WiredWX Hobby Weather ToolsLog in

 


Possible Virus. (TR/Crypt.TKM....)

2 posters

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyPossible Virus. (TR/Crypt.TKM....)

more_horiz
I have had some issues with a virus I believe well I thought I was fixing it turns out I am not good with computers. I have some how messed up something important and now my firefox will not work. It says that it is configured to a proxy or something like that and therefore says it is not compatable or something. I have removed my firefox but really want to get it back but don't know how to fix the problem. I think that a virus is to blame but not sure. I have Avira AntiVirus Personal downloaded and running on my pc as well as Online armor and Malwarebytes. Please help I need my pc to be completely clean and in running fashion just not sure how to do this. Over the past few days it has slowed down and all that so I don't know what the deal is. Please Please Please help me......

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
Sorry I placed it in the wrong spot.

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
Hi,

Welcome to GeekPolice.net!

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
OTL logfile created on: 10/31/2010 4:20:35 PM - Run 2
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\Cattie\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.96 Gb Total Space | 94.76 Gb Free Space | 63.61% Space Free | Partition Type: NTFS

Computer Name: CLBPC | User Name: Cattie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/31 16:18:47 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\OTL.exe
PRC - [2009/12/05 08:53:40 | 003,042,504 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2009/12/05 08:53:38 | 006,622,920 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2009/12/05 08:53:38 | 003,291,336 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 12:21:18 | 000,156,160 | ---- | M] () -- C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
========== Modules (SafeList) ==========

MOD - [2010/10/31 16:18:47 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/12/05 08:53:38 | 000,941,256 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/13 19:12:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 19:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 19:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\VentSrv\ventrilo_svc.exe -- (Ventrilo)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll -- (helpsvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/12/05 08:53:38 | 003,291,336 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva349.sys -- (XDva349)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Cattie\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/02/18 06:33:48 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/05 08:28:06 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/12/05 08:27:56 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009/12/05 08:27:52 | 000,223,312 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/23 16:35:21 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/06 21:41:36 | 006,811,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/06 21:29:14 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/06 21:29:08 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/04/06 21:25:40 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2004/07/29 13:14:22 | 000,091,577 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2010/04/22 11:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cattie\Application Data\Mozilla\Extensions
[2010/08/23 10:58:21 | 000,001,943 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober21872000.xml
[2009/04/07 13:59:38 | 000,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober426181186.gif
[2010/05/10 18:01:07 | 000,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober426181186.src

O1 HOSTS File: ([2010/07/10 01:12:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ReminderApp] C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe ()
O4 - Startup: C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://www.shockwave.com/content/feedingfrenzy/sis/SproutLauncher.cab (SproutLauncherCtrl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Cattie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cattie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: ECenter - hkey= - key= - C:\dell\E-Center\EULALauncher.exe ( )
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {38539595-3E29-410d-ABBD-3D6A75BC9A73} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (15213259493736448)

========== Files/Folders - Created Within 30 Days ==========

[2010/10/31 16:18:47 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\OTL.exe
[2010/10/29 03:26:23 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/29 03:26:09 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/29 02:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/10/29 02:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/10/29 02:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/10/29 02:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/10/29 02:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/10/29 02:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/10/29 02:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media
[2010/10/29 02:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2010/10/29 02:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/10/29 02:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/29 02:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/29 02:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cattie\Application Data\MSNInstaller
[2010/10/24 03:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cattie\Local Settings\Application Data\ATTYToolbar
[2010/10/24 03:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar
[2010/10/24 03:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/10/22 20:56:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/31 16:21:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34CD53BE-07A6-4108-B6CE-D8E418EA34BA}.job
[2010/10/31 16:18:47 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\OTL.exe
[2010/10/31 12:15:20 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{96B2581F-E1FF-4224-B9F2-AB3E31D00B96}.job
[2010/10/30 09:22:07 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2096645506-828190138-1039861506-1008.job
[2010/10/30 09:21:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/30 09:21:54 | 2078,789,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/30 09:21:54 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/30 08:40:02 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/29 08:10:14 | 000,466,326 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/29 08:10:14 | 000,081,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/29 06:03:00 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Deskjet D1400 series.job
[2010/10/29 02:55:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/29 02:09:44 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2096645506-828190138-1039861506-1008.job
[2010/10/24 16:25:01 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/15 15:19:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
========== Files Created - No Company Name ==========

[2010/10/29 02:55:47 | 2078,789,632 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/15 15:19:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/06/24 10:20:12 | 000,384,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/31 19:53:59 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\Poladroid prefs.plist
[2010/05/12 21:06:10 | 000,000,210 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/03/10 17:20:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\wklnhst.dat
[2010/03/09 12:58:01 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Cattie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/27 23:44:17 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009/08/09 04:11:24 | 000,010,480 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xonopeb.ban
[2009/08/09 04:11:23 | 000,017,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\agijudo.dat
[2009/08/09 04:11:23 | 000,013,722 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tumudyh.lib
[2009/06/09 10:56:00 | 000,058,672 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2009/04/09 01:14:06 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/12 14:20:01 | 000,008,553 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/23 16:39:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/04/23 16:03:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/04/23 16:03:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/04/23 16:02:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/04/23 16:02:59 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/23 16:02:58 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/04/23 16:01:22 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 13:12:05 | 000,000,884 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1997/06/13 20:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Custom Scans ==========


< >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >
[2004/08/04 05:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/04 05:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/08/04 05:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/04 05:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/04 05:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/04 05:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/04 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/04 05:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/04 05:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/04 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 05:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 05:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 05:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/08/31 08:42:52 | 001,852,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/10/21 05:39:33 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/02/04 11:39:14 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2010/02/18 04:49:33 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/04 00:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2010/07/10 01:14:49 | 000,878,954 | ---- | M] () -- C:\ComboFix.txt
[2004/08/10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/04/23 16:06:40 | 000,007,097 | RH-- | M] () -- C:\dell.sdr
[2010/10/30 09:21:54 | 2078,789,632 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/07 13:11:43 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2008/04/23 16:36:12 | 000,001,211 | -H-- | M] () -- C:\IPH.PH
[2004/08/10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/01/14 16:03:30 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/30 09:21:53 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009/09/26 17:41:52 | 000,000,204 | ---- | M] () -- C:\Plugins
[2010/07/19 18:03:30 | 000,001,736 | ---- | M] () -- C:\sti.log
[2008/04/23 16:36:19 | 000,000,071 | ---- | M] () -- C:\SystemInfo.ini

< %PROGRAMFILES%\*. >
[2010/01/15 12:27:38 | 000,000,000 | ---D | M] -- C:\Program Files\2Wire
[2009/04/09 00:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/02/18 07:25:02 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/08/23 15:37:15 | 000,000,000 | ---D | M] -- C:\Program Files\att games
[2010/02/18 06:25:02 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2009/10/27 18:42:00 | 000,000,000 | ---D | M] -- C:\Program Files\Bethesda Softworks
[2010/01/08 23:52:21 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2010/10/29 02:23:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/10 13:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2008/04/23 16:10:48 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/03/24 12:48:22 | 000,000,000 | ---D | M] -- C:\Program Files\Crystalize
[2008/04/23 16:27:19 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/10/29 01:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2008/04/23 16:30:17 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2010/10/29 02:46:14 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/01/15 17:00:02 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2010/10/29 02:45:10 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2010/03/24 12:48:36 | 000,000,000 | ---D | M] -- C:\Program Files\GameMill Entertainment
[2010/10/29 02:27:52 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/01/25 07:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2010/10/29 02:51:56 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/10/29 08:29:12 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/10/29 02:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/10/24 10:32:45 | 000,000,000 | ---D | M] -- C:\Program Files\Jewels of the Nile
[2010/05/01 10:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/14 16:08:59 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2004/08/10 13:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/04/23 16:30:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/10/29 08:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/06/25 13:53:02 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2010/10/29 08:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/10/29 03:11:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/15 03:07:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/10/29 02:52:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 13:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/04/23 16:22:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2009/10/10 19:40:34 | 000,000,000 | ---D | M] -- C:\Program Files\myapp
[2010/01/14 16:05:21 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2008/04/23 16:27:09 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2010/05/16 20:52:56 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan
[2010/10/29 02:45:49 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2010/01/12 00:15:49 | 000,000,000 | ---D | M] -- C:\Program Files\Nova Development
[2010/10/29 02:45:42 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2004/08/10 13:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/12 08:01:25 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/10/10 17:43:30 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/01/08 23:23:26 | 000,000,000 | ---D | M] -- C:\Program Files\Perfect World Entertainment
[2008/04/23 16:35:31 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/10/29 02:52:36 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/10/29 02:52:35 | 000,000,000 | ---D | M] -- C:\Program Files\real(2)
[2009/08/15 03:07:31 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/04/23 16:31:41 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/03/24 12:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\SBC Yahoo!
[2010/06/14 04:33:55 | 000,000,000 | ---D | M] -- C:\Program Files\SecondLifeViewer2
[2010/01/14 19:53:19 | 000,000,000 | ---D | M] -- C:\Program Files\Selectsoft
[2010/02/05 13:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\Stardock
[2008/08/10 02:11:43 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2010/02/18 05:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\Tall Emu
[2009/10/10 19:51:58 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2010/06/14 02:45:36 | 000,000,000 | ---D | M] -- C:\Program Files\TrueGames
[2010/01/25 07:14:48 | 000,000,000 | ---D | M] -- C:\Program Files\Turbo Tax Audit Support Center
[2004/08/10 13:08:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/10/29 02:52:11 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2008/04/23 16:35:07 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/10/21 16:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Vegas Slots Bonus
[2010/01/14 16:06:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/01/14 16:05:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/10 13:02:52 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/10/29 02:51:38 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2010/10/29 02:50:41 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft
[2010/07/19 19:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft Public Test
[2004/08/10 13:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/10/24 03:46:13 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2004/08/10 12:57:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Cattie\Application Data\desktop.ini
[2010/05/31 19:57:19 | 000,000,507 | ---- | M] () -- C:\Documents and Settings\Cattie\Application Data\Poladroid prefs.plist
[2010/03/10 17:20:29 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cattie\Application Data\wklnhst.dat

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/04 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbstor.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2010/01/14 16:00:20 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\dllcache\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-30 13:40:09

< >

< >

========== Files - Unicode (All) ==========
[2009/07/11 15:25:41 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/07/11 15:25:41 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE524528
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7079A696
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8A67568
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B83BF1A6
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F7ECF6A
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5466F106
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25C9263
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACBFC561
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:902B3C72
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:726A7C8D
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E0A3B1D
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2A8A3140
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7D49B96B
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E01CFEDF
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE89FFE
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F42CF153
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52A42F4C
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48529647
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3FBB88CF
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2085D07D
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:943D6A82
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76C67845
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60D0CFE2
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41099CE9
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CA18B6B
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C3A4217C
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B5A665E
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D20FFA63
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF4B1DA9
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8C4808B
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03033228
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D82A9FCF
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C885EDD
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18AE7C5A
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD171C9E
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41B89F80
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF2EA4BB
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C10D19E3
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:26140299
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B9775780
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A93CBF2B
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81C88EA7
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F878F14A
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5216CD26
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DBA1A307
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81B52FA6
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4C509008
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:017D5143
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8EEE3BBB
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E100A8C
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E7C402E
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D09AEE3D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B9E766D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:052A05A1
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7

< End of report >

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
it only opened 1 notepad the otl.txt one

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
Hi,

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    [2009/08/09 04:11:24 | 000,010,480 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xonopeb.ban
    [2009/08/09 04:11:23 | 000,017,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\agijudo.dat
    [2009/08/09 04:11:23 | 000,013,722 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tumudyh.lib



    :commands
    [emptytemp]



  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

============

Please download ComboFix Possible Virus. (TR/Crypt.TKM....) Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Possible Virus. (TR/Crypt.TKM....) Query_RC
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Possible Virus. (TR/Crypt.TKM....) RC_successful

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
OTL logfile created on: 11/1/2010 7:46:18 PM - Run 3
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Documents and Settings\Cattie\Desktop\unused shit
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.96 Gb Total Space | 94.85 Gb Free Space | 63.67% Space Free | Partition Type: NTFS

Computer Name: CLBPC | User Name: Cattie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/31 16:18:47 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\unused shit\OTL.exe
PRC - [2009/12/05 08:53:40 | 003,042,504 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oahlp.exe
PRC - [2009/12/05 08:53:38 | 006,622,920 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
PRC - [2009/12/05 08:53:38 | 003,291,336 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe
PRC - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oacat.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/02 12:21:18 | 000,156,160 | ---- | M] () -- C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe


========== Modules (SafeList) ==========

MOD - [2010/10/31 16:18:47 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cattie\Desktop\unused shit\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/12/05 08:53:38 | 000,941,256 | ---- | M] (Tall Emu) -- C:\Program Files\Tall Emu\Online Armor\oawatch.dll
MOD - [2008/04/13 19:12:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 19:12:10 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 19:12:09 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\VentSrv\ventrilo_svc.exe -- (Ventrilo)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll -- (helpsvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/12/05 08:53:38 | 003,291,336 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2009/12/05 08:53:38 | 001,282,248 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva349.sys -- (XDva349)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Cattie\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/02/18 06:33:48 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/05 08:28:06 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009/12/05 08:27:56 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009/12/05 08:27:52 | 000,223,312 | ---- | M] (Tall Emu) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/23 16:35:21 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/04/06 21:41:36 | 006,811,904 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/04/06 21:29:14 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/04/06 21:29:08 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/04/06 21:25:40 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/23 10:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 12:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2004/07/29 13:14:22 | 000,091,577 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: textlinks@gamevance.com:1.0.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/31 17:08:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/31 17:08:13 | 000,000,000 | ---D | M]

[2010/04/22 11:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cattie\Application Data\Mozilla\Extensions
[2010/10/31 17:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cattie\Application Data\Mozilla\Firefox\Profiles\ip2bm7id.default\extensions
[2010/10/31 17:08:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/23 10:58:21 | 000,001,943 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober21872000.xml
[2009/04/07 13:59:38 | 000,000,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober426181186.gif
[2010/05/10 18:01:07 | 000,000,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Yahooober426181186.src

O1 HOSTS File: ([2010/07/10 01:12:57 | 000,000,027 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ReminderApp] C:\Program Files\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10h_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB (PogoWebLauncher Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DDRevision Class)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://www.shockwave.com/content/feedingfrenzy/sis/SproutLauncher.cab (SproutLauncherCtrl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Cattie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cattie\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/31 16:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Zappit
[2010/10/29 03:26:23 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/29 03:26:09 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/10/29 02:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/10/29 02:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/10/29 02:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/10/29 02:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/10/29 02:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media
[2010/10/29 02:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2010/10/29 02:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/10/29 02:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/29 02:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/29 02:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cattie\Application Data\MSNInstaller
[2010/10/24 03:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cattie\Local Settings\Application Data\ATTYToolbar
[2010/10/24 03:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATTYToolbar
[2010/10/24 03:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/10/22 20:56:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

========== Files - Modified Within 30 Days ==========

[2010/11/01 19:46:00 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34CD53BE-07A6-4108-B6CE-D8E418EA34BA}.job
[2010/11/01 19:40:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{96B2581F-E1FF-4224-B9F2-AB3E31D00B96}.job
[2010/11/01 16:50:24 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\System Cleanup by Zappit.job
[2010/11/01 06:03:00 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Deskjet D1400 series.job
[2010/10/31 21:51:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/31 17:08:15 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Cattie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/31 17:08:15 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/31 16:53:17 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2096645506-828190138-1039861506-1008.job
[2010/10/31 16:53:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/31 16:53:05 | 2078,789,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/31 16:48:18 | 000,001,530 | ---- | M] () -- C:\Documents and Settings\Cattie\Application Data\Microsoft\Internet Explorer\Quick Launch\Zappit!.lnk
[2010/10/31 16:48:18 | 000,001,512 | ---- | M] () -- C:\Documents and Settings\Cattie\Desktop\Zappit!.lnk
[2010/10/30 09:21:54 | 000,224,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/30 08:40:02 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/29 08:10:14 | 000,466,326 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/29 08:10:14 | 000,081,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/29 02:55:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/29 02:09:44 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2096645506-828190138-1039861506-1008.job
[2010/10/15 15:19:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip

========== Files Created - No Company Name ==========

[2010/10/31 17:08:15 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/31 17:08:15 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/31 16:50:29 | 000,000,244 | ---- | C] () -- C:\WINDOWS\tasks\System Cleanup by Zappit.job
[2010/10/31 16:48:18 | 000,001,530 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\Microsoft\Internet Explorer\Quick Launch\Zappit!.lnk
[2010/10/31 16:48:18 | 000,001,512 | ---- | C] () -- C:\Documents and Settings\Cattie\Desktop\Zappit!.lnk
[2010/10/29 02:55:47 | 2078,789,632 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/15 15:19:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cattie\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/06/24 10:20:12 | 000,384,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/31 19:53:59 | 000,000,507 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\Poladroid prefs.plist
[2010/03/10 17:20:29 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cattie\Application Data\wklnhst.dat
[2010/03/09 12:58:01 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Cattie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/27 23:44:17 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009/08/09 04:11:24 | 000,010,480 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xonopeb.ban
[2009/08/09 04:11:23 | 000,017,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\agijudo.dat
[2009/08/09 04:11:23 | 000,013,722 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tumudyh.lib
[2009/06/09 10:56:00 | 000,058,672 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2009/04/09 01:14:06 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/07/12 14:20:01 | 000,008,553 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/04/23 16:39:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/04/23 16:03:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/04/23 16:03:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/04/23 16:02:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/04/23 16:02:59 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/23 16:02:58 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/04/23 16:01:22 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 13:12:05 | 000,000,884 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1997/06/13 20:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Custom Scans ==========


< :OTL >

< [2009/08/09 04:11:24 | 000,010,480 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xonopeb.ban >
Invalid Switch: 09 04:11:24 | 000,010,480 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xonopeb.ban


< [2009/08/09 04:11:23 | 000,017,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\agijudo.dat >
Invalid Switch: 09 04:11:23 | 000,017,411 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\agijudo.dat


< [2009/08/09 04:11:23 | 000,013,722 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tumudyh.lib >
Invalid Switch: 09 04:11:23 | 000,013,722 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tumudyh.lib


< >

< >

< >

< :commands >

< [emptytemp] >

========== Files - Unicode (All) ==========
[2009/07/11 15:25:41 | 000,000,040 | ---- | M] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/07/11 15:25:41 | 000,000,040 | ---- | C] ()(C:\WINDOWS\System32\????????????????????4???????????????????????) -- C:\WINDOWS\System32\㩃停潲牧浡䘠汩獥噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE524528
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7079A696
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F8A67568
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B83BF1A6
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F7ECF6A
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5466F106
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C25C9263
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:77846FFE
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ACBFC561
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:902B3C72
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:726A7C8D
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E0A3B1D
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2A8A3140
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7D49B96B
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5EC637CB
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E01CFEDF
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ABE89FFE
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F42CF153
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:52A42F4C
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:48529647
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3FBB88CF
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2085D07D
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:943D6A82
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:76C67845
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:60D0CFE2
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41099CE9
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CA18B6B
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C3A4217C
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B5A665E
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D20FFA63
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EF4B1DA9
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8C4808B
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:03033228
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D82A9FCF
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8C885EDD
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18AE7C5A
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD171C9E
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:41B89F80
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF2EA4BB
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C10D19E3
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:445352A1
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:26140299
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B9775780
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A93CBF2B
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81C88EA7
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FCB70953
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F878F14A
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5216CD26
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DBA1A307
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:81B52FA6
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4C509008
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:017D5143
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F28B00
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8EEE3BBB
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7E100A8C
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E7C402E
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D09AEE3D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8B9E766D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:052A05A1
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:588B60C7

< End of report >

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
ComboFix 10-11-01.01 - Cattie 11/01/2010 19:58:28.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1982.1557 [GMT -5:00]
Running from: c:\documents and settings\Cattie\My Documents\Downloads\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.

((((((((((((((((((((((((( Files Created from 2010-10-02 to 2010-11-02 )))))))))))))))))))))))))))))))
.

2010-11-02 00:53 . 2010-11-02 00:53 -------- d-----w- C:\commy21275c
2010-10-31 21:48 . 2010-10-31 21:48 -------- d-----w- c:\program files\Zappit
2010-10-29 08:26 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-29 08:26 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-29 07:54 . 2010-10-29 07:54 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-29 07:52 . 2010-10-29 07:52 -------- d-----w- c:\program files\Real
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\NOS
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\Oberon Media
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\Java
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\Common Files\Java
2010-10-29 07:45 . 2010-10-29 07:45 -------- d-----w- c:\program files\ESET
2010-10-29 07:24 . 2010-10-29 07:24 -------- d-----w- c:\documents and settings\Cattie\Application Data\MSNInstaller
2010-10-24 08:46 . 2010-10-26 02:02 -------- d-----w- c:\documents and settings\Cattie\Local Settings\Application Data\ATTYToolbar
2010-10-24 08:46 . 2010-10-29 07:45 -------- d-----w- c:\documents and settings\All Users\Application Data\ATTYToolbar
2010-10-24 08:46 . 2010-10-29 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 17:23 . 2004-08-10 17:51 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-10 17:51 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-10 17:51 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-10 17:51 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-08-10 17:50 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-10 17:51 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-10 17:51 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-10 17:51 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-10 17:51 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-04-16 22:42 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-10 17:50 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-10 17:51 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-10 17:51 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((( SnapShot_2010-07-10_06.13.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-23 21:22 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
- 2008-04-23 21:22 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2004-08-10 17:51 . 2008-04-14 00:12 57856 c:\windows\system32\spoolsv(2).exe
+ 2004-08-10 17:51 . 2010-10-29 13:10 81774 c:\windows\system32\perfc009.dat
+ 2004-08-10 17:51 . 2010-09-10 05:58 66560 c:\windows\system32\mshtmled.dll
- 2004-08-10 17:51 . 2009-03-08 09:31 66560 c:\windows\system32\mshtmled.dll
+ 2007-08-13 23:54 . 2010-09-10 05:58 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 23:54 . 2010-05-06 10:41 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 25600 c:\windows\system32\jsproxy.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 25600 c:\windows\system32\jsproxy.dll
- 2004-08-10 17:51 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
+ 2004-08-10 17:51 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2009-07-11 16:57 . 2010-09-10 05:58 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-07-11 16:57 . 2010-05-06 10:41 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 91648 c:\windows\system32\dllcache\xactsrv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 50688 c:\windows\system32\dllcache\wstdecod.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2008-08-27 00:45 . 2004-08-04 03:29 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2008-08-27 00:45 . 2004-08-04 03:29 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2008-08-27 00:45 . 2004-08-04 03:29 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2008-08-27 00:45 . 2004-08-04 03:29 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2008-08-27 00:45 . 2004-08-04 03:29 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2008-08-27 00:45 . 2004-08-04 03:29 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2008-08-27 00:45 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2004-08-10 18:24 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2008-08-27 00:45 . 2008-04-14 00:12 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2004-08-04 04:08 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2008-08-27 00:56 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys
+ 2008-07-12 19:16 . 2008-04-13 18:47 25856 c:\windows\system32\dllcache\usbprint.sys
+ 2004-08-04 04:08 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2008-07-07 18:11 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys
+ 2001-08-17 19:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 19:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2008-08-27 00:45 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2004-08-10 17:51 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2004-08-10 17:51 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2008-08-27 00:45 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2004-08-04 04:03 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2004-08-10 18:01 . 2008-04-14 00:13 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2004-08-10 18:01 . 2008-04-14 00:13 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2004-08-10 17:51 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
+ 2010-07-08 14:21 . 2008-04-13 17:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2004-08-04 04:08 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-08-04 04:09 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2008-08-27 00:44 . 2004-08-04 03:41 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2008-08-27 00:44 . 2004-08-04 03:41 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2004-08-10 18:22 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 31232 c:\windows\system32\dllcache\sethc.exe
+ 2004-08-04 03:59 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 54784 c:\windows\system32\dllcache\sendmail.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2008-08-27 00:44 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2004-08-10 17:51 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2008-08-27 00:44 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2008-08-27 00:44 . 2004-08-04 03:41 13776 c:\windows\system32\dllcache\recagent.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\rasauto.dll
+ 2004-08-10 17:51 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 80128 c:\windows\system32\dllcache\parport.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 42752 c:\windows\system32\dllcache\p3.sys
+ 2004-08-10 17:51 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2004-08-10 17:51 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys
+ 2004-08-04 03:58 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2010-07-08 14:21 . 2008-04-13 17:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\narrator.exe
+ 2008-08-27 00:43 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz

+ 2007-05-08 22:08 . 2008-04-13 17:27 79872 c:\windows\system32\dllcache\msxml6r.dll
- 2008-08-27 00:43 . 2008-04-13 17:27 79872 c:\windows\system32\dllcache\msxml6r.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 57344 c:\windows\system32\dllcache\msvcirt.dll
- 2004-08-10 17:51 . 2009-03-08 09:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\msgsvc.dll
- 2008-07-26 13:30 . 2010-05-06 10:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-07-26 13:30 . 2010-09-10 05:58 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 63744 c:\windows\system32\dllcache\mf.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 35328 c:\windows\system32\dllcache\mciqtz32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 72704 c:\windows\system32\dllcache\magnify.exe
+ 2004-08-10 17:51 . 2010-09-10 05:58 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 17:57 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys
+ 2004-08-10 17:51 . 2008-04-13 18:57 20864 c:\windows\system32\dllcache\ipinip.sys
+ 2004-08-10 17:51 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\ip6fw.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 36352 c:\windows\system32\dllcache\intelppm.sys
+ 2004-08-10 18:02 . 2008-04-14 00:12 20480 c:\windows\system32\dllcache\inetwiz.exe
+ 2004-08-10 18:02 . 2008-04-13 16:22 48128 c:\windows\system32\dllcache\inetres.dll
+ 2004-08-10 17:51 . 2008-04-14 00:11 32768 c:\windows\system32\dllcache\inetmib1.dll
+ 2004-08-10 18:02 . 2008-04-14 00:11 49152 c:\windows\system32\dllcache\icwutil.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 24576 c:\windows\system32\dllcache\icwrmind.exe
+ 2004-08-10 18:02 . 2008-04-14 00:11 32768 c:\windows\system32\dllcache\icwdl.dll
+ 2004-08-10 18:02 . 2008-04-14 00:12 86016 c:\windows\system32\dllcache\icwconn2.exe
+ 2004-08-10 18:02 . 2008-04-14 00:11 61440 c:\windows\system32\dllcache\icwconn.dll
+ 2004-08-10 18:30 . 2008-04-13 18:41 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2008-08-27 00:42 . 2008-04-13 18:45 19200 c:\windows\system32\dllcache\hidir.sys
+ 2008-08-27 00:42 . 2008-04-13 18:46 25600 c:\windows\system32\dllcache\hidbth.sys
+ 2008-08-27 00:42 . 2008-04-13 18:36 46464 c:\windows\system32\dllcache\gagp30kx.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 20480 c:\windows\system32\dllcache\flpydisk.sys
+ 2004-08-04 03:59 . 2008-04-13 18:40 27392 c:\windows\system32\dllcache\fdc.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 20480 c:\windows\system32\dllcache\encapi.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 55632 c:\windows\system32\dllcache\dwil1033.dll
+ 2004-08-10 17:50 . 2008-04-13 18:40 14208 c:\windows\system32\dllcache\diskdump.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 36736 c:\windows\system32\dllcache\crusoe.sys
+ 2004-08-10 17:50 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\clipsrv.exe
+ 2008-08-27 00:42 . 2008-04-14 00:11 15423 c:\windows\system32\dllcache\ch7xxnt5.dll
+ 2008-08-27 00:42 . 2008-04-13 18:46 18944 c:\windows\system32\dllcache\bthusb.sys
+ 2008-08-27 00:42 . 2008-04-13 18:46 36480 c:\windows\system32\dllcache\bthprint.sys
+ 2008-08-27 00:42 . 2008-04-13 18:46 37888 c:\windows\system32\dllcache\bthmodem.sys
+ 2008-08-27 00:42 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\bthenum.sys
+ 2004-08-04 05:56 . 2008-04-14 00:11 20992 c:\windows\system32\dllcache\bthci.dll
+ 2004-08-10 17:50 . 2008-04-13 18:53 71552 c:\windows\system32\dllcache\bridge.sys
+ 2008-08-27 00:42 . 2008-04-14 00:11 17279 c:\windows\system32\dllcache\atv10nt5.dll
+ 2008-08-27 00:42 . 2008-04-14 00:11 14143 c:\windows\system32\dllcache\atv06nt5.dll
+ 2008-08-27 00:42 . 2008-04-14 00:11 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2008-08-27 00:42 . 2008-04-14 00:11 11359 c:\windows\system32\dllcache\atv02nt5.dll
+ 2008-08-27 00:42 . 2008-04-14 00:11 21183 c:\windows\system32\dllcache\atv01nt5.dll
+ 2004-08-10 17:50 . 2008-04-13 18:51 55808 c:\windows\system32\dllcache\atmlane.sys
+ 2004-08-10 17:50 . 2008-04-13 18:51 59904 c:\windows\system32\dllcache\atmarpc.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 63488 c:\windows\system32\dllcache\atinxsxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 31744 c:\windows\system32\dllcache\atinxbxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 73216 c:\windows\system32\dllcache\atintuxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 13824 c:\windows\system32\dllcache\atinttxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 28672 c:\windows\system32\dllcache\atinsnxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 52224 c:\windows\system32\dllcache\atinraxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 14336 c:\windows\system32\dllcache\atinpdxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 13824 c:\windows\system32\dllcache\atinmdxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 57856 c:\windows\system32\dllcache\atinbtxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 34735 c:\windows\system32\dllcache\ati1xsxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 29455 c:\windows\system32\dllcache\ati1xbxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 36463 c:\windows\system32\dllcache\ati1tuxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 21343 c:\windows\system32\dllcache\ati1ttxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 26367 c:\windows\system32\dllcache\ati1snxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 63663 c:\windows\system32\dllcache\ati1rvxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 30671 c:\windows\system32\dllcache\ati1raxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 12047 c:\windows\system32\dllcache\ati1pdxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 11615 c:\windows\system32\dllcache\ati1mdxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 56623 c:\windows\system32\dllcache\ati1btxx.sys
+ 2004-08-10 17:50 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\asyncmac.sys
+ 2004-08-04 03:58 . 2008-04-13 18:51 60800 c:\windows\system32\dllcache\arp1394.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 37760 c:\windows\system32\dllcache\amdk7.sys
+ 2004-08-04 03:59 . 2008-04-13 18:31 37376 c:\windows\system32\dllcache\amdk6.sys
+ 2004-08-10 18:16 . 2008-04-13 18:36 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2004-08-10 18:16 . 2008-04-13 18:36 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2004-08-10 18:22 . 2008-04-13 18:36 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2004-08-10 17:58 . 2008-04-13 18:36 42368 c:\windows\system32\dllcache\agp440.sys
+ 2010-09-22 14:43 . 2010-09-22 14:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2010-03-23 10:31 . 2010-03-23 10:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-09-23 20:55 . 2010-09-23 20:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-04-01 16:42 . 2010-04-01 16:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-03-31 19:51 . 2010-03-31 19:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 07:26 . 2010-09-23 07:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-03-31 19:51 . 2010-03-31 19:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 07:26 . 2010-09-23 07:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-03-31 19:51 . 2010-03-31 19:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 07:26 . 2010-09-23 07:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2010-03-31 20:32 . 2010-03-31 20:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 08:17 . 2010-09-23 08:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 08:17 . 2010-09-23 08:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-03-31 20:32 . 2010-03-31 20:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-06-10 13:18 . 2010-06-10 13:18 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-10-29 13:11 . 2010-10-29 13:11 35600 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-04-23 21:30 . 2010-10-29 13:11 25214 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\MSWorks.exe
- 2008-04-23 21:30 . 2009-06-26 08:05 25214 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\MSWorks.exe
+ 2010-10-29 13:07 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-29 13:07 . 2009-03-08 09:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-29 13:07 . 2009-03-08 09:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-10-29 13:02 . 2010-10-29 13:02 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e02e0e34\System.Drawing.Design.dll
+ 2010-10-29 13:02 . 2010-10-29 13:02 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_27d2786d\CustomMarshalers.dll
+ 2010-10-29 13:14 . 2010-10-29 13:14 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-10-29 13:12 . 2010-10-29 13:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-10-29 13:11 . 2010-10-29 13:11 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-10-29 13:16 . 2010-10-29 13:16 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-10 13:19 . 2010-06-10 13:19 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-29 13:02 . 2010-10-29 13:02 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-09-01 11:13 . 2010-07-30 03:18 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
- 2009-09-01 11:13 . 2009-10-08 03:17 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2009-09-01 11:13 . 2010-07-30 03:18 93696 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2010-07-22 23:20 . 2010-07-30 03:18 81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
+ 2010-10-30 13:38 . 2008-04-14 00:11 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-10-30 13:40 . 2008-04-14 00:12 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-29 13:01 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-10-29 13:01 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-10-30 13:38 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-10-30 13:38 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-10-29 13:12 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-10-29 13:12 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-29 13:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-10-29 13:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-29 13:10 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-10-29 08:07 . 2010-06-18 06:28 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-10-29 13:10 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-10-30 13:40 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-10-30 13:40 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-30 13:39 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-10-30 13:39 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-29 13:12 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-10-29 13:12 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-07-20 15:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-20 15:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz

+ 2010-10-30 13:38 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-10-30 13:38 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-10-30 13:39 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-10-30 13:39 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-10-29 13:12 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-10-29 13:12 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-10-30 13:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-08-10 18:01 . 2008-04-13 17:10 6656 c:\windows\system32\dllcache\wmiapres.dll
+ 2004-08-10 18:36 . 2008-04-13 18:40 5376 c:\windows\system32\dllcache\viaide.sys
+ 2008-08-27 00:44 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys
+ 2008-08-27 00:44 . 2008-04-14 00:12 3901 c:\windows\system32\dllcache\siint5.dll
+ 2004-08-10 17:51 . 2004-08-04 10:00 3584 c:\windows\system32\dllcache\riched32.dll
+ 2008-04-23 21:11 . 2008-04-13 18:39 4992 c:\windows\system32\dllcache\mspqm.sys
+ 2008-04-23 21:11 . 2008-04-13 18:39 5376 c:\windows\system32\dllcache\mspclock.sys
+ 2008-04-23 21:11 . 2008-04-13 18:39 7552 c:\windows\system32\dllcache\mskssrv.sys
+ 2004-08-10 17:51 . 2004-08-04 10:00 7168 c:\windows\system32\dllcache\mscat32.dll
+ 2004-08-10 17:58 . 2008-04-13 18:40 5504 c:\windows\system32\dllcache\intelide.sys
+ 2004-08-04 05:56 . 2008-04-14 00:11 7168 c:\windows\system32\dllcache\hccoin.dll
+ 2004-08-10 17:50 . 2008-04-14 00:12 5632 c:\windows\system32\dllcache\cisvc.exe
+ 2004-08-10 17:57 . 2008-04-14 00:11 8704 c:\windows\system32\dllcache\batt.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2008-08-27 00:41 . 2008-04-14 00:11 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-24 13:03 . 2010-06-24 13:03 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2004-08-10 17:51 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2004-08-10 17:51 . 2010-05-06 10:41 916480 c:\windows\system32\wininet(4).dll
+ 2004-08-10 17:51 . 2010-06-24 12:22 916480 c:\windows\system32\wininet(3).dll
+ 2004-08-10 17:51 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2004-08-10 17:51 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed(2).dll
+ 2004-08-10 17:51 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2004-08-10 17:51 . 2010-10-29 13:10 466326 c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2010-09-10 05:58 206848 c:\windows\system32\occache.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 206848 c:\windows\system32\occache.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 611840 c:\windows\system32\mstime.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 23:54 . 2010-09-10 05:58 602112 c:\windows\system32\msfeeds.dll
- 2004-08-10 17:51 . 2008-04-14 00:11 384512 c:\windows\system32\mp4sdmod.dll
+ 2004-08-10 17:51 . 2010-04-05 16:54 384512 c:\windows\system32\mp4sdmod.dll
+ 2010-07-11 12:04 . 2010-07-11 12:04 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2004-08-10 18:02 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 184320 c:\windows\system32\iepeers.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 184320 c:\windows\system32\iepeers.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 17:51 . 2010-08-26 12:22 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-10 17:51 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-10 17:57 . 2010-06-10 16:58 224024 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 17:57 . 2010-10-30 14:21 224024 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-23 21:19 . 2008-04-13 17:39 689152 c:\windows\system32\dllcache\xpsp3res.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 129024 c:\windows\system32\dllcache\xmlprov.dll
+ 2009-04-16 22:42 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-10 18:02 . 2008-04-14 00:12 402432 c:\windows\system32\dllcache\wmm2filt.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 144896 c:\windows\system32\dllcache\wmiprov.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 126464 c:\windows\system32\dllcache\wmiapsrv.exe
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
- 2008-04-23 21:20 . 2010-05-06 10:41 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-23 21:20 . 2010-09-10 05:58 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 289792 c:\windows\system32\dllcache\vssvc.exe
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-08-27 00:45 . 2008-04-13 18:46 121984 c:\windows\system32\dllcache\usbvideo.sys
+ 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
- 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-14 23:47 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys
+ 2008-08-27 00:44 . 2004-08-04 03:41 404990 c:\windows\system32\dllcache\slntamr.sys
+ 2008-08-27 00:44 . 2004-08-04 03:41 129535 c:\windows\system32\dllcache\slnt7554.sys
+ 2004-08-10 18:01 . 2008-04-14 00:12 141312 c:\windows\system32\dllcache\sessmgr.exe
+ 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2008-08-27 00:44 . 2004-08-04 03:29 166912 c:\windows\system32\dllcache\s3gnbm.sys
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2004-08-10 18:01 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2004-08-10 18:01 . 2008-04-13 18:32 196224 c:\windows\system32\dllcache\rdpdr.sys
+ 2004-08-10 17:51 . 2008-04-13 17:21 733696 c:\windows\system32\dllcache\qedwipes.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 562176 c:\windows\system32\dllcache\qedit.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 386048 c:\windows\system32\dllcache\qdvd.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 279040 c:\windows\system32\dllcache\qdv.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 192512 c:\windows\system32\dllcache\qcap.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 237568 c:\windows\system32\dllcache\qasf.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 237056 c:\windows\system32\dllcache\provthrd.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 560640 c:\windows\system32\dllcache\printui.dll
+ 2004-08-04 04:07 . 2008-04-13 18:36 120192 c:\windows\system32\dllcache\pcmcia.sys
+ 2007-08-13 23:44 . 2010-09-10 05:58 206848 c:\windows\system32\dllcache\occache.dll
- 2007-08-13 23:44 . 2010-05-06 10:41 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-08-27 00:44 . 2004-08-04 03:41 180360 c:\windows\system32\dllcache\ntmtlfax.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\ntmssvc.dll
+ 2004-08-10 18:01 . 2008-04-14 00:12 212992 c:\windows\system32\dllcache\ntevt.dll
+ 2008-08-27 00:43 . 2004-08-04 03:29 452736 c:\windows\system32\dllcache\mtxparhm.sys
+ 2008-08-27 00:43 . 2004-08-04 03:41 126686 c:\windows\system32\dllcache\mtlmnt5.sys
+ 2004-08-10 17:51 . 2008-04-14 00:12 506368 c:\windows\system32\dllcache\msxml.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-07-26 13:30 . 2010-09-10 05:58 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2004-08-10 17:51 . 2008-04-14 00:11 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2004-08-10 17:51 . 2010-04-05 16:54 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2008-04-23 21:20 . 2010-09-18 17:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2004-08-10 17:51 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2004-08-10 17:51 . 2008-04-14 10:41 423936 c:\windows\system32\dllcache\licdll.dll
+ 2008-08-14 18:41 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2009-07-11 16:57 . 2010-05-06 10:41 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-07-11 16:57 . 2010-09-10 05:58 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 184320 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-09 21:56 . 2010-09-10 05:58 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-09 21:56 . 2010-05-06 10:41 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2004-08-10 17:51 . 2010-05-06 10:41 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-10 17:51 . 2010-09-10 05:58 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-10 17:51 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 17:51 . 2010-08-26 12:22 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 18:02 . 2008-04-14 00:11 172032 c:\windows\system32\dllcache\icwhelp.dll
+ 2008-08-27 00:42 . 2004-08-04 03:41 685056 c:\windows\system32\dllcache\hsfcxts2.sys
+ 2008-08-27 00:42 . 2004-08-04 03:41 220032 c:\windows\system32\dllcache\hsfbs2s2.sys
+ 2004-08-10 18:02 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
- 2004-08-10 18:02 . 2008-04-14 00:12 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2004-08-10 17:51 . 2008-04-14 00:11 122880 c:\windows\system32\dllcache\glu32.dll
+ 2004-08-10 17:51 . 2008-04-13 19:14 143744 c:\windows\system32\dllcache\fastfat.sys
+ 2004-08-10 17:51 . 2008-04-14 00:11 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-08-10 17:50 . 2008-04-13 18:44 153344 c:\windows\system32\dllcache\dmio.sys
+ 2004-08-10 17:50 . 2008-04-13 18:44 799744 c:\windows\system32\dllcache\dmboot.sys
+ 2008-08-27 00:42 . 2008-04-13 18:51 101120 c:\windows\system32\dllcache\bthpan.sys
+ 2010-04-20 05:30 . 2010-09-01 11:51 285824 c:\windows\system32\dllcache\atmfd.dll
+ 2008-08-27 00:42 . 2004-08-04 03:29 104960 c:\windows\system32\dllcache\atinrvxx.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 701440 c:\windows\system32\dllcache\ati2mtag.sys
+ 2008-08-27 00:42 . 2004-08-04 03:29 327040 c:\windows\system32\dllcache\ati2mtaa.sys
+ 2010-02-14 08:00 . 2010-10-30 04:01 262144 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2004-08-10 17:50 . 2010-04-20 05:30 285696 c:\windows\system32\atmfd(3).dll
+ 2004-08-10 18:02 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-10 18:02 . 2008-04-14 00:12 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2010-03-23 10:31 . 2010-03-23 10:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-09-22 14:43 . 2010-09-22 14:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-05-11 11:40 . 2010-05-11 11:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2009-08-08 04:51 . 2009-08-08 04:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-05-11 11:40 . 2010-05-11 11:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-23 07:26 . 2010-09-23 07:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2010-03-31 19:51 . 2010-03-31 19:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 07:25 . 2010-09-23 07:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 19:49 . 2010-03-31 19:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 20:32 . 2010-03-31 20:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 08:17 . 2010-09-23 08:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-24 02:02 . 2010-09-24 02:02 798208 c:\windows\Installer\f8318e.msp
+ 2010-09-24 02:02 . 2010-09-24 02:02 798208 c:\windows\Installer\34f8cd63.msp
- 2008-04-23 21:30 . 2009-06-26 08:05 693600 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
+ 2008-04-23 21:30 . 2010-10-29 13:11 693600 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
- 2008-04-23 21:30 . 2009-06-26 08:05 947552 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
+ 2008-04-23 21:30 . 2010-10-29 13:11 947552 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
- 2008-04-23 21:30 . 2009-06-26 08:05 709984 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
+ 2008-04-23 21:30 . 2010-10-29 13:11 709984 c:\windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
+ 2007-11-28 00:33 . 2007-11-28 00:33 173408 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F378_WkProof.dll
+ 2007-11-28 00:34 . 2007-11-28 00:34 972128 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20987_wkwpqd.dll
+ 2007-11-28 00:34 . 2007-11-28 00:34 161120 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20985_wkwpqrtf.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-29 13:07 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-29 13:07 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-29 13:07 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-29 13:07 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-29 13:07 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-10-29 13:02 . 2010-10-29 13:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_fe472458\System.Drawing.dll
+ 2010-10-29 13:02 . 2010-10-29 13:02 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f14e90e3\System.Drawing.Design.dll
+ 2010-10-29 13:02 . 2010-10-29 13:02 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b2658b08\CustomMarshalers.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-10-29 13:14 . 2010-10-29 13:14 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-10-29 13:14 . 2010-10-29 13:14 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-10-29 13:14 . 2010-10-29 13:14 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-29 13:18 . 2010-10-29 13:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-10-29 13:14 . 2010-10-29 13:14 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-10-29 13:17 . 2010-10-29 13:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-10-29 13:16 . 2010-10-29 13:16 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-10-29 13:13 . 2010-10-29 13:13 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-10-29 13:13 . 2010-10-29 13:13 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-10-29 13:13 . 2010-10-29 13:13 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-10-29 13:13 . 2010-10-29 13:13 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-10-29 13:16 . 2010-10-29 13:16 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-10-29 13:16 . 2010-10-29 13:16 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-10-29 13:16 . 2010-10-29 13:16 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-29 13:09 . 2010-10-29 13:09 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-24 13:03 . 2010-06-24 13:03 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-29 13:10 . 2010-10-29 13:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-06-24 13:04 . 2010-06-24 13:04 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-07-22 23:20 . 2010-07-30 03:18 833024 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2010-07-22 23:20 . 2010-07-30 03:18 102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
+ 2010-07-22 23:20 . 2010-07-30 03:18 114688 c:\windows\.jagex_cache_32\runescape\jaclib.dll

descriptionPossible Virus. (TR/Crypt.TKM....) EmptyRe: Possible Virus. (TR/Crypt.TKM....)

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum