WiredWX Hobby Weather ToolsLog in

 


trojan heur

2 posters

descriptiontrojan heur Emptytrojan heur

more_horiz
i have a trojan on my pc os windows vista 32 bit and i was using combofix with kaspersky but i still feel i have the virus can you please guide me on how to work with you and combofix please

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
I HAVE JUST RUN ADVANCE SYSTEM CARE AND ADVISE ME TO PUT THIS ON A LOG THAT WORK WITH HIJACK THIS SO HERE IS THE REPORT
Logfile of Advanced SystemCare 3 Security Analyzer
Scan saved at 11:08:21 PM, on 1/29/2010
Platform: Windows Vista (WinNT 6.0)
MSIE: Internet Explorer v8.0 (8.0.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\aol\1263870160\ee\aolsoftware.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\AOL 9.5\waol.exe
C:\Program Files\AOL 9.5\shellmon.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\program files\internet explorer\iexplore.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Groove GFS Browser Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Groove GFS Browser Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Groove GFS Browser Helper - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Groove GFS Browser Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.5\AOL.EXE" -b
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Estadísticas de protección del tráfico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: GoToAssist (gpsvc) - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
Malwarebytes' Anti-Malware 1.44
Database version: 3668
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

1/31/2010 12:28:50 PM
mbam-log-2010-01-31 (12-28-50).txt

Scan type: Quick Scan
Objects scanned: 115860
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
this is the report you ask me too and it seems that there is no virus

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
first part (1) OTL Extras logfile created on: 2/2/2010 1:23:31 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 199.62 Gb Free Space | 66.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.96 Gb Free Space | 85.24% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CC7D6C-44DE-41A9-A984-ABFDEA9E4BC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29FA746C-D0E7-490E-80C0-83CCBB112624}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7DE68028-D0F5-4668-BD93-3D324B173ECB}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7A50B-0C75-401F-A4FA-FAF741D798A6}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0365D8E7-3C2E-4F87-A2D2-EB0C99A5412F}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{127A2468-2459-4D51-9D5C-1502095967BE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{14A5AEEE-7ACC-4C24-9CC8-34BF982D21A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{176B6002-A003-40AD-9D29-A63440A1971F}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{26B73FFC-346E-4708-8D74-74BA0FD5D32A}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{39ACEBB1-E69D-4618-91EF-7898E65D4507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4014B4DD-E149-4D12-AE91-2E76EB1F0B2E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{40702937-73B1-4BA0-B0F8-4C308B858D61}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4427C42E-9B96-4261-B9B1-592262A07861}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{463060C8-55D9-4699-91BF-594895246ECC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{60F07F92-3A46-4DD3-9B7B-1F62781DD7AF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{631FA709-9EFE-416E-B337-8E13AEC7231D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{634B0789-3487-4587-94AB-50F79ABE5357}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{6A056CE6-7C00-4CD6-82F3-4E4F8BA2A150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7FAFD966-A976-46C7-9317-38A5DC586C1B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{803F4237-B775-4DCF-9BCA-297C9E5D14D2}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{8156C224-BE5B-44E5-9512-3EC3A40812BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85D0402B-FC8A-4BA1-86C5-121120EB9DEB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{86E06BD6-ABCD-4441-8CAE-E848623938E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8A1DAC2C-D3A4-4758-B591-AAA9CC2A9F82}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{934FD6D6-AA13-4EED-AEA4-262B6ECCF692}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{945FC088-F6B7-46BF-93DA-54C37CC53650}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{964990C9-E885-4A5C-81F0-6826B53042C7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A08B9794-E5A2-4954-B995-86BE2762AD7E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5B38B81-D26C-4E40-B754-120033E81719}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{BA7A7DC5-5860-46E2-82B8-30102094D7F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BE5E5A27-3BF0-4165-B953-A9946FE835A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D92391C5-7EF3-4422-8FA7-2AD01B633FAE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{DD06A051-1637-4F71-9345-8A0483EE6FDD}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{DDBBAD11-9A5F-488B-A73A-F1F5F23DEF2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DE4819AA-A779-4F6D-9C0A-433BD78A5258}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{F4303C63-4873-4ABB-88C1-9CAC4CDAC4E9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FE3971FC-D3BC-4319-9490-EF414A988752}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"TCP Query User{03FE0169-CEDA-4076-989B-19F3394190CD}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{3E255A02-6B74-4D29-BEFB-CB30FFA5D291}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{A6EFDE20-4394-435B-A717-A8A9C8E67E18}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{006BBAC0-05DF-43FA-A005-BC692AB5D3C0}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{5BF2DA3A-7D7A-402C-8FE8-E5D41472AA92}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{72783167-F055-4883-A288-C65D5DC08F43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
second part of the report
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AA5F2C-EEBB-47A3-AB7B-B235E620FFDB}_is1" = los Boeing 737-200 Advanced, de las Líneas Aérea LAN, SKY y AER
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 18
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5aa47dba-b584-4d47-a626-76e53f010201}" = JavaFX(TM) 1.2 SDK
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74550cae-c3fe-4c94-ab8e-a26a71eb49c4}" = Nero 9
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.26
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}" = TuneUp Utilities Language Pack (es-ES)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AMDAway INF" = AMDAway INF
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow" = ffdshow (remove only)
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"LimeWire" = LimeWire 5.4.6
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2010 2:56:37 AM | Computer Name = HORACIO-PC | Source = Perflib | ID = 1008
Description =

Error - 1/29/2010 3:06:36 AM | Computer Name = HORACIO-PC | Source = pctsSvc.exe | ID = 0
Description =

Error - 1/30/2010 2:10:13 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01caa1ce6b0970f2 Termination Time: 0

Error - 1/31/2010 10:31:13 PM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

Error - 2/1/2010 12:51:07 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 103c Start Time: 01caa35e7b4c3e11 Termination Time: 0

Error - 2/2/2010 12:43:40 AM | Computer Name = HORACIO-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18882, time stamp
0x4b3ed243, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00041e3b, process id 0x14f8, application
start time 0x01caa392ccaf2700.

Error - 2/2/2010 1:59:30 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17ac Start Time: 01caa3cb66aa0ef0 Termination Time: 63

Error - 2/2/2010 2:00:20 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 50c Start Time: 01caa3cce762f330 Termination Time: 15

Error - 2/2/2010 2:16:01 AM | Computer Name = HORACIO-PC | Source = VSS | ID = 8194
Description =

Error - 2/2/2010 2:17:19 AM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 1/19/2010 3:28:14 AM | Computer Name = HORACIO-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 1/19/2010 10:46:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 11:01:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 12:52:03 PM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
EXTRAS.TXT
OTL Extras logfile created on: 2/2/2010 1:23:31 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 199.62 Gb Free Space | 66.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.96 Gb Free Space | 85.24% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CC7D6C-44DE-41A9-A984-ABFDEA9E4BC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29FA746C-D0E7-490E-80C0-83CCBB112624}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7DE68028-D0F5-4668-BD93-3D324B173ECB}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7A50B-0C75-401F-A4FA-FAF741D798A6}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0365D8E7-3C2E-4F87-A2D2-EB0C99A5412F}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{127A2468-2459-4D51-9D5C-1502095967BE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{14A5AEEE-7ACC-4C24-9CC8-34BF982D21A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{176B6002-A003-40AD-9D29-A63440A1971F}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{26B73FFC-346E-4708-8D74-74BA0FD5D32A}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{39ACEBB1-E69D-4618-91EF-7898E65D4507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4014B4DD-E149-4D12-AE91-2E76EB1F0B2E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{40702937-73B1-4BA0-B0F8-4C308B858D61}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4427C42E-9B96-4261-B9B1-592262A07861}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{463060C8-55D9-4699-91BF-594895246ECC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{60F07F92-3A46-4DD3-9B7B-1F62781DD7AF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{631FA709-9EFE-416E-B337-8E13AEC7231D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{634B0789-3487-4587-94AB-50F79ABE5357}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{6A056CE6-7C00-4CD6-82F3-4E4F8BA2A150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7FAFD966-A976-46C7-9317-38A5DC586C1B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{803F4237-B775-4DCF-9BCA-297C9E5D14D2}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{8156C224-BE5B-44E5-9512-3EC3A40812BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85D0402B-FC8A-4BA1-86C5-121120EB9DEB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{86E06BD6-ABCD-4441-8CAE-E848623938E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8A1DAC2C-D3A4-4758-B591-AAA9CC2A9F82}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{934FD6D6-AA13-4EED-AEA4-262B6ECCF692}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{945FC088-F6B7-46BF-93DA-54C37CC53650}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{964990C9-E885-4A5C-81F0-6826B53042C7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A08B9794-E5A2-4954-B995-86BE2762AD7E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5B38B81-D26C-4E40-B754-120033E81719}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{BA7A7DC5-5860-46E2-82B8-30102094D7F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BE5E5A27-3BF0-4165-B953-A9946FE835A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D92391C5-7EF3-4422-8FA7-2AD01B633FAE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{DD06A051-1637-4F71-9345-8A0483EE6FDD}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{DDBBAD11-9A5F-488B-A73A-F1F5F23DEF2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DE4819AA-A779-4F6D-9C0A-433BD78A5258}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{F4303C63-4873-4ABB-88C1-9CAC4CDAC4E9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FE3971FC-D3BC-4319-9490-EF414A988752}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"TCP Query User{03FE0169-CEDA-4076-989B-19F3394190CD}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{3E255A02-6B74-4D29-BEFB-CB30FFA5D291}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{A6EFDE20-4394-435B-A717-A8A9C8E67E18}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{006BBAC0-05DF-43FA-A005-BC692AB5D3C0}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{5BF2DA3A-7D7A-402C-8FE8-E5D41472AA92}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{72783167-F055-4883-A288-C65D5DC08F43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AA5F2C-EEBB-47A3-AB7B-B235E620FFDB}_is1" = los Boeing 737-200 Advanced, de las Líneas Aérea LAN, SKY y AER
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 18
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5aa47dba-b584-4d47-a626-76e53f010201}" = JavaFX(TM) 1.2 SDK
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74550cae-c3fe-4c94-ab8e-a26a71eb49c4}" = Nero 9
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.26
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}" = TuneUp Utilities Language Pack (es-ES)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AMDAway INF" = AMDAway INF
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow" = ffdshow (remove only)
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"LimeWire" = LimeWire 5.4.6
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2010 2:56:37 AM | Computer Name = HORACIO-PC | Source = Perflib | ID = 1008
Description =

Error - 1/29/2010 3:06:36 AM | Computer Name = HORACIO-PC | Source = pctsSvc.exe | ID = 0
Description =

Error - 1/30/2010 2:10:13 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01caa1ce6b0970f2 Termination Time: 0

Error - 1/31/2010 10:31:13 PM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

Error - 2/1/2010 12:51:07 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 103c Start Time: 01caa35e7b4c3e11 Termination Time: 0

Error - 2/2/2010 12:43:40 AM | Computer Name = HORACIO-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18882, time stamp
0x4b3ed243, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00041e3b, process id 0x14f8, application
start time 0x01caa392ccaf2700.

Error - 2/2/2010 1:59:30 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17ac Start Time: 01caa3cb66aa0ef0 Termination Time: 63

Error - 2/2/2010 2:00:20 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 50c Start Time: 01caa3cce762f330 Termination Time: 15

Error - 2/2/2010 2:16:01 AM | Computer Name = HORACIO-PC | Source = VSS | ID = 8194
Description =

Error - 2/2/2010 2:17:19 AM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 1/19/2010 3:28:14 AM | Computer Name = HORACIO-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 1/19/2010 10:46:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 11:01:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 12:52:03 PM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
I AM DOING EVERYTHING YOU ASK ME TO DO AS SOON AS POSSIBLE THANK YOU SO MUCH FOR YOUR HELP

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
Hello.
You posted Extras.txt twice, can you post the other log too please?

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
i will send you the first log pop up in 3 parts
OTL logfile created on: 2/2/2010 7:44:21 PM - Run 2
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 202.23 Gb Free Space | 67.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.94 Gb Free Space | 85.23% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/02 01:21:11 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
PRC - [2010/01/25 00:05:23 | 000,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2010/01/18 09:15:31 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/01/17 23:26:25 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010/01/06 15:33:06 | 002,335,952 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/01/05 07:56:02 | 002,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/12/10 12:34:08 | 000,713,032 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009/12/10 12:32:08 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/12/07 19:29:44 | 000,055,016 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009/11/05 15:06:30 | 001,108,992 | ---- | M] (CBS Interactive) -- C:\Users\HORACIO\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2009/10/28 09:38:50 | 000,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\waol.exe
PRC - [2009/10/28 09:38:49 | 000,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\shellmon.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/20 14:52:23 | 000,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1263870160\ee\aolsoftware.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/01/30 00:50:06 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/04/30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
PRC - [2007/04/02 07:33:32 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/08/04 16:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe


========== Modules (SafeList) ==========

MOD - [2010/02/02 01:21:11 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/25 00:05:23 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2010/01/20 22:19:00 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/01/19 00:42:02 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2010/01/18 12:59:51 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/01/18 09:15:31 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/17 23:26:24 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/12/10 12:32:08 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009/12/10 12:28:46 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/12/07 19:29:44 | 000,055,016 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/14 00:04:40 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/08/04 16:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010/01/25 00:05:23 | 000,239,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/01/25 00:05:23 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2010/01/11 23:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/01/05 07:56:06 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/05 07:56:04 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/05 07:56:02 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009/10/07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 08:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/28 19:42:52 | 000,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/30 17:12:56 | 000,282,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/11/04 18:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})
DRV - [2008/07/21 17:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2008/07/09 17:28:26 | 000,020,496 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/02/21 14:49:47 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/02/21 14:49:47 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/01/06 00:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007/01/06 00:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 02:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 10:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 10:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 10:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/19 13:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]

IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 55 83 99 65 F5 97 CA 01 [binary data]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2010/01/23 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\HORACIO\AppData\Roaming\Mozilla\Extensions
[2010/01/23 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\HORACIO\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/01/27 12:37:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (WinAVI FLVSense) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RDesc] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\HORACIO\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe (CBS Interactive)
O4 - Startup: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Estadísticas de protección del tráfico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O9 - Extra 'Tools' menuitem : WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/02 19:34:04 | 000,900,026 | ---- | C] (Bllua ) -- C:\Users\HORACIO\Desktop\Instalar_RDesc_2.27.exe
[2010/02/02 13:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/02/02 13:09:47 | 029,635,880 | ---- | C] (Apple Inc.) -- C:\Users\HORACIO\Desktop\SafariSetup.exe
[2010/02/02 12:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinAVI MP4 Converter
[2010/02/02 12:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2010/02/02 12:36:52 | 000,000,000 | ---D | C] -- C:\Windows\Amazing Bubbles 3D
[2010/02/02 12:36:15 | 001,244,718 | ---- | C] (Rixane Interactive ) -- C:\Users\HORACIO\Desktop\amazingbubbles3d_dc.exe
[2010/02/02 01:20:46 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
[2010/02/02 01:19:50 | 002,149,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3dx9d_42.dll
[2010/02/02 01:19:50 | 000,926,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudioD2_5.dll
[2010/02/02 01:19:50 | 000,434,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XactEngineA3_5.dll
[2010/02/02 01:19:50 | 000,348,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XactEngineD3_5.dll
[2010/02/02 01:19:50 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFXD1_3.dll
[2010/02/02 01:19:50 | 000,045,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudioD1_6.dll
[2010/02/02 01:19:49 | 003,795,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9d_33.dll
[2010/02/02 01:19:44 | 005,516,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCSXd_42.dll
[2010/02/02 01:19:44 | 000,497,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX10d_42.dll
[2010/02/02 01:19:44 | 000,348,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dref9.dll
[2010/02/02 01:19:44 | 000,252,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX11d_42.dll
[2010/02/02 01:19:41 | 002,650,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9d.dll
[2010/02/02 01:19:41 | 000,500,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D11Ref.dll
[2010/02/02 01:19:41 | 000,496,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D11SDKLayers.dll
[2010/02/02 01:19:41 | 000,442,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D10SDKLayers.DLL
[2010/02/02 01:19:41 | 000,356,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D10Ref.DLL
[2010/02/02 01:17:13 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/02/02 01:17:13 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/02/02 01:17:11 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/02/02 01:15:44 | 000,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2010/02/02 01:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft DirectX SDK (August 2009)
[2010/02/01 11:38:44 | 003,370,400 | ---- | C] (Piriform Ltd) -- C:\Users\HORACIO\Desktop\ccsetup228.exe
[2010/01/31 21:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2010/01/31 21:34:02 | 001,146,696 | ---- | C] (Microsoft Corporation) -- C:\Users\HORACIO\Desktop\wlsetup-custom.exe
[2010/01/31 21:28:04 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Desktop\unused folder
[2010/01/31 17:52:17 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Xobni
[2010/01/31 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Xobni
[2010/01/31 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\OpenCandy
[2010/01/31 17:51:36 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\OpenCandy
[2010/01/31 17:51:36 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\CBS Interactive
[2010/01/31 17:48:07 | 003,404,816 | ---- | C] (CBS Interactive) -- C:\Users\HORACIO\Desktop\CNET_TechTracker_1_3_52_Setup.exe
[2010/01/31 14:10:42 | 000,000,000 | ---D | C] -- C:\Sun
[2010/01/30 14:08:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\time warner chat
[2010/01/30 11:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/30 11:56:26 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/30 11:56:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/30 11:56:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/29 23:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/01/29 02:05:45 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Threat Expert
[2010/01/29 01:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/01/27 12:01:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/27 11:52:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/01/27 11:41:02 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/27 01:05:00 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Malwarebytes
[2010/01/27 01:04:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/27 01:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/27 01:04:42 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/27 01:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/27 00:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/01/27 00:51:09 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\SUPERAntiSpyware.com
[2010/01/27 00:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/01/27 00:34:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Yahoo!
[2010/01/27 00:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/01/27 00:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/26 13:24:07 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\temp
[2010/01/26 11:40:27 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/25 14:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/01/25 14:49:25 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\HORACIO\Desktop\HJTInstall.exe
[2010/01/25 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\JavaFX
[2010/01/25 13:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/01/24 23:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/01/24 23:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/01/24 23:38:25 | 000,239,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/01/24 21:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/01/24 20:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/01/24 19:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/01/24 19:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/24 19:35:22 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\HORACIO\Desktop\spybotsd162.exe
[2010/01/23 23:14:08 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Wide Angle Software
[2010/01/23 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\LimeWire
[2010/01/23 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Mozilla
[2010/01/23 20:43:24 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\LimeWire
[2010/01/23 20:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/01/23 20:42:31 | 018,848,592 | ---- | C] (Lime Wire LLC) -- C:\Users\HORACIO\Desktop\LimeWireWin.exe
[2010/01/23 18:38:42 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\Flight Simulator X Files
[2010/01/23 18:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/01/22 20:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/01/22 20:40:37 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Office Genuine Advantage
[2010/01/22 09:55:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/22 09:55:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/22 09:55:24 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/22 09:55:24 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/22 09:55:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/22 09:55:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/22 09:55:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/22 09:55:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/22 09:55:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/22 09:55:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/22 09:55:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/22 09:55:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/22 09:55:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/22 09:55:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/01/22 02:40:09 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\iCloner
[2010/01/22 02:34:15 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WindSolutions
[2010/01/22 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2010/01/22 02:28:46 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\iLibs
[2010/01/22 02:28:22 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\SyncGuardian
[2010/01/22 02:21:47 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\CopyTrans
[2010/01/22 01:55:41 | 011,586,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/01/22 01:55:41 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/01/22 01:55:41 | 000,068,200 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/01/22 01:55:41 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010/01/22 01:55:40 | 014,924,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/01/22 01:55:40 | 004,321,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/01/22 01:55:40 | 002,243,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010/01/22 01:55:39 | 004,077,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010/01/22 01:55:38 | 011,639,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010/01/22 01:55:38 | 004,061,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010/01/22 01:55:38 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010/01/22 01:29:27 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010/01/22 01:15:38 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\DriverGenius
[2010/01/22 01:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010/01/21 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/01/20 23:17:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Nero
[2010/01/20 23:16:35 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Real
[2010/01/20 22:19:04 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010/01/20 22:19:02 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010/01/20 22:19:02 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010/01/20 22:18:46 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\TuneUp Software
[2010/01/20 22:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/01/20 22:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/01/20 22:18:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/01/20 22:02:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\uniblue
[2010/01/20 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/01/20 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Nero
[2010/01/20 20:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/01/20 20:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/01/20 20:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/01/20 15:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/01/20 15:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/01/20 15:37:54 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/01/20 15:37:54 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/01/20 15:37:54 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/01/20 15:37:39 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/01/20 15:37:39 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/01/20 15:37:38 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/01/20 15:37:38 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/01/20 15:37:38 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/01/20 15:37:38 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/01/20 15:37:38 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/01/20 15:37:38 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/01/20 15:37:38 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/01/20 15:37:38 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/01/20 15:37:38 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/20 15:37:38 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/01/20 15:37:38 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/01/20 15:37:38 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/01/20 15:37:38 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/01/20 15:37:38 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/01/20 15:37:38 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/01/20 15:37:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/01/20 15:37:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/01/20 15:37:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/01/20 15:37:38 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/01/20 15:37:38 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/01/20 15:37:38 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/01/20 15:37:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/01/20 15:37:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/20 15:37:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/01/20 15:37:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/01/20 15:37:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/01/20 15:37:18 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/01/20 15:37:17 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/01/20 15:37:17 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/01/20 15:37:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/01/20 15:37:17 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/01/20 15:37:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/01/20 15:36:44 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/01/20 15:36:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/01/20 13:23:45 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010/01/20 13:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/01/20 13:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/01/20 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/01/20 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/01/20 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/01/20 13:17:11 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Microsoft Help
[2010/01/20 13:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/01/20 13:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/01/20 13:16:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/01/20 11:09:26 | 000,000,000 | ---D | C] -- C:\downloads
[2010/01/20 11:09:19 | 000,000,000 | ---D | C] -- C:\RDesc
[2010/01/20 10:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/01/20 00:41:07 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\OpenOffice.org
[2010/01/19 23:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/01/19 19:16:28 | 000,089,184 | ---- | C] (Ahead Software AG and its licensors) -- C:\Windows\System32\drivers\imagedrv.sys
[2010/01/19 19:16:20 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\picn20.dll
[2010/01/19 19:16:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\System32\imagr5.dll
[2010/01/19 19:16:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\System32\imagx5.dll
[2010/01/19 19:16:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\System32\ImagXpr5.dll
[2010/01/19 19:16:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\System32\NeroCheck.exe
[2010/01/19 19:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/01/19 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/01/19 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WinAVI
[2010/01/19 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\WinAVI
[2010/01/19 19:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinAVI FLV Converter
[2010/01/19 19:08:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WinRAR
[2010/01/19 18:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/01/19 18:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/01/19 18:26:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/01/19 18:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/01/19 18:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/01/19 18:26:08 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Adobe
[2010/01/19 18:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/01/19 14:30:11 | 000,000,000 | R-SD | C] -- C:\Users\HORACIO\Documents\My Stationery
[2010/01/19 12:46:48 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/01/19 12:15:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/01/19 12:15:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/01/19 12:15:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/01/19 12:00:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
00 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/01/19 10:18:07 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/01/19 10:18:02 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/01/19 10:18:00 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/01/19 10:18:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/01/19 10:17:59 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/01/19 10:17:57 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/01/19 10:17:56 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/01/19 10:17:55 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/01/19 10:17:54 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/01/19 10:17:54 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/19 10:17:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/01/19 10:17:53 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/01/19 10:17:53 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/01/19 10:17:52 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/01/19 10:17:51 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/01/19 10:17:51 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/01/19 10:17:51 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/01/19 10:17:50 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/19 10:17:49 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010/01/19 10:17:49 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/01/19 10:17:48 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/01/19 10:17:48 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/01/19 10:17:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/01/19 10:17:47 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/01/19 10:17:47 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/01/19 10:17:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/01/19 10:17:45 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/01/19 10:17:45 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010/01/19 10:17:45 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/01/19 10:17:45 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/01/19 10:17:44 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/01/19 10:17:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/19 10:17:43 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/01/19 10:17:43 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/01/19 10:17:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/01/19 10:17:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/01/19 10:17:42 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/01/19 10:17:42 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/01/19 10:17:42 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/19 10:17:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/01/19 10:17:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/01/19 10:17:41 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/01/19 10:17:41 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/01/19 10:17:40 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/01/19 10:17:39 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/01/19 10:17:38 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/01/19 10:17:38 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/01/19 10:17:38 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/01/19 10:17:38 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/01/19 10:17:37 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/01/19 10:17:37 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/01/19 10:17:37 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/19 10:17:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/01/19 10:17:37 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/01/19 10:17:36 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/01/19 10:17:36 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/01/19 10:17:36 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/01/19 10:17:35 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/01/19 10:17:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/01/19 10:17:33 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/01/19 10:17:33 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/01/19 10:17:33 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/01/19 10:17:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/01/19 10:17:32 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/01/19 10:17:31 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/01/19 10:17:31 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/01/19 10:17:31 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/01/19 10:17:31 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010/01/19 10:17:31 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/19 10:17:30 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/01/19 10:17:29 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/01/19 10:17:29 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/01/19 10:17:29 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010/01/19 10:17:29 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010/01/19 10:17:28 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/01/19 10:17:28 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/01/19 10:17:28 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/01/19 10:17:28 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/01/19 10:17:28 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/19 10:17:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/01/19 10:17:27 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/01/19 10:17:27 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010/01/19 10:17:26 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/01/19 10:17:26 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/01/19 10:17:26 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/01/19 10:17:26 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/19 10:17:26 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/01/19 10:17:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/19 10:17:26 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/19 10:17:25 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/01/19 10:17:24 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/01/19 10:17:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/01/19 10:17:24 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/01/19 10:17:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/01/19 10:17:23 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/01/19 10:17:23 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/01/19 10:17:23 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/01/19 10:17:23 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/01/19 10:17:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/01/19 10:17:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/01/19 10:17:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/01/19 10:17:21 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/01/19 10:17:21 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/01/19 10:17:21 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/01/19 10:17:21 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/01/19 10:17:21 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/01/19 10:17:20 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/01/19 10:17:20 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/01/19 10:17:19 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/01/19 10:17:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/01/19 10:17:16 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/01/19 10:17:16 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/01/19 10:17:16 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/01/19 10:17:16 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/19 10:17:16 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/01/19 10:17:15 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/01/19 10:17:15 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/01/19 10:17:15 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/01/19 10:17:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/01/19 10:17:14 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/01/19 10:17:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/01/19 10:17:14 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/01/19 10:17:13 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/01/19 10:17:13 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/01/19 10:17:13 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/01/19 10:17:12 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/01/19 10:17:12 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/01/19 10:17:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/01/19 10:17:12 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/01/19 10:17:12 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/01/19 10:17:12 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/01/19 10:17:12 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/01/19 10:17:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/01/19 10:17:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/01/19 10:17:11 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/01/19 10:17:11 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/01/19 10:17:11 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/01/19 10:17:11 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/01/19 10:17:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/01/19 10:17:10 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/01/19 10:17:10 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/19 10:17:10 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/01/19 10:17:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/01/19 10:17:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/01/19 10:17:03 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/01/19 10:16:54 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/19 10:16:52 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/01/19 10:16:51 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/01/19 10:16:51 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/01/19 10:16:50 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/01/19 10:16:50 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/01/19 10:16:50 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/01/19 10:16:50 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/01/19 10:16:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/01/19 10:16:50 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/01/19 10:16:49 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/01/19 10:16:49 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/01/19 10:16:49 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/01/19 10:16:49 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/01/19 10:16:49 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/01/19 10:16:49 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/01/19 10:16:49 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/19 10:16:49 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/01/19 10:16:49 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/01/19 10:16:48 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/01/19 10:16:48 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/01/19 10:16:48 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/01/19 10:16:48 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/01/19 10:16:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/01/19 10:16:48 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/01/19 10:16:48 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/01/19 10:16:48 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/01/19 10:16:48 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/01/19 10:16:48 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/01/19 10:16:48 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/01/19 10:16:48 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/19 10:16:47 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/01/19 10:16:47 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/01/19 10:16:47 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/01/19 10:16:47 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/01/19 10:16:47 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/01/19 10:16:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/01/19 10:16:47 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/01/19 10:16:47 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/01/19 10:16:46 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/01/19 10:16:46 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/01/19 10:16:46 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/01/19 10:16:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/01/19 10:16:46 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/01/19 10:16:45 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/01/19 10:16:45 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/01/19 10:16:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/01/19 10:16:45 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/01/19 10:16:45 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/01/19 10:16:45 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/01/19 10:16:45 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/01/19 10:16:45 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/01/19 10:16:45 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/01/19 10:16:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/01/19 10:16:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/01/19 10:16:45 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/01/19 10:16:45 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/01/19 10:16:45 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/01/19 10:16:45 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/01/19 10:16:45 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/01/19 10:16:45 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/01/19 10:16:44 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/01/19 10:16:44 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/01/19 10:16:44 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/01/19 10:16:44 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/01/19 10:16:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/01/19 10:16:44 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/01/19 10:16:44 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/01/19 10:16:44 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/01/19 10:16:44 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/01/19 10:16:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/19 10:16:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/01/19 10:16:44 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/01/19 10:16:44 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/01/19 10:16:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/01/19 10:16:43 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/19 10:16:43 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/01/19 10:16:43 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/01/19 10:16:43 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/01/19 10:16:43 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/01/19 10:16:43 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/01/19 10:16:43 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/01/19 10:16:43 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/01/19 10:16:43 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/01/19 10:16:43 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/01/19 10:16:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/01/19 10:16:43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/01/19 10:16:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/01/19 10:16:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/19 10:16:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/01/19 10:16:42 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/01/19 10:16:42 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/01/19 10:16:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/01/19 10:16:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/01/19 10:16:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/01/19 10:16:41 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/01/19 10:16:41 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/01/19 10:16:41 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/01/19 10:16:41 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/01/19 10:16:41 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/01/19 10:16:41 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/01/19 10:16:41 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/01/19 10:16:41 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/01/19 10:16:41 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/01/19 10:16:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/01/19 10:16:41 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/01/19 10:16:40 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/01/19 10:16:40 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/01/19 10:16:40 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/01/19 10:16:40 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/01/19 10:16:40 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/01/19 10:16:40 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/01/19 10:16:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/01/19 10:16:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/01/19 10:16:40 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/01/19 10:16:40 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/19 10:16:40 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/01/19 10:16:40 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/01/19 10:16:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/01/19 10:16:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/01/19 10:16:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/01/19 10:16:40 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/19 10:16:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/01/19 10:16:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/01/19 10:16:39 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/01/19 10:16:39 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/01/19 10:16:39 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/01/19 10:16:39 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/01/19 10:16:39 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/01/19 10:16:39 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/01/19 10:16:39 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/01/19 10:16:39 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/01/19 10:16:39 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/01/19 10:16:39 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2010/01/19 10:16:39 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/01/19 10:16:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/01/19 10:16:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/01/19 10:16:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/01/19 10:16:39 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/01/19 10:16:39 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/01/19 10:16:39 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/01/19 10:16:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/01/19 10:16:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/01/19 10:16:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/01/19 10:16:39 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/01/19 10:16:38 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/01/19 10:16:38 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/01/19 10:16:38 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/01/19 10:16:38 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/01/19 10:16:38 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/01/19 10:16:38 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/01/19 10:16:38 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/01/19 10:16:38 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/01/19 10:16:38 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/01/19 10:16:38 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/01/19 10:16:38 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/01/19 10:16:38 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/01/19 10:16:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/19 10:16:38 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/01/19 10:16:38 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/01/19 10:16:38 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/01/19 10:16:38 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/01/19 10:16:38 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/01/19 10:16:38 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/01/19 10:16:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/01/19 10:16:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/01/19 10:16:38 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/01/19 10:16:38 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/01/19 10:16:38 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/01/19 10:16:38 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/01/19 10:16:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/01/19 10:16:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2010/01/19 10:16:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/01/19 10:16:38 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/01/19 10:16:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/01/19 10:16:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/01/19 10:16:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/01/19 10:16:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/01/19 10:16:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/01/19 10:16:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/01/19 10:16:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/01/19 10:16:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/01/19 10:16:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/01/19 10:16:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/01/19 10:16:37 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/01/19 10:16:37 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/01/19 10:16:37 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/01/19 10:16:37 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/01/19 10:16:37 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/01/19 10:16:37 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/01/19 10:16:37 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/01/19 10:16:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/01/19 10:16:37 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/19 10:16:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/01/19 10:16:37 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2010/01/19 10:16:37 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/01/19 10:16:37 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/01/19 10:16:37 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/01/19 10:16:37 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/01/19 10:16:37 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/01/19 10:16:37 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/01/19 10:16:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/01/19 10:16:37 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/01/19 10:16:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/01/19 10:16:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/01/19 10:16:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/01/19 10:16:36 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/01/19 10:16:36 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/01/19 10:16:36 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/01/19 10:16:36 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/01/19 10:16:36 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/01/19 10:16:36 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/01/19 10:16:36 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/01/19 10:16:36 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/01/19 10:16:36 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/01/19 10:16:36 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/01/19 10:16:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/01/19 10:16:36 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/01/19 10:16:36 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/01/19 10:16:36 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/19 10:16:36 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/01/19 10:16:36 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/01/19 10:16:36 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/01/19 10:16:36 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/01/19 10:16:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/01/19 10:16:36 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/01/19 10:16:36 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/01/19 10:16:36 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/01/19 10:16:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/01/19 10:16:36 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/01/19 10:16:36 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/01/19 10:16:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/01/19 10:16:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/01/19 10:16:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/01/19 10:16:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/01/19 10:16:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/01/19 10:16:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/01/19 10:16:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/01/19 10:16:35 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/01/19 10:16:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/01/19 10:16:35 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/01/19 10:16:35 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
2010/01/19 10:16:35 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/01/19 10:16:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/19 10:16:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/01/19 10:16:35 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/01/19 10:16:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/01/19 10:16:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/01/19 10:16:35 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/01/19 10:16:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/01/19 10:16:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/01/19 10:16:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/01/19 10:16:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/01/19 10:16:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/01/19 10:16:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/01/19 10:16:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/01/19 10:16:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/01/19 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/01/19 10:16:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/01/19 10:16:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/01/19 10:16:34 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/01/19 10:16:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/01/19 10:16:34 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/01/19 10:16:34 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/01/19 10:16:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/01/19 10:16:34 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/01/19 10:16:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/01/19 10:16:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/01/19 10:16:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/01/19 10:16:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/01/19 10:16:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/01/19 10:16:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/01/19 10:16:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/01/19 10:16:34 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/01/19 10:16:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/01/19 10:16:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/01/19 10:16:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/01/19 10:16:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/01/19 10:16:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/01/19 10:16:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/01/19 10:16:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/01/19 10:16:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/01/19 10:16:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/01/19 10:16:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/01/19 10:16:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/01/19 10:16:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/01/19 10:16:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/01/19 10:16:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/01/19 10:16:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/01/19 10:16:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/01/19 10:16:22 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/01/19 10:16:20 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/01/19 10:16:20 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/01/19 10:16:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/01/19 02:04:01 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010/01/19 00:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/01/18 22:05:33 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\AOL
[2010/01/18 22:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2010/01/18 22:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2010/01/18 22:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2010/01/18 22:04:23 | 000,054,832 | ---- | C] (AOL LLC) -- C:\Windows\System32\AOLParconLink.exe
[2010/01/18 22:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/01/18 22:03:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2010/01/18 22:03:03 | 000,033,588 | ---- | C] (America Online, Inc.) -- C:\Windows\System32\drivers\wanatw4.sys
[2010/01/18 22:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2010/01/18 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\AOL
[2010/01/18 22:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aol
[2010/01/18 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2010/01/18 19:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010/01/18 13:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2010/01/18 12:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/01/18 12:59:49 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Citrix
[2010/01/18 12:35:05 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\IObit
[2010/01/18 12:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/01/18 11:47:58 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2010/01/18 11:47:54 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010/01/18 11:47:45 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2010/01/18 11:47:43 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2010/01/18 11:47:43 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2010/01/18 11:47:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2010/01/18 11:47:40 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2010/01/18 11:47:38 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2010/01/18 11:47:35 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2010/01/18 11:47:31 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2010/01/18 11:47:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/18 11:47:28 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2010/01/18 11:47:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2010/01/18 11:47:26 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2010/01/18 11:47:21 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010/01/18 11:47:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2010/01/18 11:47:15 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2010/01/18 11:47:14 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2010/01/18 11:47:14 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2010/01/18 11:47:14 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010/01/18 11:47:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2010/01/18 11:47:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2010/01/18 11:47:12 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010/01/18 11:47:10 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2010/01/18 11:47:10 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/01/18 11:47:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
[2010/01/18 11:47:06 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2010/01/18 11:47:05 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2010/01/18 11:47:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010/01/18 11:47:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2010/01/18 11:47:03 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2010/01/18 11:47:03 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2010/01/18 11:46:58 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2010/01/18 11:46:58 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2010/01/18 11:46:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010/01/18 11:46:56 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2010/01/18 11:46:55 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2010/01/18 11:46:54 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2010/01/18 11:46:54 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2010/01/18 11:46:54 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010/01/18 11:46:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2010/01/18 11:46:53 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2010/01/18 11:46:52 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2010/01/18 11:46:52 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2010/01/18 11:46:50 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/01/18 11:46:50 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2010/01/18 11:46:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2010/01/18 11:46:48 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/01/18 11:46:48 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2010/01/18 11:46:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2010/01/18 11:46:47 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2010/01/18 11:46:47 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2010/01/18 11:46:46 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2010/01/18 11:46:45 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2010/01/18 11:46:45 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2010/01/18 11:46:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2010/01/18 11:46:43 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010/01/18 11:46:43 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2010/01/18 11:46:42 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2010/01/18 11:46:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2010/01/18 11:46:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2010/01/18 11:46:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2010/01/18 11:46:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/01/18 11:46:37 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2010/01/18 11:46:37 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2010/01/18 11:46:37 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2010/01/18 11:46:37 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2010/01/18 11:46:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2010/01/18 11:46:36 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/01/18 11:46:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2010/01/18 11:46:35 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2010/01/18 11:46:35 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010/01/18 11:46:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2010/01/18 11:46:34 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2010/01/18 11:46:34 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/01/18 11:46:34 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2010/01/18 11:46:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2010/01/18 11:46:33 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2010/01/18 11:46:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2010/01/18 11:46:33 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2010/01/18 11:46:33 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2010/01/18 11:46:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2010/01/18 11:46:32 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2010/01/18 11:46:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2010/01/18 11:46:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2010/01/18 11:46:32 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2010/01/18 11:46:32 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2010/01/18 11:46:31 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2010/01/18 11:46:31 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2010/01/18 11:46:31 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2010/01/18 11:46:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/01/18 11:46:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2010/01/18 11:46:30 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2010/01/18 11:46:30 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/01/18 11:46:30 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2010/01/18 11:46:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010/01/18 11:46:29 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2010/01/18 11:46:29 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2010/01/18 11:46:28 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2010/01/18 11:46:28 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/01/18 11:46:25 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2010/01/18 11:46:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2010/01/18 11:46:24 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2010/01/18 11:46:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2010/01/18 11:46:22 | 000,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2010/01/18 11:46:22 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/01/18 11:46:21 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2010/01/18 11:46:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2010/01/18 11:46:20 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2010/01/18 11:46:20 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2010/01/18 11:46:20 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2010/01/18 11:46:20 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll
[2010/01/18 11:46:19 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2010/01/18 11:46:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2010/01/18 11:46:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2010/01/18 11:46:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2010/01/18 11:46:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2010/01/18 11:46:17 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2010/01/18 11:46:17 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2010/01/18 11:46:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2010/01/18 11:46:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2010/01/18 11:46:15 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2010/01/18 11:46:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2010/01/18 11:46:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2010/01/18 11:46:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010/01/18 11:46:13 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/01/18 11:46:13 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2010/01/18 11:46:13 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2010/01/18 11:46:13 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2010/01/18 11:46:13 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010/01/18 11:46:13 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2010/01/18 11:46:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2010/01/18 11:46:12 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2010/01/18 11:46:12 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2010/01/18 11:46:12 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2010/01/18 11:46:11 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2010/01/18 11:46:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2010/01/18 11:46:11 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2010/01/18 11:46:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2010/01/18 11:46:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2010/01/18 11:46:10 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2010/01/18 11:46:10 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2010/01/18 11:46:09 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2010/01/18 11:46:08 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2010/01/18 11:46:08 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2010/01/18 11:46:07 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2010/01/18 11:46:07 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2010/01/18 11:46:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2010/01/18 11:46:06 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2010/01/18 11:46:06 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2010/01/18 11:46:06 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2010/01/18 11:46:06 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2010/01/18 11:46:05 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2010/01/18 11:46:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2010/01/18 11:46:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2010/01/18 11:46:05 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2010/01/18 11:46:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/01/18 11:46:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2010/01/18 11:46:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2010/01/18 11:46:04 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2010/01/18 11:46:04 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2010/01/18 11:46:04 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2010/01/18 11:46:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2010/01/18 11:46:03 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
[2010/01/18 11:46:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2010/01/18 11:46:02 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2010/01/18 11:46:02 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2010/01/18 11:46:02 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2010/01/18 11:46:01 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2010/01/18 11:46:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2010/01/18 11:46:00 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2010/01/18 11:46:00 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2010/01/18 11:46:00 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2010/01/18 11:46:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2010/01/18 11:45:59 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2010/01/18 11:45:59 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
08 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2010/01/18 11:45:58 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2010/01/18 11:45:58 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2010/01/18 11:45:58 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2010/01/18 11:45:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2010/01/18 11:45:57 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2010/01/18 11:45:56 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010/01/18 11:45:56 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2010/01/18 11:45:56 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2010/01/18 11:45:56 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2010/01/18 11:45:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2010/01/18 11:45:55 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2010/01/18 11:45:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2010/01/18 11:45:54 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2010/01/18 11:45:54 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2010/01/18 11:45:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2010/01/18 11:45:54 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/01/18 11:45:54 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2010/01/18 11:45:54 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2010/01/18 11:45:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2010/01/18 11:45:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2010/01/18 11:45:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2010/01/18 11:45:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2010/01/18 11:45:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/01/18 11:45:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/01/18 11:45:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/01/18 11:45:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2010/01/18 11:45:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2010/01/18 11:45:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010/01/18 11:45:51 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2010/01/18 11:45:51 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2010/01/18 11:45:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2010/01/18 11:45:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2010/01/18 11:45:50 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2010/01/18 11:45:50 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2010/01/18 11:45:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2010/01/18 11:45:49 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2010/01/18 11:45:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2010/01/18 11:45:46 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2010/01/18 11:45:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2010/01/18 11:45:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2010/01/18 11:45:42 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2010/01/18 11:45:42 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/01/18 11:45:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2010/01/18 11:45:42 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2010/01/18 11:45:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/01/18 11:45:42 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2010/01/18 11:45:41 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2010/01/18 11:45:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2010/01/18 11:45:41 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2010/01/18 11:45:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2010/01/18 11:45:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2010/01/18 11:45:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2010/01/18 11:45:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2010/01/18 11:45:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2010/01/18 11:45:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2010/01/18 11:45:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/01/18 11:45:39 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2010/01/18 11:45:39 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2010/01/18 11:45:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/01/18 11:45:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2010/01/18 11:45:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2010/01/18 11:45:38 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2010/01/18 11:45:38 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2010/01/18 11:45:38 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2010/01/18 11:45:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2010/01/18 11:45:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2010/01/18 11:45:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2010/01/18 11:45:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2010/01/18 11:45:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2010/01/18 11:45:36 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2010/01/18 11:45:35 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2010/01/18 11:45:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2010/01/18 11:45:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2010/01/18 11:45:35 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2010/01/18 11:45:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2010/01/18 11:45:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2010/01/18 11:45:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2010/01/18 11:45:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
[2010/01/18 11:45:34 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2010/01/18 11:45:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2010/01/18 11:45:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2010/01/18 11:45:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2010/01/18 11:45:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/01/18 11:45:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2010/01/18 11:45:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2010/01/18 11:45:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/01/18 11:45:32 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2010/01/18 11:45:32 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2010/01/18 11:45:32 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2010/01/18 11:45:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2010/01/18 11:45:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2010/01/18 11:45:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2010/01/18 11:45:31 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/01/18 11:45:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2010/01/18 11:45:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2010/01/18 11:45:30 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2010/01/18 11:45:30 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2010/01/18 11:45:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2010/01/18 11:45:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2010/01/18 11:45:29 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2010/01/18 11:45:29 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2010/01/18 11:45:29 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2010/01/18 11:45:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2010/01/18 11:45:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2010/01/18 11:45:29 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2010/01/18 11:45:29 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010/01/18 11:45:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2010/01/18 11:45:28 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2010/01/18 11:45:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2010/01/18 11:45:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2010/01/18 11:45:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2010/01/18 11:45:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2010/01/18 11:45:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2010/01/18 11:45:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/01/18 11:45:27 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2010/01/18 11:45:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/18 11:45:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2010/01/18 11:45:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
[2010/01/18 11:45:27 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2010/01/18 11:45:27 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2010/01/18 11:45:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2010/01/18 11:45:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2010/01/18 11:45:26 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2010/01/18 11:45:26 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2010/01/18 11:45:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2010/01/18 11:45:26 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2010/01/18 11:45:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2010/01/18 11:45:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2010/01/18 11:45:25 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2010/01/18 11:45:25 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2010/01/18 11:45:25 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2010/01/18 11:45:25 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2010/01/18 11:45:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2010/01/18 11:45:25 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2010/01/18 11:45:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/01/18 11:45:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2010/01/18 11:45:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2010/01/18 11:45:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010/01/18 11:45:25 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2010/01/18 11:45:24 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2010/01/18 11:45:24 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2010/01/18 11:45:24 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/01/18 11:45:24 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2010/01/18 11:45:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2010/01/18 11:45:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2010/01/18 11:45:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2010/01/18 11:45:23 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2010/01/18 11:45:23 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/01/18 11:45:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2010/01/18 11:45:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2010/01/18 11:45:23 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2010/01/18 11:45:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2010/01/18 11:45:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2010/01/18 11:45:23 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/01/18 11:45:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2010/01/18 11:45:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2010/01/18 11:45:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2010/01/18 11:45:22 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2010/01/18 11:45:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2010/01/18 11:45:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2010/01/18 11:45:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2010/01/18 11:45:21 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2010/01/18 11:45:21 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2010/01/18 11:45:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2010/01/18 11:45:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2010/01/18 11:45:20 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2010/01/18 11:45:20 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2010/01/18 11:45:20 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2010/01/18 11:45:20 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2010/01/18 11:45:20 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2010/01/18 11:45:20 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2010/01/18 11:45:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2010/01/18 11:45:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2010/01/18 11:45:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2010/01/18 11:45:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2010/01/18 11:45:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
[2010/01/18 11:45:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2010/01/18 11:45:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2010/01/18 11:45:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2010/01/18 11:45:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2010/01/18 11:45:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2010/01/18 11:45:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2010/01/18 11:45:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2010/01/18 11:45:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2010/01/18 11:45:19 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2010/01/18 11:45:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2010/01/18 11:45:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2010/01/18 11:45:19 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2010/01/18 11:45:18 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2010/01/18 11:45:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2010/01/18 11:45:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2010/01/18 11:45:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/01/18 11:45:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2010/01/18 11:45:17 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2010/01/18 11:45:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2010/01/18 11:45:17 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2010/01/18 11:45:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2010/01/18 11:45:17 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2010/01/18 11:45:17 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2010/01/18 11:45:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/01/18 11:45:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2010/01/18 11:45:16 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2010/01/18 11:45:16 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2010/01/18 11:45:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2010/01/18 11:45:16 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2010/01/18 11:45:16 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2010/01/18 11:45:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2010/01/18 11:45:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2010/01/18 11:45:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2010/01/18 11:45:16 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2010/01/18 11:45:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2010/01/18 11:45:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2010/01/18 11:45:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2010/01/18 11:45:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2010/01/18 11:45:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2010/01/18 11:45:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2010/01/18 11:45:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2010/01/18 11:45:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2010/01/18 11:45:15 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2010/01/18 11:45:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2010/01/18 11:45:15 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2010/01/18 11:45:15 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2010/01/18 11:45:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2010/01/18 11:45:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2010/01/18 11:45:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2010/01/18 11:45:15 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2010/01/18 11:45:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2010/01/18 11:45:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2010/01/18 11:45:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2010/01/18 11:45:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2010/01/18 11:45:14 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2010/01/18 11:45:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2010/01/18 11:45:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2010/01/18 11:45:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2010/01/18 11:45:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/01/18 11:45:14 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll
[2010/01/18 11:45:13 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2010/01/18 11:45:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2010/01/18 11:45:13 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2010/01/18 11:45:13 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2010/01/18 11:45:13 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2010/01/18 11:45:13 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2010/01/18 11:45:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2010/01/18 11:45:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2010/01/18 11:45:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2010/01/18 11:45:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2010/01/18 11:45:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2010/01/18 11:45:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2010/01/18 11:45:12 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2010/01/18 11:45:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2010/01/18 11:45:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2010/01/18 11:45:12 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2010/01/18 11:45:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2010/01/18 11:45:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2010/01/18 11:45:12 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2010/01/18 11:45:12 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2010/01/18 11:45:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2010/01/18 11:45:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2010/01/18 11:45:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2010/01/18 11:45:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2010/01/18 11:45:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2010/01/18 11:45:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2010/01/18 11:45:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2010/01/18 11:45:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2010/01/18 11:45:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2010/01/18 11:45:10 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2010/01/18 11:45:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2010/01/18 11:45:10 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2010/01/18 11:45:10 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2010/01/18 11:45:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2010/01/18 11:45:09 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2010/01/18 11:45:09 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2010/01/18 11:45:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2010/01/18 11:45:09 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2010/01/18 11:45:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2010/01/18 11:45:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2010/01/18 11:45:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2010/01/18 11:45:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2010/01/18 11:45:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2010/01/18 11:45:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2010/01/18 11:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2010/01/18 11:45:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2010/01/18 11:45:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2010/01/18 11:45:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2010/01/18 11:45:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/18 11:45:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2010/01/18 11:45:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/18 11:45:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2010/01/18 11:45:08 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2010/01/18 11:45:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2010/01/18 11:45:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2010/01/18 11:45:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2010/01/18 11:45:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2010/01/18 11:45:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2010/01/18 11:45:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2010/01/18 11:45:08 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2010/01/18 11:45:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2010/01/18 11:45:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2010/01/18 11:45:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2010/01/18 11:45:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2010/01/18 11:45:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2010/01/18 11:45:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2010/01/18 11:45:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2010/01/18 11:45:07 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2010/01/18 11:45:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2010/01/18 11:45:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2010/01/18 11:45:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2010/01/18 11:45:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2010/01/18 11:45:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2010/01/18 11:45:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2010/01/18 11:45:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2010/01/18 11:45:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2010/01/18 11:45:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2010/01/18 11:45:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2010/01/18 11:45:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2010/01/18 11:45:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2010/01/18 11:45:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2010/01/18 11:45:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2010/01/18 11:45:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2010/01/18 11:45:05 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2010/01/18 11:45:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2010/01/18 11:45:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2010/01/18 11:45:05 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2010/01/18 11:45:05 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2010/01/18 11:45:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2010/01/18 11:45:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2010/01/18 11:45:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2010/01/18 11:45:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2010/01/18 11:45:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2010/01/18 11:45:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2010/01/18 11:45:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2010/01/18 11:45:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2010/01/18 11:45:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2010/01/18 11:45:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2010/01/18 11:45:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/01/18 11:45:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010/01/18 11:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2010/01/18 11:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2010/01/18 11:45:02 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2010/01/18 11:45:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2010/01/18 11:45:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2010/01/18 11:45:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2010/01/18 11:45:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2010/01/18 11:45:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2010/01/18 11:45:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2010/01/18 11:45:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2010/01/18 11:45:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2010/01/18 11:45:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2010/01/18 11:45:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/01/18 11:45:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2010/01/18 11:45:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2010/01/18 11:45:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2010/01/18 11:44:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2010/01/18 11:44:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2010/01/18 11:44:58 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/01/18 11:44:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2010/01/18 11:44:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2010/01/18 11:44:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2010/01/18 11:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2010/01/18 11:44:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2010/01/18 11:44:57 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2010/01/18 11:44:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2010/01/18 11:44:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/01/18 11:44:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2010/01/18 11:44:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2010/01/18 11:44:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2010/01/18 11:44:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2010/01/18 11:44:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2010/01/18 11:44:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2010/01/18 11:44:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2010/01/18 11:44:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2010/01/18 11:44:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2010/01/18 11:44:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rootmdm.sys
[2010/01/18 11:44:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/01/18 11:44:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2010/01/18 11:44:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2010/01/18 11:44:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2010/01/18 11:44:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2010/01/18 11:44:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys
[2010/01/18 11:44:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2010/01/18 11:44:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2010/01/18 11:44:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2010/01/18 11:44:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2010/01/18 11:44:39 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/01/18 11:44:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2010/01/18 11:44:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2010/01/18 11:44:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2010/01/18 11:44:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2010/01/18 11:44:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2010/01/18 11:44:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2010/01/18 11:43:47 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2010/01/18 11:43:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2010/01/18 11:43:44 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2010/01/18 11:43:23 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2010/01/18 11:43:23 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/01/18 11:43:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2010/01/18 11:20:06 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

descriptiontrojan heur EmptyRe: trojan heur

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum