e
BCP1: C0000005
BCP2: 95DD0B0E
BCP3: A7100B34
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1
Then when I ran combofix i disabled all av products but when combo fix first started this came up ? mbr.cfxxe has stopped working

Here is my combofix log:
ComboFix 10-06-15.04 - DEATH-ZZ 06/16/2010 13:45:01.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1944 [GMT -7:00]
Running from: c:\users\DEATH-ZZ\Desktop\Combofix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2010-05-16 to 2010-06-16 )))))))))))))))))))))))))))))))
.

2010-06-16 20:52 . 2010-06-16 20:52 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\temp
2010-06-16 20:52 . 2010-06-16 20:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-09 06:06 . 2010-06-09 06:06 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\SUPERAntiSpyware.com
2010-06-09 06:06 . 2010-06-09 06:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-06-08 18:52 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-08 18:52 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-08 18:52 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-06 21:32 . 2010-06-06 21:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-05 22:26 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-05 22:26 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-05 22:26 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-05 22:26 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-05 22:26 . 2010-05-06 20:34 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-05 22:25 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-06-05 22:25 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-05 22:25 . 2010-06-05 22:25 -------- d-----w- c:\programdata\Alwil Software
2010-06-05 22:25 . 2010-06-05 22:25 -------- d-----w- c:\program files\Alwil Software
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\Malwarebytes
2010-06-05 01:54 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-05 01:54 . 2010-06-05 01:54 -------- d-----w- c:\programdata\Malwarebytes
2010-06-05 01:54 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-04 20:03 . 2010-06-04 20:03 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Mozilla
2010-06-04 19:14 . 2010-05-21 21:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-26 15:22 . 2010-05-26 15:22 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\Yahoo!
2010-05-26 15:22 . 2010-05-26 15:22 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Yahoo
2010-05-26 15:21 . 2010-05-26 15:21 -------- d-----w- c:\windows\system32\Macromed
2010-05-26 15:21 . 2010-05-26 15:21 -------- d-----w- c:\programdata\Yahoo!
2010-05-26 15:21 . 2010-04-20 23:45 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2010-05-26 15:19 . 2010-05-26 15:21 -------- d-----w- c:\program files\Yahoo!
2010-05-26 04:16 . 2010-05-26 04:16 -------- d-----w- c:\program files\Common Files\Java
2010-05-26 04:14 . 2010-05-26 04:14 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-26 04:14 . 2010-05-26 04:14 -------- d-----w- c:\program files\Java
2010-05-26 03:19 . 2010-05-26 03:23 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Deployment
2010-05-26 03:19 . 2010-05-26 03:19 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Apps
2010-05-26 03:06 . 2010-05-26 03:06 -------- d-----w- c:\program files\Windows Portable Devices
2010-05-26 03:04 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-05-26 03:04 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-05-26 03:04 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-05-26 03:04 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-05-26 03:04 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2010-05-26 03:04 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2010-05-26 03:04 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2010-05-26 03:04 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-05-26 03:04 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-05-26 03:04 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2010-05-26 03:04 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2010-05-26 03:04 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-05-26 03:03 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-05-26 03:03 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-05-26 03:03 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-05-26 03:01 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-05-26 03:01 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-05-26 03:01 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\ca-ES
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\eu-ES
2010-05-26 02:47 . 2010-05-26 02:48 -------- d-----w- c:\windows\system32\vi-VN
2010-05-26 02:36 . 2010-05-26 02:36 -------- d-----w- c:\windows\system32\EventProviders
2010-05-26 02:19 . 2009-04-11 06:28 199680 ----a-w- c:\windows\system32\WebClnt.dll
2010-05-26 02:18 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-05-26 02:18 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-05-26 02:18 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-05-26 02:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-05-26 02:18 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-05-26 02:18 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-05-26 02:18 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-05-26 02:18 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-05-26 02:18 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-05-26 02:18 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-05-26 02:18 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-05-26 02:03 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-05-26 01:56 . 2010-05-26 01:56 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-05-26 01:49 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-05-26 01:49 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-05-26 01:19 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-05-26 01:12 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-05-25 21:29 . 2010-05-25 21:29 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\WindowsUpdate
2010-05-25 21:18 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-05-25 21:17 . 2010-05-25 21:17 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\Dell
2010-05-25 21:01 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-05-25 21:01 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-05-25 21:01 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-05-25 21:00 . 2010-05-25 21:00 -------- d-----w- c:\program files\MSXML 4.0
2010-05-25 20:59 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2010-05-25 20:59 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\mfps.dll
2010-05-25 20:59 . 2009-04-11 06:27 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-05-25 20:59 . 2009-04-11 06:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-05-25 20:59 . 2009-04-11 04:54 2048 ----a-w- c:\windows\system32\mferror.dll
2010-05-25 20:58 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-05-25 20:54 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-25 20:54 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-25 20:54 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-05-25 20:53 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-05-25 20:53 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-05-25 20:53 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-05-25 20:53 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-05-25 20:53 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-05-25 20:53 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2010-05-25 20:53 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2010-05-25 20:53 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-05-25 20:53 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-05-25 20:51 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-05-25 20:50 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2010-05-25 19:53 . 2010-05-25 19:53 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-05-25 19:30 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-05-25 19:30 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-05-25 19:26 . 2010-05-25 19:26 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-05-25 19:26 . 2010-05-25 19:26 16 ----a-w- c:\windows\system32\asdict.dat
2010-05-25 19:26 . 2010-05-25 19:26 0 ----a-w- c:\windows\system32\pcwords.dat
2010-05-25 19:23 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-05-25 19:23 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2010-05-25 19:23 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2010-05-25 19:23 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-05-25 19:22 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2010-05-25 19:22 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-05-25 19:22 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-05-25 19:22 . 2009-08-07 02:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-05-25 19:22 . 2009-08-07 01:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-05-25 19:18 . 2010-06-16 20:16 -------- d-----w- c:\users\DEATH-ZZ\AppData\Local\ApplicationHistory
2010-05-25 19:13 . 2010-05-25 19:13 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\BitDefender
2010-05-25 19:13 . 2010-05-25 19:13 -------- d-----w- C:\Binaries
2010-05-25 19:12 . 2010-05-25 20:15 -------- d-----w- c:\programdata\BitDefender
2010-05-25 19:12 . 2010-05-25 19:12 -------- d-----w- c:\program files\BitDefender
2010-05-25 19:11 . 2010-05-25 19:11 -------- d-----w- c:\windows\system32\URTTEMP
2010-05-25 19:11 . 2010-05-25 19:12 -------- d-----w- c:\program files\Common Files\BitDefender

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-08 19:11 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-05 22:19 . 2010-05-25 18:02 1356 ----a-w- c:\users\DEATH-ZZ\AppData\Local\d3d9caps.dat
2010-05-26 17:12 . 2010-05-26 17:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-05-26 03:06 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-05-26 02:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-05-26 01:04 . 2010-05-25 18:02 49168 ----a-w- c:\users\DEATH-ZZ\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-25 19:35 . 2009-06-29 21:12 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys
2010-05-25 19:35 . 2009-06-29 21:12 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys
2010-05-25 19:34 . 2009-06-24 20:13 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2010-05-25 19:28 . 2009-06-27 01:01 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-05-25 18:46 . 2010-05-25 18:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-25 18:32 . 2010-05-25 18:32 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-05-25 18:28 . 2010-05-25 18:28 -------- d-----w- c:\program files\Marvell
2010-05-25 18:27 . 2010-05-25 18:16 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-25 18:23 . 2010-05-25 18:23 -------- d-----w- c:\program files\Cisco
2010-05-25 18:23 . 2010-05-25 18:23 -------- d-----w- c:\users\DEATH-ZZ\AppData\Roaming\InstallShield
2010-05-25 18:16 . 2010-05-25 18:16 -------- d-----w- c:\program files\SigmaTel
2010-05-04 05:59 . 2010-06-08 18:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-08 18:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-08 18:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-08 18:53 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-08 18:53 2037248 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-05-25 1123360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2010-05-25 71152]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(cool.gif:6b,9d,5a,c4,7e,fc,ca,01

R1 SASDIFSV;SASDIFSV;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys [x]
R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-05-25 183880]
R3 kxddipod;kxddipod;c:\users\DEATH-ZZ\AppData\Local\Temp\kxddipod.sys [x]
R3 SASENUM;SASENUM;c:\users\DEATH-ZZ\AppData\Local\Temp\SAS_SelfExtract\SASENUM.SYS [x]
S1 aswSP;aswSP; [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-05-25 72784]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-05-25 85128]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-25 153448]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-07 111616]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-16 13:53
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-06-16 13:55:36
ComboFix-quarantined-files.txt 2010-06-16 20:55
ComboFix2.txt 2010-06-09 06:43

Pre-Run: 217,039,429,632 bytes free
Post-Run: 217,011,679,232 bytes free

- - End Of File - - 647186F32A02DF7C995C03FAEA5CE195

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 17 June 2010 - 03:18 AM

Hello again,
How are things running now?

Please launch MBAM, update it and run a full scan. Post me the resulting log.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 17 June 2010 - 01:41 PM

Hello,
When I open Internet explorer two windows open of the same thing. So say yahoo is my default page it opens in two windows instead of just one. This doesn't happen every time I open IE i just noticed it. Other than that thats all I have seen as of yet. Here is my MBAM log:

6/17/2010 11:32:26 AM
mbam-log-2010-06-17 (11-32-26).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 211546
Time elapsed: 56 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 17 June 2010 - 01:42 PM

Can you please run OTL, make sure All Users is checked and run the scan? Post me OTL.txt (no need for extra.txt).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 18 June 2010 - 12:53 AM

Hi
here is my OTL log. I just wanted to say thanks again for all your help.

OTL logfile created on: 6/17/2010 10:33:54 PM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\DEATH-ZZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.58 Gb Total Space | 202.12 Gb Free Space | 91.63% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 8.15 Gb Free Space | 83.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THEGRIND
Current User Name: DEATH-ZZ
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
PRC - [2010/06/13 22:06:12 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/25 12:30:37 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2010/05/25 12:30:18 | 001,091,984 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2010/05/25 12:28:39 | 001,123,360 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2010/05/25 12:28:22 | 000,308,552 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2010/05/06 13:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/10 23:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/01/20 19:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/25 13:31:20 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 01:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe


========== Modules (SafeList) ==========

MOD - [2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
MOD - [2010/05/25 12:27:18 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_net.m32
MOD - [2010/05/25 12:27:17 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_extra.m32
MOD - [2010/05/25 12:27:15 | 000,266,240 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_nt.m32
MOD - [2010/05/25 12:27:14 | 000,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_base.m32
MOD - [2010/05/25 12:27:13 | 000,319,488 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_fragments.m32
MOD - [2010/05/25 12:27:12 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\plugin_registry.m32
MOD - [2010/05/25 12:27:11 | 000,217,088 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\midas32.dll
MOD - [2010/05/25 12:27:08 | 000,116,224 | ---- | M] (BitDefender SRL) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_65\leaktests.m32
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/25 12:34:39 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2010/05/25 12:34:35 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2010/05/25 12:30:37 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/05/25 12:28:22 | 000,308,552 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - [2010/05/25 12:35:47 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2010/05/25 12:35:43 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2010/05/25 12:35:30 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2010/05/25 12:35:28 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2010/05/25 12:34:58 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/05/25 12:32:41 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/05/25 12:28:29 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\BdfNdisf6.sys -- (BdfNdisf)
DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2008/01/20 19:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 19:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 19:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 19:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 19:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 19:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/26 20:02:52 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/12/06 21:52:48 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/12/06 09:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/10/11 01:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/21 10:58:56 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/03/05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 18:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 18:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 18:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 81 ED 97 EB 90 0D CB 01 [binary data]
IE - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/06/04 17:40:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/04 13:03:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/13 20:51:06 | 000,000,000 | ---D | M]

[2010/06/04 13:03:28 | 000,000,000 | ---D | M] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Extensions
[2010/06/13 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\extensions
[2010/06/05 00:02:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla\Firefox\Profiles\atxj8cqo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/04 13:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/06/16 13:52:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3141548390-4124656697-3436349756-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/16 14:07:47 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll
[2010/06/16 13:55:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/06/16 13:55:38 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\temp
[2010/06/16 13:38:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/06/16 13:15:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/15 18:38:12 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
[2010/06/10 00:26:45 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\DEATH-ZZ\Desktop\ATF-Cleaner.exe
[2010/06/10 00:15:23 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix
[2010/06/08 23:32:06 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/06/08 23:32:06 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/06/08 23:32:06 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/06/08 23:31:55 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/08 23:31:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/06/08 23:06:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\SUPERAntiSpyware.com
[2010/06/08 23:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/06/08 11:53:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/06/08 11:53:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/06/08 11:53:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/06/08 11:53:26 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/06/08 11:53:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/06/08 11:53:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/06/08 11:53:25 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/06/08 11:53:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/06/08 11:53:25 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/06/08 11:53:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/06/08 11:53:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/06/08 11:53:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/06/08 11:53:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/06/08 11:53:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/06/08 11:53:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/06/08 11:53:23 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/06/08 11:52:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/06/08 11:52:42 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/06/08 11:52:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/06/06 14:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/06/05 15:26:47 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/05 15:26:42 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/05 15:26:41 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/05 15:26:36 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/05 15:26:36 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/05 15:25:53 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/05 15:25:53 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/06/05 15:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/05 15:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/04 18:54:54 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Malwarebytes
[2010/06/04 18:54:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/04 18:54:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/04 18:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/04 18:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/04 13:03:18 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Mozilla
[2010/06/04 13:03:18 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Mozilla
[2010/06/04 13:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/06/04 12:14:22 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/26 10:15:48 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Desktop\Favorites
[2010/05/26 10:15:35 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\Desktop\Mobsters
[2010/05/26 08:22:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Macromedia
[2010/05/26 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Yahoo!
[2010/05/26 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Yahoo
[2010/05/26 08:21:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/05/26 08:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/05/26 08:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/05/25 21:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/25 21:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/05/25 21:14:35 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/25 21:14:35 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/25 21:14:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/25 21:14:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/25 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/25 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Deployment
[2010/05/25 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Apps
[2010/05/25 20:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/05/25 20:05:38 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/05/25 20:05:37 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/05/25 20:05:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/05/25 20:05:06 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/05/25 20:05:05 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/05/25 20:05:03 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/05/25 20:05:03 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/05/25 20:05:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/05/25 20:05:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/05/25 20:05:02 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/05/25 20:05:02 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/05/25 20:05:02 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/05/25 20:05:02 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/05/25 20:05:02 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/05/25 20:05:02 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/05/25 20:05:02 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/05/25 20:05:02 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/05/25 20:05:02 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/05/25 20:05:02 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/05/25 20:05:02 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/05/25 20:05:02 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/05/25 20:05:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/05/25 20:05:02 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/05/25 20:05:02 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/05/25 20:05:02 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/05/25 20:05:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/05/25 20:05:02 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/05/25 20:05:01 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/05/25 20:04:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/05/25 20:04:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/05/25 20:04:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/05/25 20:04:32 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/05/25 20:04:31 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/05/25 20:04:31 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/05/25 20:04:31 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/05/25 20:04:31 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/05/25 20:04:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/05/25 20:03:37 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/05/25 20:03:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/05/25 20:01:27 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/05/25 20:01:26 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/05/25 20:01:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/05/25 19:47:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/05/25 19:36:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/05/25 19:20:36 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/05/25 19:20:32 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/05/25 19:20:31 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/05/25 19:20:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/05/25 19:20:29 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/05/25 19:20:27 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/05/25 19:20:26 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/05/25 19:20:26 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/05/25 19:20:24 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/05/25 19:20:24 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/05/25 19:20:23 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/05/25 19:20:22 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/05/25 19:20:21 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/05/25 19:20:21 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/05/25 19:20:19 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/05/25 19:20:18 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010/05/25 19:20:18 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/05/25 19:20:17 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/05/25 19:20:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/05/25 19:20:16 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/05/25 19:20:16 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/05/25 19:20:16 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/05/25 19:20:14 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/05/25 19:20:14 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010/05/25 19:20:13 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/05/25 19:20:13 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/05/25 19:20:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/05/25 19:20:13 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/05/25 19:20:12 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/05/25 19:20:12 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/05/25 19:20:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/05/25 19:20:11 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/05/25 19:20:11 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/05/25 19:20:11 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/05/25 19:20:11 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/05/25 19:20:11 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/05/25 19:20:11 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/05/25 19:20:09 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/05/25 19:20:08 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/05/25 19:20:08 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/05/25 19:20:07 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/05/25 19:20:07 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/05/25 19:20:07 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/05/25 19:20:06 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/05/25 19:20:06 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/05/25 19:20:06 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/05/25 19:20:06 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/05/25 19:20:06 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/05/25 19:20:06 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/05/25 19:20:05 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/05/25 19:20:05 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/05/25 19:20:05 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/05/25 19:20:05 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/05/25 19:20:04 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/05/25 19:20:03 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/05/25 19:20:03 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/05/25 19:20:03 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/05/25 19:20:03 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/05/25 19:20:02 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/05/25 19:20:02 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/05/25 19:20:02 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/05/25 19:20:02 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010/05/25 19:20:02 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/05/25 19:20:01 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/05/25 19:20:01 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/05/25 19:20:01 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010/05/25 19:20:01 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010/05/25 19:20:00 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/05/25 19:19:59 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/05/25 19:19:59 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/05/25 19:19:59 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/05/25 19:19:59 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/05/25 19:19:59 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/05/25 19:19:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/05/25 19:19:58 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/05/25 19:19:58 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010/05/25 19:19:57 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/05/25 19:19:57 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/05/25 19:19:57 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/05/25 19:19:57 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/05/25 19:19:57 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/05/25 19:19:57 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/05/25 19:19:57 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/05/25 19:19:57 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/05/25 19:19:56 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/05/25 19:19:56 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/05/25 19:19:55 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/05/25 19:19:55 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/05/25 19:19:55 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/05/25 19:19:55 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/05/25 19:19:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/05/25 19:19:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/05/25 19:19:54 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/05/25 19:19:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/05/25 19:19:53 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/05/25 19:19:53 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/05/25 19:19:53 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/05/25 19:19:53 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/05/25 19:19:53 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/05/25 19:19:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/05/25 19:19:51 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/05/25 19:19:51 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/05/25 19:19:50 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/05/25 19:19:49 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/05/25 19:19:48 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/05/25 19:19:48 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/05/25 19:19:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/05/25 19:19:48 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/05/25 19:19:48 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/05/25 19:19:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/05/25 19:19:48 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/05/25 19:19:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/05/25 19:19:47 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/05/25 19:19:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/05/25 19:19:47 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/05/25 19:19:46 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/05/25 19:19:45 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/05/25 19:19:45 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/05/25 19:19:45 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/05/25 19:19:45 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/05/25 19:19:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/05/25 19:19:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/05/25 19:19:44 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/05/25 19:19:44 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/05/25 19:19:44 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/05/25 19:19:44 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/05/25 19:19:43 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/05/25 19:19:43 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/05/25 19:19:42 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/05/25 19:19:42 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/05/25 19:19:42 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/05/25 19:19:42 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/05/25 19:19:42 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/05/25 19:19:42 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/05/25 19:19:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/05/25 19:19:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/05/25 19:19:41 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/05/25 19:19:41 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/05/25 19:19:41 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/05/25 19:19:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/05/25 19:19:41 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/05/25 19:19:41 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/05/25 19:19:40 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/05/25 19:19:40 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/05/25 19:19:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/05/25 19:19:40 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/05/25 19:19:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/05/25 19:19:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/05/25 19:19:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/05/25 19:19:40 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/05/25 19:19:40 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/05/25 19:19:39 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/05/25 19:19:39 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/05/25 19:19:39 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/05/25 19:19:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/05/25 19:19:39 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/05/25 19:19:39 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/05/25 19:19:38 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/05/25 19:19:38 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/05/25 19:19:38 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/05/25 19:19:38 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/05/25 19:19:37 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/05/25 19:19:37 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/05/25 19:19:36 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/05/25 19:19:36 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/05/25 19:19:36 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/05/25 19:19:36 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/05/25 19:19:35 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/05/25 19:19:35 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/05/25 19:19:35 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/05/25 19:19:35 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/05/25 19:19:35 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/05/25 19:19:35 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/05/25 19:19:35 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/05/25 19:19:35 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/05/25 19:19:35 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/05/25 19:19:34 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/05/25 19:19:34 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/05/25 19:19:34 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/05/25 19:19:34 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/05/25 19:19:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/05/25 19:19:34 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/05/25 19:19:33 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/05/25 19:19:33 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/05/25 19:19:33 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/05/25 19:19:33 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/05/25 19:19:33 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/05/25 19:19:33 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/05/25 19:19:33 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/05/25 19:19:33 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/05/25 19:19:33 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/05/25 19:19:32 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/05/25 19:19:32 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/05/25 19:19:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/05/25 19:19:32 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/05/25 19:19:31 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/05/25 19:19:31 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/05/25 19:19:31 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/05/25 19:19:31 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/05/25 19:19:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/05/25 19:19:31 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/05/25 19:19:31 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/05/25 19:19:31 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/05/25 19:19:31 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/05/25 19:19:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/05/25 19:19:30 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/05/25 19:19:30 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/05/25 19:19:30 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/05/25 19:19:30 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/05/25 19:19:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/05/25 19:19:30 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/05/25 19:19:30 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/05/25 19:19:30 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/05/25 19:19:29 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/05/25 19:19:29 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/05/25 19:19:29 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/05/25 19:19:29 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/05/25 19:19:29 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/05/25 19:19:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/05/25 19:19:29 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/05/25 19:19:29 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/05/25 19:19:29 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/05/25 19:19:29 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/05/25 19:19:29 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/05/25 19:19:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/05/25 19:19:28 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/05/25 19:19:28 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/05/25 19:19:28 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/05/25 19:19:28 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/05/25 19:19:28 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/05/25 19:19:28 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/05/25 19:19:28 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/05/25 19:19:28 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/05/25 19:19:27 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/05/25 19:19:27 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/05/25 19:19:27 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/05/25 19:19:27 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/05/25 19:19:27 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/05/25 19:19:27 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/05/25 19:19:27 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/05/25 19:19:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/05/25 19:19:27 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/05/25 19:19:26 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/05/25 19:19:25 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/05/25 19:19:25 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/05/25 19:19:25 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/05/25 19:19:25 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/05/25 19:19:24 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/05/25 19:19:24 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/05/25 19:19:24 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/05/25 19:19:24 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/05/25 19:19:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/05/25 19:19:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/05/25 19:19:23 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/05/25 19:19:23 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/05/25 19:19:23 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/05/25 19:19:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/05/25 19:19:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/05/25 19:19:23 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/05/25 19:19:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/05/25 19:19:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/05/25 19:19:22 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/05/25 19:19:22 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/05/25 19:19:22 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/05/25 19:19:22 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/05/25 19:19:22 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/05/25 19:19:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/05/25 19:19:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/05/25 19:19:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/05/25 19:19:21 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/05/25 19:19:21 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/05/25 19:19:21 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/05/25 19:19:21 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/05/25 19:19:21 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/05/25 19:19:20 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/05/25 19:19:20 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/05/25 19:19:20 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/05/25 19:19:20 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/05/25 19:19:20 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/05/25 19:19:20 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/05/25 19:19:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/05/25 19:19:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/05/25 19:19:20 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/05/25 19:19:20 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/05/25 19:19:20 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/05/25 19:19:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/05/25 19:19:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/05/25 19:19:19 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/05/25 19:19:19 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/05/25 19:19:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/05/25 19:19:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/05/25 19:19:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/05/25 19:19:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/05/25 19:19:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/05/25 19:19:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/05/25 19:19:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/05/25 19:19:18 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/05/25 19:19:18 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/05/25 19:19:18 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/05/25 19:19:18 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/05/25 19:19:18 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/05/25 19:19:18 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/05/25 19:19:18 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/05/25 19:19:18 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/05/25 19:19:18 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/05/25 19:19:18 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/05/25 19:19:18 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/05/25 19:19:18 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/05/25 19:19:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/05/25 19:19:18 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/05/25 19:19:18 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/05/25 19:19:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/05/25 19:19:18 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/05/25 19:19:18 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/05/25 19:19:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/05/25 19:19:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/05/25 19:19:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/05/25 19:19:17 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/05/25 19:19:17 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/05/25 19:19:17 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/05/25 19:19:17 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2010/05/25 19:19:17 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/05/25 19:19:17 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/05/25 19:19:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/05/25 19:19:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/05/25 19:19:16 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/05/25 19:19:16 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/05/25 19:19:16 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/05/25 19:19:16 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/05/25 19:19:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/05/25 19:19:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/05/25 19:19:16 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/05/25 19:19:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/05/25 19:19:16 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/05/25 19:19:16 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/05/25 19:19:16 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/05/25 19:19:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/05/25 19:19:16 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/05/25 19:19:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/05/25 19:19:15 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/05/25 19:19:15 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/05/25 19:19:15 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/05/25 19:19:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/05/25 19:19:15 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/05/25 19:19:15 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/05/25 19:19:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/05/25 19:19:15 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/05/25 19:19:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/05/25 19:19:14 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/05/25 19:19:14 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/05/25 19:19:14 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/05/25 19:19:14 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/05/25 19:19:14 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/05/25 19:19:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/05/25 19:19:14 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/05/25 19:19:14 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/05/25 19:19:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/05/25 19:19:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/05/25 19:19:14 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/05/25 19:19:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/05/25 19:19:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/05/25 19:19:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/05/25 19:19:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/05/25 19:19:13 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/05/25 19:19:13 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/05/25 19:19:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/05/25 19:19:13 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/05/25 19:19:13 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/05/25 19:19:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/05/25 19:19:13 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/05/25 19:19:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/05/25 19:19:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/05/25 19:19:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/05/25 19:19:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/05/25 19:19:12 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/05/25 19:19:12 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/05/25 19:19:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/05/25 19:19:12 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/05/25 19:19:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/05/25 19:19:12 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/05/25 19:19:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/05/25 19:19:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/05/25 19:19:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/05/25 19:19:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/05/25 19:19:12 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/05/25 19:19:12 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/05/25 19:19:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/05/25 19:19:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/05/25 19:19:12 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/05/25 19:19:12 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/05/25 19:19:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/05/25 19:19:11 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/05/25 19:19:11 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/05/25 19:19:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/05/25 19:19:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/05/25 19:19:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/05/25 19:19:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/05/25 19:19:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/05/25 19:19:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/05/25 19:19:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/05/25 19:19:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/05/25 19:19:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/05/25 19:19:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/05/25 19:19:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/05/25 19:19:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/05/25 19:19:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/05/25 19:19:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/05/25 19:19:10 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/05/25 19:19:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/05/25 19:19:10 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/05/25 19:19:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/05/25 19:19:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/05/25 19:19:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/05/25 19:19:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/05/25 19:19:10 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/05/25 19:19:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/05/25 19:19:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/05/25 19:19:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/05/25 19:19:09 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/05/25 19:19:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/05/25 19:19:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/05/25 19:19:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/05/25 19:19:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/05/25 19:18:56 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/05/25 19:18:54 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/05/25 19:18:54 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/05/25 19:18:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/05/25 18:56:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/05/25 18:19:53 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/05/25 18:12:21 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/05/25 18:12:20 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/05/25 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\WindowsUpdate
[2010/05/25 14:17:46 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Dell
[2010/05/25 14:05:26 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/05/25 14:05:26 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/05/25 14:05:26 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/05/25 14:05:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/05/25 14:05:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/05/25 14:05:26 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/05/25 14:05:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/05/25 14:05:25 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/05/25 14:05:25 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/05/25 14:05:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/05/25 14:05:25 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/05/25 14:05:25 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/05/25 14:05:24 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/05/25 14:05:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/05/25 14:05:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/05/25 14:05:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/05/25 14:05:23 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/05/25 14:05:23 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/05/25 14:05:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/05/25 14:05:21 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/05/25 14:05:21 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/05/25 14:05:21 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/05/25 14:05:21 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/05/25 14:05:21 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/05/25 14:05:21 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/05/25 14:01:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/05/25 14:01:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/05/25 14:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/05/25 13:59:19 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/05/25 13:59:18 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/05/25 13:59:17 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/05/25 13:59:17 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/05/25 13:59:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/05/25 13:59:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/05/25 13:58:41 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/05/25 13:54:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/25 13:54:21 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/05/25 13:53:13 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/05/25 13:53:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/05/25 13:53:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/05/25 13:53:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/05/25 13:53:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/05/25 13:53:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/05/25 13:53:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/05/25 13:53:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/05/25 13:53:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/05/25 13:52:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/05/25 13:52:54 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/05/25 13:52:53 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/05/25 13:52:53 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/05/25 13:52:52 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/05/25 13:52:52 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/05/25 13:52:52 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/05/25 13:52:52 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/05/25 13:52:52 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/05/25 13:52:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/05/25 13:52:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/05/25 13:52:25 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/05/25 13:52:21 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/05/25 13:52:21 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/05/25 13:52:21 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/05/25 13:52:21 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/05/25 13:52:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/05/25 13:52:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/05/25 13:51:58 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/05/25 13:51:58 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/05/25 13:51:40 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/05/25 13:51:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/05/25 13:51:38 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/05/25 13:51:38 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/05/25 13:51:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/05/25 13:51:35 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/05/25 13:51:35 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/05/25 13:51:32 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/05/25 13:51:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/05/25 13:50:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/05/25 13:49:56 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/05/25 13:49:54 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/05/25 13:49:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/05/25 13:49:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/05/25 13:49:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/05/25 13:49:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/05/25 13:49:42 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/05/25 13:49:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/05/25 13:49:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/05/25 12:23:01 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/05/25 12:23:01 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/05/25 12:22:48 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/05/25 12:22:48 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/05/25 12:22:48 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/05/25 12:22:41 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/05/25 12:22:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/05/25 12:18:05 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\ApplicationHistory
[2010/05/25 12:13:11 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\BitDefender
[2010/05/25 12:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/05/25 12:13:03 | 000,000,000 | ---D | C] -- C:\Binaries
[2010/05/25 12:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010/05/25 12:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2010/05/25 12:11:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/05/25 12:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2010/05/25 12:09:58 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Adobe
[2010/05/25 11:49:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/05/25 11:48:51 | 000,000,000 | ---D | C] -- C:\Boot
[2010/05/25 11:48:37 | 000,304,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2010/05/25 11:48:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/05/25 11:46:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Reallusion
[2010/05/25 11:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Reallusion
[2010/05/25 11:45:53 | 005,627,904 | ---- | C] (Reallusion Inc.) -- C:\Windows\System32\LiveCamVirtual.ocx
[2010/05/25 11:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Creative Live! Cam
[2010/05/25 11:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010/05/25 11:40:37 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\MediaDirect
[2010/05/25 11:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/05/25 11:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/05/25 11:39:51 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010/05/25 11:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/05/25 11:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2010/05/25 11:31:57 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01005.dll
[2010/05/25 11:31:57 | 000,164,400 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys
[2010/05/25 11:31:57 | 000,100,542 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
[2010/05/25 11:29:10 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe
[2010/05/25 11:29:10 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010/05/25 11:29:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010/05/25 11:28:56 | 000,111,616 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2010/05/25 11:28:55 | 000,530,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe
[2010/05/25 11:28:55 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxzoom.exe
[2010/05/25 11:28:55 | 000,170,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
[2010/05/25 11:28:55 | 000,069,632 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll
[2010/05/25 11:28:54 | 003,293,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2010/05/25 11:28:54 | 002,580,480 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2010/05/25 11:28:54 | 002,416,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2010/05/25 11:28:54 | 002,016,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys
[2010/05/25 11:28:54 | 001,658,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll
[2010/05/25 11:28:54 | 000,241,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2010/05/25 11:28:54 | 000,204,800 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2010/05/25 11:28:54 | 000,200,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
[2010/05/25 11:28:54 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2010/05/25 11:28:54 | 000,192,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2010/05/25 11:28:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc
[2010/05/25 11:28:54 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2010/05/25 11:28:54 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2010/05/25 11:28:54 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2010/05/25 11:28:54 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2010/05/25 11:28:54 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2010/05/25 11:28:54 | 000,159,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2010/05/25 11:28:54 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2010/05/25 11:28:54 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2010/05/25 11:28:54 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2010/05/25 11:28:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2010/05/25 11:28:54 | 000,122,880 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2010/05/25 11:28:54 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2010/05/25 11:28:54 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2010/05/25 11:28:54 | 000,102,400 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2010/05/25 11:28:54 | 000,048,128 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2010/05/25 11:28:54 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2010/05/25 11:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Marvell
[2010/05/25 11:27:44 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\TMP
[2010/05/25 11:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2010/05/25 11:23:13 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vcredist_x86.exe
[2010/05/25 11:23:13 | 000,987,136 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMLogon.dll
[2010/05/25 11:23:12 | 005,967,872 | ---- | C] (Dell Inc.) -- C:\Windows\System32\BCMWLCPL.CPL
[2010/05/25 11:23:12 | 003,895,296 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmttls.dll
[2010/05/25 11:23:12 | 003,579,904 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvsrv.dll
[2010/05/25 11:23:12 | 003,244,032 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmihvui.dll
[2010/05/25 11:23:12 | 001,044,984 | ---- | C] (Broadcom Corp.) -- C:\Windows\System32\drivers\BCMWL6.SYS
[2010/05/25 11:23:12 | 000,278,528 | ---- | C] (Dell Inc.) -- C:\Windows\System32\bcmwlu00.exe
[2010/05/25 11:23:12 | 000,087,328 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\bcmwlcoi.dll
[2010/05/25 11:23:12 | 000,065,536 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\wltrynt.dll
[2010/05/25 11:23:01 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\InstallShield
[2010/05/25 11:21:43 | 000,393,216 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.dll
[2010/05/25 11:21:43 | 000,335,872 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Cvw.crl
[2010/05/25 11:21:43 | 000,235,648 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Dev.sys
[2010/05/25 11:21:43 | 000,141,376 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\OEM02Afx.sys
[2010/05/25 11:21:43 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.dll
[2010/05/25 11:21:43 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
[2010/05/25 11:21:43 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Hwx.dll
[2010/05/25 11:21:43 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\OEM02Cfg.exe
[2010/05/25 11:21:43 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Srv.exe
[2010/05/25 11:21:43 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\OEM02Pin.crl
[2010/05/25 11:21:43 | 000,007,424 | ---- | C] (EyePower Games Pte. Ltd.) -- C:\Windows\System32\drivers\OEM02Vfx.sys
[2010/05/25 11:21:42 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\System32\cximage.dll
[2010/05/25 11:21:42 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe
[2010/05/25 11:21:42 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll
[2010/05/25 11:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/05/25 11:20:41 | 000,986,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys
[2010/05/25 11:20:41 | 000,659,968 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys
[2010/05/25 11:20:41 | 000,206,848 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys
[2010/05/25 11:20:41 | 000,172,032 | ---- | C] (Conexant Systems, Inc) -- C:\Windows\System32\Uci32114.dll
[2010/05/25 11:20:41 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2010/05/25 11:20:41 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys
[2010/05/25 11:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/05/25 11:19:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/05/25 11:17:55 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2010/05/25 11:17:55 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2010/05/25 11:17:55 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2010/05/25 11:17:55 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2010/05/25 11:16:37 | 004,947,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacgui.cpl
[2010/05/25 11:16:37 | 001,601,536 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\System32\stlang.dll
[2010/05/25 11:16:37 | 000,647,168 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010/05/25 11:16:37 | 000,131,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010/05/25 11:16:37 | 000,102,400 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
[2010/05/25 11:16:37 | 000,073,728 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
[2010/05/25 11:16:37 | 000,053,248 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010/05/25 11:16:18 | 000,146,944 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2010/05/25 11:16:17 | 000,595,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2010/05/25 11:16:17 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2010/05/25 11:16:17 | 000,330,240 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010/05/25 11:16:17 | 000,328,704 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2010/05/25 11:16:17 | 000,299,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/05/25 11:16:17 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2010/05/25 11:16:17 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/25 11:16:17 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2010/05/25 11:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/05/25 11:11:28 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\SupportSoft
[2010/05/25 11:11:25 | 000,000,000 | ---D | C] -- C:\Dell
[2010/05/25 11:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2010/05/25 11:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2010/05/25 11:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2010/05/25 11:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2010/05/25 11:08:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010/05/25 11:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/05/25 11:06:32 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/05/25 11:02:37 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Searches
[2010/05/25 11:02:30 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Identities
[2010/05/25 11:02:28 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Contacts
[2010/05/25 11:02:28 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\VirtualStore
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\Temporary Internet Files
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Templates
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Start Menu
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\SendTo
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Recent
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\PrintHood
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\NetHood
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Videos
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Pictures
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Documents\My Music
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\My Documents
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Local Settings
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\History
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Cookies
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\Application Data
[2010/05/25 11:02:25 | 000,000,000 | -HSD | C] -- C:\Users\DEATH-ZZ\AppData\Local\Application Data
[2010/05/25 11:02:24 | 000,000,000 | --SD | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Microsoft
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Videos
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Saved Games
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Pictures
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Music
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Links
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Favorites
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Downloads
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Documents
[2010/05/25 11:02:24 | 000,000,000 | R--D | C] -- C:\Users\DEATH-ZZ\Desktop
[2010/05/25 11:02:24 | 000,000,000 | -H-D | C] -- C:\Users\DEATH-ZZ\AppData
[2010/05/25 11:02:24 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Local\Microsoft
[2010/05/25 11:02:24 | 000,000,000 | ---D | C] -- C:\Users\DEATH-ZZ\AppData\Roaming\Media Center Programs
[2010/05/25 10:59:17 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/05/25 10:52:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/05/25 10:49:55 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/05/25 10:49:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2010/06/17 22:37:09 | 001,310,720 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT
[2010/06/17 22:36:47 | 000,747,142 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/17 22:36:47 | 000,634,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/17 22:36:47 | 000,117,244 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/17 22:29:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/17 22:29:06 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/17 22:29:06 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/17 22:28:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/17 11:41:51 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv
[2010/06/17 11:41:41 | 000,524,288 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/17 11:41:41 | 000,065,536 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/17 11:41:35 | 001,969,701 | -H-- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\IconCache.db
[2010/06/16 13:52:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/06/16 13:52:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/06/16 13:23:12 | 003,712,734 | R--- | M] () -- C:\Users\DEATH-ZZ\Desktop\Combofix.exe
[2010/06/16 13:14:58 | 394,403,966 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/15 19:48:56 | 000,046,259 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\june15gmer.zip
[2010/06/15 18:46:59 | 000,293,376 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\ydo5l2qt.exe
[2010/06/15 18:38:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\DEATH-ZZ\Desktop\OTL.exe
[2010/06/10 00:26:46 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\DEATH-ZZ\Desktop\ATF-Cleaner.exe
[2010/06/10 00:12:41 | 001,872,472 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix.exe
[2010/06/09 23:57:03 | 000,062,860 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\ark.zip
[2010/06/09 22:45:44 | 000,000,000 | ---- | M] () -- C:\Users\DEATH-ZZ\defogger_reenable
[2010/06/09 22:07:09 | 000,525,824 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\dds.scr
[2010/06/09 22:06:32 | 000,050,477 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\Defogger.exe
[2010/06/08 12:13:35 | 000,228,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/06 14:34:56 | 000,003,584 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 15:26:47 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/05 15:26:36 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/05 15:19:59 | 000,001,356 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\d3d9caps.dat
[2010/06/05 14:01:21 | 000,114,050 | ---- | M] () -- C:\Users\DEATH-ZZ\Documents\doc.jpg
[2010/06/04 18:54:49 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/04 13:03:15 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/27 22:08:41 | 000,039,424 | ---- | M] () -- C:\Users\DEATH-ZZ\Desktop\RSM Warlist.xls
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\wsbl.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_white.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_summ.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_spoof.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_sign.slf
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ph_black.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords2.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat
[2010/05/26 10:12:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/05/25 21:14:13 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/05/25 21:14:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/05/25 21:14:13 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/05/25 21:14:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/05/25 19:32:46 | 000,000,025 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Roaming\bdfvconp.ini
[2010/05/25 18:04:42 | 000,049,168 | ---- | M] () -- C:\Users\DEATH-ZZ\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/05/25 12:55:38 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2010/05/25 12:53:51 | 000,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2010/05/25 12:35:44 | 000,106,464 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdhv.sys
[2010/05/25 12:35:43 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdfm.sys
[2010/05/25 12:34:58 | 000,291,352 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2010/05/25 12:28:29 | 000,072,784 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys
[2010/05/25 12:26:42 | 000,000,016 | ---- | M] () -- C:\Windows\System32\asdict.dat
[2010/05/25 12:26:42 | 000,000,004 | ---- | M] () -- C:\Windows\System32\aspdict-en.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pcwords.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_sign.slf
[2010/05/25 12:26:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ab_bl.sig
[2010/05/25 12:13:12 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2010/05/25 12:02:23 | 000,000,076 | RHS- | M] () -- C:\Windows\CT4CET.bin
[2010/05/25 11:48:53 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/05/25 11:35:11 | 000,016,052 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/05/25 11:32:36 | 000,524,288 | -HS- | M] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 11:32:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/05/25 11:26:41 | 000,022,729 | ---- | M] () -- C:\newkey
[2010/05/25 11:26:41 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2010/05/25 11:11:17 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/05/25 11:02:25 | 000,000,020 | -HS- | M] () -- C:\Users\DEATH-ZZ\ntuser.ini
[2010/05/25 10:52:50 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2010/06/16 13:23:12 | 003,712,734 | R--- | C] () -- C:\Users\DEATH-ZZ\Desktop\Combofix.exe
[2010/06/16 13:14:58 | 394,403,966 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/15 19:48:56 | 000,046,259 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\june15gmer.zip
[2010/06/15 18:46:58 | 000,293,376 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\ydo5l2qt.exe
[2010/06/10 00:12:35 | 001,872,472 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\SmitfraudFix.exe
[2010/06/09 23:57:03 | 000,062,860 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\ark.zip
[2010/06/09 22:45:44 | 000,000,000 | ---- | C] () -- C:\Users\DEATH-ZZ\defogger_reenable
[2010/06/09 22:07:08 | 000,525,824 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\dds.scr
[2010/06/09 22:06:32 | 000,050,477 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\Defogger.exe
[2010/06/08 23:32:06 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/06/08 23:32:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/06/08 23:32:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/06/08 23:32:06 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/06/08 23:32:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/06/06 14:34:54 | 000,003,584 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 15:26:47 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/05 14:01:19 | 000,114,050 | ---- | C] () -- C:\Users\DEATH-ZZ\Documents\doc.jpg
[2010/06/04 18:54:49 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/04 13:03:15 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/05/27 22:08:40 | 000,039,424 | ---- | C] () -- C:\Users\DEATH-ZZ\Desktop\RSM Warlist.xls
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsbl.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_white.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_summ.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_spoof.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_sign.slf
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_fuzzy.sig
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ph_black.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords2.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat
[2010/05/27 13:59:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat
[2010/05/26 10:12:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/05/25 19:32:46 | 000,000,025 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Roaming\bdfvconp.ini
[2010/05/25 19:20:05 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/05/25 19:20:03 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010/05/25 19:19:57 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/05/25 19:19:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/05/25 19:19:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/05/25 19:19:53 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/05/25 19:19:53 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/05/25 19:19:48 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/05/25 19:19:38 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/05/25 19:19:35 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/05/25 19:19:09 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/05/25 19:19:05 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/05/25 14:52:43 | 000,000,052 | ---- | C] () -- C:\Windows\System32\ashttpstats.csv
[2010/05/25 14:18:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/05/25 14:17:52 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/05/25 14:06:02 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/05/25 13:52:22 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/05/25 12:55:38 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2010/05/25 12:53:51 | 000,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2010/05/25 12:26:42 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2010/05/25 12:26:42 | 000,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcwords.dat
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_sign.slf
[2010/05/25 12:26:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ab_bl.sig
[2010/05/25 12:13:12 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2010.lnk
[2010/05/25 11:48:53 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/05/25 11:48:51 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2010/05/25 11:48:18 | 000,000,024 | RH-- | C] () -- C:\Windows\dell_version
[2010/05/25 11:46:54 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2010/05/25 11:35:11 | 000,016,052 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/05/25 11:32:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/05/25 11:28:56 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2010/05/25 11:28:55 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2010/05/25 11:28:55 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2010/05/25 11:28:55 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2010/05/25 11:28:55 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2010/05/25 11:28:55 | 000,027,152 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2010/05/25 11:28:55 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2010/05/25 11:28:55 | 000,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2010/05/25 11:23:13 | 000,001,591 | ---- | C] () -- C:\Windows\System32\Uninst_EAPModules.bat
[2010/05/25 11:23:13 | 000,000,416 | ---- | C] () -- C:\Windows\System32\vcredist_x86.bat
[2010/05/25 11:23:12 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/05/25 11:23:12 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2010/05/25 11:23:02 | 000,022,729 | ---- | C] () -- C:\newkey
[2010/05/25 11:23:02 | 000,022,729 | ---- | C] () -- C:\newfile.enc
[2010/05/25 11:21:43 | 000,260,330 | ---- | C] () -- C:\Windows\System32\OEM02Cvw.bff
[2010/05/25 11:21:43 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02Pvc.bmp
[2010/05/25 11:21:43 | 000,057,656 | ---- | C] () -- C:\Windows\System32\drivers\OEM02PC.bmp
[2010/05/25 11:21:43 | 000,004,510 | ---- | C] () -- C:\Windows\OEM002.uns
[2010/05/25 11:20:41 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2010/05/25 11:17:55 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2010/05/25 11:11:17 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/05/25 11:02:25 | 000,524,288 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 11:02:25 | 000,524,288 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 11:02:25 | 000,065,536 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/05/25 11:02:25 | 000,001,356 | ---- | C] () -- C:\Users\DEATH-ZZ\AppData\Local\d3d9caps.dat
[2010/05/25 11:02:25 | 000,000,020 | -HS- | C] () -- C:\Users\DEATH-ZZ\ntuser.ini
[2010/05/25 11:02:24 | 001,310,720 | -HS- | C] () -- C:\Users\DEATH-ZZ\NTUSER.DAT
[2010/05/25 11:02:24 | 000,262,144 | -H-- | C] () -- C:\Users\DEATH-ZZ\ntuser.dat.LOG1
[2010/05/25 11:02:24 | 000,000,000 | -H-- | C] () -- C:\Users\DEATH-ZZ\ntuser.dat.LOG2
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >


#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 18 June 2010 - 08:41 AM

Please click Start > Programs and choose the option Internet Explorer (no add ons). Let me know if the same issue still happens.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 18 June 2010 - 11:25 AM

Hi,
Well so far I haven't had the same thing happen to me today opening IE either way today. Everything appears all good now I appreciate all your help. When MBAM found the trojan dropper I wanted to make sure I was all good since my cpu was acting up and now it seems to be fine. So I guess there is no new symptoms to report and so far the old ones haven't repeated their actions.

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 18 June 2010 - 12:13 PM

Hi there,
Thats good news. Lets do one last check to make sure everything is gone.

ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    Note - when ESET doesn't find any threats, no report will be created.
  12. Push the button.
  13. Push

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 DEATHlLINK

DEATHlLINK
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:14 AM

Posted 18 June 2010 - 10:02 PM

Hi,
The ESET online scan came up clean. No threats found. I did have one question I have wondered about this C:\Windows\ehome\ehshell.exe I dont remember ever seeing this before is this a legit program.

Edited by DEATHlLINK, 18 June 2010 - 10:58 PM.


#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:14 PM

Posted 19 June 2010 - 08:41 AM

That one is completely legit smile.gif

ALL CLEAN
--------------
Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean smile.gif

Please do the following to remove the remaining programs from your PC:
  • Delete the tools used during the disinfection:
    • Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.
    • Delete DDS, GMER (this is a random named file) and OTL.
Please read these advices, in order to prevent reinfecting your PC:
  1. Install and update the following programs regularly:
    • an outbound firewall
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
    • MVPs hosts file
      A tutorial for MVPs hosts file can be found here. If you would like automatic updates you might want to take a look at HostMan host file manager. For more information on thehosts file, and what it can do for you,please consult the Tutorial on the Hosts file
  2. Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  3. Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  4. Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.
Some more links you might find of interest:

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users