help please...I think I have Virtumonde...thank you thank you thank you!!!

I will try........not all that familiar with making zip files.......I will try!!!!!
do I post them the same way?

When I try to attach zip it gives me this message:

"Could not upload file : exceeded total storage space. (Free space : 0)"


I will try to copy and paste in equal sections over many post's

OTL logfile created on: 1/24/2011 5:28:06 PM - Run 4
OTL by OldTimer - Version 3.2.20.5 Folder = C:\Users\Antonino\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 210.50 Gb Free Space | 70.62% Space Free | Partition Type: NTFS

Computer Name: ANTONINO-PC | User Name: Antonino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/24 16:55:14 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Antonino\Downloads\OTL(2).exe
PRC - [2010/12/17 13:07:06 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2010/12/09 14:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/12/03 15:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2009/05/26 20:22:21 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/05/26 20:22:17 | 000,068,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/01/24 16:55:14 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Antonino\Downloads\OTL(2).exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008/06/02 10:44:18 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/12/02 11:33:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/12/02 11:33:12 | 000,075,336 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:64bit: - [2010/12/02 11:33:12 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2010/12/02 11:33:12 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/11/25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/11/25 10:42:10 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/11/17 10:20:20 | 000,331,368 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2009/11/16 11:33:38 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/03/26 14:23:46 | 000,044,544 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/03/19 15:34:18 | 000,029,544 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/08/25 00:00:00 | 000,307,456 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2008/07/17 15:46:20 | 000,066,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/06/03 16:30:38 | 000,168,864 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008/06/02 10:44:16 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/06/02 10:44:14 | 001,374,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/05/21 13:14:06 | 007,897,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 80 E1 0E 63 DE C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.2.0.1073
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/17 13:07:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/05 20:18:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/05 20:18:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/01/16 20:05:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/16 10:22:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/16 10:22:31 | 000,000,000 | ---D | M]

[2010/03/10 18:41:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonino\AppData\Roaming\Mozilla\Extensions
[2011/01/23 19:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\extensions
[2010/03/10 20:00:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/15 08:02:54 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
[2011/01/15 17:11:59 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\extensions\vshareus@toolbar
[2010/09/28 22:39:14 | 000,002,333 | ---- | M] () -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\searchplugins\askcom.xml
[2011/01/15 08:02:31 | 000,001,919 | ---- | M] () -- C:\Users\Antonino\AppData\Roaming\Mozilla\Firefox\Profiles\d8q8tsnt.default\searchplugins\bing-zugo.xml
[2010/12/17 11:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/17 11:49:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5

here is #2:

[2011/01/22 13:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/01/22 13:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2011/01/17 17:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/01/16 20:05:18 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/01/16 20:05:17 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/01/16 20:05:17 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/01/16 20:05:13 | 000,075,336 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2011/01/16 20:05:13 | 000,065,072 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2011/01/16 20:05:13 | 000,041,888 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2011/01/16 19:48:19 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/01/16 19:48:19 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/01/16 19:48:15 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/01/16 19:48:15 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/01/16 19:48:06 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/01/16 19:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/01/16 19:47:53 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/01/16 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/01/16 19:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/01/16 19:47:24 | 000,000,000 | ---D | C] -- C:\Users\Antonino\AppData\Roaming\PC Tools
[2011/01/16 19:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/01/16 19:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/01/16 12:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2011/01/16 12:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/01/16 12:06:53 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/01/16 12:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/01/16 12:02:52 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/01/16 12:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/01/16 12:01:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/01/16 12:01:03 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/01/16 12:01:01 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/01/16 12:01:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/01/16 12:00:04 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/01/16 12:00:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/01/16 11:58:29 | 000,000,000 | ---D | C] -- C:\Users\Antonino\AppData\Local\Windows Live
[2011/01/16 11:57:01 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2011/01/16 11:57:01 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2011/01/16 11:57:01 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2011/01/16 11:56:58 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/01/16 11:56:55 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011/01/16 11:56:55 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/01/16 11:56:55 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011/01/16 11:56:55 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/01/16 11:56:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2011/01/16 11:56:54 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2011/01/16 11:56:54 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/01/16 11:56:54 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2011/01/16 11:56:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011/01/16 11:56:54 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2011/01/16 11:56:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011/01/16 11:56:53 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2011/01/16 11:56:53 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2011/01/16 11:56:53 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2011/01/16 11:56:53 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2011/01/16 11:56:53 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2011/01/16 11:56:53 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2011/01/16 11:56:53 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2011/01/16 11:56:53 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/01/16 11:56:53 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2011/01/16 11:56:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2011/01/16 11:56:53 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011/01/16 11:56:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2011/01/16 11:56:53 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2011/01/16 11:56:52 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2011/01/16 11:56:52 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2011/01/16 11:56:52 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2011/01/16 11:56:52 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2011/01/16 11:56:52 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2011/01/16 11:56:52 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/01/16 11:56:52 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011/01/16 11:56:52 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2011/01/16 11:56:51 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2011/01/16 11:56:51 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/01/16 11:56:51 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2011/01/16 11:56:51 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/01/16 11:56:51 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/01/16 11:56:51 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/01/16 11:56:50 | 001,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2011/01/16 11:56:50 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2011/01/16 11:56:50 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/01/16 11:56:07 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2011/01/16 11:56:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2011/01/16 11:56:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2011/01/16 11:55:57 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2011/01/16 11:55:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2011/01/16 11:55:56 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2011/01/16 11:55:56 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2011/01/16 11:55:56 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011/01/16 11:55:56 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2011/01/16 11:55:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2011/01/16 11:55:56 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2011/01/16 11:55:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2011/01/16 11:55:56 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2011/01/16 11:55:55 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2011/01/16 11:55:55 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2011/01/16 11:55:55 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2011/01/16 11:55:55 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2011/01/16 11:55:55 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2011/01/16 11:55:55 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2011/01/16 11:54:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/01/16 11:54:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2011/01/16 11:54:22 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2011/01/16 11:54:22 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/01/16 11:54:22 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/01/16 11:53:54 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2011/01/16 11:53:54 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2011/01/16 11:49:46 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2011/01/16 11:49:45 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2011/01/16 11:49:36 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2011/01/16 11:49:36 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2011/01/16 11:49:35 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2011/01/16 11:49:34 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2011/01/16 11:02:18 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2011/01/16 11:02:18 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2011/01/16 10:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2011/01/16 10:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2011/01/15 17:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vShare
[2011/01/15 15:23:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2011/01/15 15:23:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2011/01/15 15:23:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2011/01/15 15:23:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2011/01/15 15:23:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2011/01/15 15:23:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2011/01/15 15:01:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/01/15 08:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oovootoolbar
[2011/01/12 05:58:28 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/01/12 05:58:28 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/01/12 05:58:24 | 001,251,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2011/01/09 22:23:19 | 000,000,000 | ---D | C] -- C:\44af428029a9aa89575267c409
[2011/01/07 21:40:20 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011/01/07 21:40:20 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011/01/07 21:40:20 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011/01/07 21:40:20 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011/01/07 21:40:20 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/01/07 21:40:20 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011/01/07 21:40:20 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011/01/07 21:40:20 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011/01/07 21:34:10 | 013,426,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011/01/07 21:34:08 | 010,627,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011/01/07 21:34:06 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011/01/07 21:34:05 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011/01/07 21:33:41 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011/01/07 21:33:37 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/01/07 21:33:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/01/07 21:33:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/01/07 21:33:37 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/01/07 21:33:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/01/07 21:33:36 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/01/07 21:33:36 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/01/07 21:33:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/01/07 21:33:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/01/07 21:33:36 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/01/07 21:33:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/01/07 21:33:35 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/01/07 21:33:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/01/07 21:33:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/01/07 21:33:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/01/07 21:33:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/01/07 21:33:33 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/01/07 21:33:33 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/01/07 21:33:33 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/01/07 21:33:32 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/01/07 21:33:29 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/01/07 21:33:29 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/01/07 21:33:29 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/01/07 21:33:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/01/07 21:33:29 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/01/07 21:33:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/01/07 21:33:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/01/07 21:33:29 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/01/07 21:32:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2011/01/07 21:32:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2011/01/07 21:32:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2011/01/07 21:32:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011/01/07 21:32:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011/01/07 21:32:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011/01/07 21:32:18 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/01/07 21:32:14 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2011/01/07 21:32:13 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011/01/07 21:32:13 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2011/01/07 21:32:13 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2011/01/07 21:32:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011/01/07 21:32:12 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/01/07 21:32:09 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2011/01/07 21:32:09 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2011/01/07 21:32:09 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2011/01/07 21:32:09 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2011/01/07 21:32:06 | 001,915,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011/01/07 21:32:03 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/01/07 21:32:03 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/01/07 21:32:03 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/01/07 21:32:03 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/01/07 21:32:03 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/01/07 21:32:03 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/01/07 21:32:00 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2011/01/07 21:31:59 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2011/01/07 21:31:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2011/01/07 21:31:52 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/01/07 21:31:45 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/01/07 21:31:44 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011/01/07 21:31:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011/01/07 21:31:40 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011/01/07 21:31:40 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011/01/07 21:31:39 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011/01/07 21:31:37 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011/01/07 21:31:37 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011/01/07 21:31:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011/01/07 21:31:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011/01/07 21:21:41 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011/01/07 21:21:41 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011/01/07 21:21:14 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/01/07 21:21:14 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/01/07 21:21:13 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/01/07 21:21:13 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/01/07 21:21:13 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/01/07 21:21:13 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011/01/07 20:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/01/07 20:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/01/07 20:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/01/05 20:18:30 | 000,000,000 | ---D | C] -- C:\Users\Antonino\AppData\Roaming\Local
[2011/01/05 20:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/01/05 20:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

here is the 3rd and final:

========== Files - Modified Within 30 Days ==========

[2011/01/24 16:44:07 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/24 16:44:07 | 000,604,816 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/24 16:44:07 | 000,104,670 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/24 16:43:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/24 16:39:42 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/24 16:38:23 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/24 16:38:23 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/24 16:38:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/22 13:18:28 | 000,002,009 | ---- | M] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/16 23:05:28 | 000,002,079 | ---- | M] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger (2).lnk
[2011/01/16 23:03:51 | 000,002,079 | ---- | M] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger.lnk
[2011/01/16 19:48:36 | 002,491,602 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/01/16 19:47:59 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/01/16 12:20:20 | 000,272,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/01/16 12:17:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/01/16 10:32:17 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2011/01/15 15:04:22 | 000,000,104 | ---- | M] () -- C:\Users\Antonino\Desktop\Recycle Bin - Shortcut.lnk
[2011/01/15 14:21:17 | 000,000,202 | ---- | M] () -- C:\Users\Antonino\Desktop\keepvido.url
[2011/01/15 10:04:01 | 000,005,972 | ---- | M] () -- C:\Users\Antonino\AppData\Local\d3d9caps.dat
[2011/01/14 00:21:46 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2011/01/07 20:32:09 | 000,001,121 | ---- | M] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/01/07 20:32:09 | 000,001,097 | ---- | M] () -- C:\Users\Antonino\Desktop\Spybot - Search & Destroy.lnk
[2011/01/07 14:06:45 | 000,000,822 | ---- | M] () -- C:\Users\Antonino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchosts.exe.LNK
[2011/01/07 14:06:40 | 000,065,536 | ---- | M] () -- C:\Windows\IFinst27.exe
[2011/01/05 20:18:31 | 000,001,421 | ---- | M] () -- C:\Users\Antonino\Desktop\DivX Movies.lnk
[2011/01/05 20:17:44 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/01/05 20:17:18 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/01/04 05:49:00 | 002,573,392 | ---- | M] (AhnLab, Inc.) -- C:\Windows\SysNative\btscan.exe
[2010/12/28 11:08:18 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2010/12/28 10:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll

========== Files Created - No Company Name ==========

[2011/01/22 13:18:28 | 000,002,009 | ---- | C] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/16 23:05:28 | 000,002,079 | ---- | C] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger (2).lnk
[2011/01/16 23:03:51 | 000,002,079 | ---- | C] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger.lnk
[2011/01/16 20:05:19 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/01/16 20:05:18 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip
[2011/01/16 20:05:18 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/01/16 20:05:18 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/01/16 20:05:18 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/01/16 19:48:20 | 002,491,602 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/01/16 19:47:59 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/01/16 19:47:26 | 000,433,336 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistMSI0010.txt
[2011/01/16 19:47:26 | 000,012,290 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistUI0011.txt
[2011/01/16 19:47:25 | 000,013,038 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistUI0010.txt
[2011/01/16 12:17:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/01/16 12:05:53 | 000,001,212 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/01/16 12:05:34 | 000,001,281 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/01/16 12:05:04 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/01/16 12:04:39 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/01/16 10:32:17 | 000,000,954 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/01/16 10:32:17 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2011/01/15 15:04:22 | 000,000,104 | ---- | C] () -- C:\Users\Antonino\Desktop\Recycle Bin - Shortcut.lnk
[2011/01/07 20:32:09 | 000,001,121 | ---- | C] () -- C:\Users\Antonino\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/01/07 20:32:09 | 000,001,097 | ---- | C] () -- C:\Users\Antonino\Desktop\Spybot - Search & Destroy.lnk
[2011/01/07 14:06:45 | 000,000,822 | ---- | C] () -- C:\Users\Antonino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchosts.exe.LNK
[2011/01/07 14:06:40 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011/01/05 20:18:31 | 000,001,421 | ---- | C] () -- C:\Users\Antonino\Desktop\DivX Movies.lnk
[2011/01/05 20:17:44 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/01/05 20:17:18 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/12/17 11:50:10 | 000,439,934 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistMSI6ACA.txt
[2010/12/17 11:50:09 | 000,016,090 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistUI6ACA.txt
[2010/07/28 20:19:49 | 000,441,258 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistMSI19F6.txt
[2010/07/28 20:19:47 | 000,011,698 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistUI19F6.txt
[2010/03/16 07:51:06 | 000,425,018 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistMSI771F.txt
[2010/03/16 07:51:06 | 000,011,458 | ---- | C] () -- C:\Users\Antonino\AppData\Local\dd_vcredistUI771F.txt
[2009/12/03 20:18:41 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 20:17:40 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/16 11:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/10/18 10:17:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/13 10:39:55 | 000,838,537 | ---- | C] () -- C:\Users\Antonino\AppData\Roaming\UserTile.png
[2009/06/20 11:51:49 | 000,014,848 | ---- | C] () -- C:\Users\Antonino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/07 06:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009/05/29 04:35:22 | 000,005,972 | ---- | C] () -- C:\Users\Antonino\AppData\Local\d3d9caps.dat
[2009/05/27 11:43:50 | 000,000,771 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/05/25 18:12:06 | 000,000,732 | ---- | C] () -- C:\Users\Antonino\AppData\Local\d3d9caps64.dat
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== Files - Unicode (All) ==========
[2011/01/07 14:06:45 | 000,000,000 | ---D | M](C:\Program Files (x86)\???????) -- C:\Program Files (x86)\초고속조각모음
[2011/01/07 14:06:45 | 000,000,000 | ---D | M](C:\Program Files (x86)\???????) -- C:\Program Files (x86)\초고속조각모음
[2011/01/07 14:06:44 | 000,000,000 | ---D | C](C:\Program Files (x86)\???????) -- C:\Program Files (x86)\초고속조각모음

========== Alternate Data Streams ==========

@Alternate Data Stream - 214 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

Hello.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5604

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18999

1/25/2011 8:41:54 PM
mbam-log-2011-01-25 (20-41-43).txt

Scan type: Quick scan
Objects scanned: 157124
Time elapsed: 2 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Antonino\favorites\free porn videos, porn tube, free porn, free porno movies, porno, sex.url (Rogue.Link) -> No action taken.

Oh my gosh......I have a black screen with a cursor only.....seems like it boots up normal, this happened during the restart after Male-ware scan found bad file...how can I recover, restore point didn't seem to work...please advise I can only start in safe mode...ahhhah....

Last edited by italia1 on 26th January 2011, 3:36 am; edited 1 time in total (Reason for editing : needed more discription)

Good news....I did a manual reset and i came back to normal...thank God...I am ready for what's next....thanks for your help so far....do you think this was because we removed ...rouge.link?

Hello.
Did you remove what MBAM found? it says no action was taken.

Yes I did......anything else....

The logs look fine, hows the machine running?

Machine is running well.....thank you very much for your patience and kindness to help me, I will buy the book offered to increase my knowledge!!!!