fake antivirus alpha

View previous topic View next topic Go down

fake antivirus alpha

Post by sandy_hagen2001 on Sun Nov 01, 2009 11:03 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:01:52 PM, on 11/1/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5RH2U6M9\winlogon[1].scr
C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Advanced Explorer Editor - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\SysWow64\AdvancedIEupdate.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hȋdden
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [tinySpell] C:\Program Files (x86)\tinySpell\tinyspell.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: PackageCab - [You must be registered and logged in to see this link.]
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - [You must be registered and logged in to see this link.]
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - [You must be registered and logged in to see this link.]
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15079 bytes

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by Belahzur on Mon Nov 02, 2009 12:59 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 3:28 am

Every time I open the malwarebytes antimalware program to scan it closes right away it will not allow me to scan.

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by Belahzur on Mon Nov 02, 2009 9:37 am

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 6:53 pm

OTL Extras logfile created on: 11/2/2009 1:46:17 PM - Run 1
OTL by OldTimer - Version 3.1.3.0 Folder = C:\Users\Dennis\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 41.48% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 227.52 Gb Free Space | 79.83% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENNIS-PC
Current User Name: Dennis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\Wscript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\Wscript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 8E FE D4 64 C9 54 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 
"FirstRunDisabled" = 
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019A3175-3095-46C1-BDEF-6331FBE5CD25}" = lport=2869 | protocol=6 | dir=in | app=system |
"{17F744ED-900E-48EA-8C84-BB8947472635}" = rport=138 | protocol=17 | dir=out | app=system |
"{30166050-BCB7-49FA-9F00-10E5F410DFC1}" = rport=139 | protocol=6 | dir=out | app=system |
"{3181CB27-1AB3-4C3A-AF30-A07F7935D52F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35C64C35-6F2C-4E40-B17B-1BFCEE82539A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{52FF3880-E0EE-491E-9FFE-CA8DA9E7E8EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{763305F5-35CD-4F47-B17B-CE0CE9812D2D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{917D563C-ECAC-4948-A96B-9F8F80EE14D8}" = lport=137 | protocol=17 | dir=in | app=system |
"{94A9EEE9-74D5-4C56-B658-30C842849D07}" = lport=138 | protocol=17 | dir=in | app=system |
"{C00F7210-DD0D-4ED9-832C-320A8B31F471}" = lport=139 | protocol=6 | dir=in | app=system |
"{C35D7176-FA69-47CE-BD9D-4F752824EE4A}" = lport=445 | protocol=6 | dir=in | app=system |
"{DAB783FB-2F2B-468F-BF1C-C75317E4D6FF}" = rport=445 | protocol=6 | dir=out | app=system |
"{FEFE4668-6707-483C-9A33-990D3118D3CF}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0365773B-E07B-4B1D-BC4D-B76F689A8F60}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{0BF3239C-F9C0-47EB-8A2C-4D96B4736E98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{0D50244B-06EE-4BDB-9E39-F09B0323C6D5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1A771202-7585-4C9C-B33E-D3E4C2027622}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{1FE2027F-C109-4E0B-9C38-BF97C9FDC93C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{39C57EC8-B9AA-49BD-9A20-F427A9187E48}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{51F2D2C3-058B-4A87-8420-29A44FFD3633}" = dir=in | app=e:\setup\hpznui40.exe |
"{5289633D-D1EB-4FA3-AEB7-782F3B0A52FE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{5757CB54-A6D9-4D43-82D2-CCCA4F4DD27D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{5C9355D9-F635-4593-97CD-2062465C0052}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{5F041A55-C109-4CB5-B8A3-074D129D0F9B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{614AF644-818A-4BE2-8502-A0D55A3C6312}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{62523BE7-D407-4909-A60F-CDF0797144C4}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{6CB98077-3110-4BE5-B3F1-0F1FADFF2C33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{757D990D-74E1-4526-AF01-B6C954C2B3AC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{7AD9BC0E-5DBF-41B2-91DE-9AF61043CA09}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{836D2432-D2AD-4DEC-AFB3-3F986F231681}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{8501FC1A-15DA-40DA-8E47-86B8F5234CC2}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{89515D67-BD0D-498A-B3C0-EAB5E74F9E49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{8C2B85EA-C1B4-4B60-AB1F-873B72F0FC11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9074E19F-A1B6-4352-943B-0DE7254492EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96857A24-C825-40B1-8F85-A883E37B4574}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{97A9EA64-E5EE-4234-8759-3196D43EF86D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9A6FCDD6-F702-4B80-A415-165C51777598}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{9B2185B7-0657-4364-A3A6-6AF75B8EE58D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{A004D435-7479-4468-AEDB-D6E9D4B22BCF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{AF7A57F3-A454-46FE-BA07-32CFD9174351}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{C14D30D6-14FC-4D4B-A751-DC3C46F0772A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{C610362B-7EC2-47E9-8CC5-B0CC2EF91A50}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{C9AA9E61-35D6-4C83-B15D-55D04EC23227}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CC953F42-3359-4D58-8390-C173BD801189}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{DDBFA9EC-D21E-4B5C-A156-DC3D901DD77A}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{E5AE7BF7-B47D-459A-80E4-17CE6FAE0057}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F08EF844-F4E5-4D3B-BD6A-78C9D42BB9B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F876FEB3-5CAE-4AEE-86F8-9DA0A3861107}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{F9DC0E8E-AB2B-4FCD-9023-F7B56711C988}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{FE005D68-7AFD-45BF-B02D-FC5F69D6E39F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B87BB2A8-5921-9B18-BBB5-D9A42F9CD3E1}" = ccc-utility64
"{C6CFAF5A-12F9-485E-EAD7-7FA1D3E5B943}" = ATI Catalyst Install Manager
"{C8732DC3-1736-44b2-B741-2D636DE58605}" = HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDEDFD63-E430-4b0c-8D61-5E4E7280F027}" = Network64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002471C5-6F62-D6CD-D6E5-A0F20F079B8B}" = Catalyst Control Center Localization Polish
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03819281-0870-65EE-24B0-A7DEDE9F796A}" = Catalyst Control Center Localization Chinese Traditional
"{04F66470-CEA7-BF9A-1885-8E1A3474825A}" = CCC Help Danish
"{08062F2F-926A-D7EC-57E9-AB97AA0D7FDA}" = CCC Help Finnish
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0CAB8CDF-232E-F28F-A017-B388F41FACCB}" = CCC Help Portuguese
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{150FE68F-EE0C-4867-150A-D74FECBB8448}" = Catalyst Control Center Graphics Light
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2680244D-0FBA-4856-EBE3-9D67E61EB46F}" = Catalyst Control Center Localization Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2BDFE775-48C0-3E1C-895C-DACC33CC52F0}" = Catalyst Control Center Localization Greek
"{2DAD2930-DFC1-AD0F-E63D-B3E95451CD68}" = CCC Help Greek
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2F59397E-50B1-3CA6-2F8C-03773D40BE3B}" = Catalyst Control Center Graphics Full New
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32622F02-640A-4335-86FF-557325DC39D4}" = PS_AIO_04_C6300_Software_Min
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{35CC44E6-5916-89DC-16B6-7ADE609211CE}" = Catalyst Control Center Localization Finnish
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3A9C19FE-D61C-50DA-6FAF-7FB941B538A0}" = Catalyst Control Center Localization French
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BAB23A6-5272-F52D-1AF0-29419F1362B4}" = Catalyst Control Center Localization Italian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{445F6483-40DC-61B5-849D-35274D96DBA3}" = Catalyst Control Center Localization Czech
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4A239818-F5F7-7AE8-9FD3-08F435ED88D0}" = Skins
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4C17CE6E-4838-819F-01BE-7EEE6181914A}" = Catalyst Control Center Localization Norwegian
"{4C4EA31F-AE29-2517-5E92-3EFB1FD7B896}" = CCC Help Hungarian
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{527CF1CA-D98B-504D-833B-69DA9A8A5AD6}" = CCC Help Czech
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5B99A0A7-0B21-2CD6-474D-8D67177BD4D6}" = Catalyst Control Center Localization Dutch
"{5CFE0191-1ECE-7BD5-8AEF-069ED59A01BB}" = Catalyst Control Center Localization Korean
"{6244BAF3-F26D-A695-1EF6-D9A3C0A6DAA1}" = Catalyst Control Center Graphics Previews Common
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6570A194-A52D-9F23-EA48-90D7C6F20BE9}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{666F0B45-78DA-FAA3-AB14-43CAEEA3D475}" = Catalyst Control Center Localization Russian
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66B6555E-07BF-3FCB-191F-BCD75650F1F2}" = CCC Help Italian
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{67F6A6BA-E225-4BF5-8E7C-BB4AE25EDCBC}" = Catalyst Control Center InstallProxy
"{69E1907C-E9EA-7A5A-79ED-47FF2B5BFDFB}" = Catalyst Control Center Localization Danish
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{75D0438A-55FB-DD38-0745-5D370179CAC7}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{793C0C7E-7977-C9B5-B427-FDF95F2D1636}" = Catalyst Control Center Localization Hungarian
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{7BD42C12-74D1-4804-B24D-D21E25D4E3CF}" = PS_AIO_04_C6300_ProductContext
"{7CA1269D-86E6-91A8-DD66-9CF6838821BF}" = Catalyst Control Center Localization Portuguese
"{812C53D9-39EC-0511-04E4-5430A4747FB5}" = CCC Help German
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{99832252-D489-4276-B961-6D505CF0AFAA}" = PS_AIO_04_C6300_Software
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9EDC4EA1-558A-4297-9BCB-F36E572E6B1D}" = C6300_Help
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A1940302-F0F9-132F-C521-A5D0E24FAC1D}" = CCC Help Thai
"{A2315CF8-E14F-FA46-B1F1-20E0E5483ADB}" = Catalyst Control Center Localization Thai
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A8411EDB-6A00-8D1A-584B-7A932F44A0C9}" = CCC Help Japanese
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5CD4CF-3802-623E-AD97-D188785EF411}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B9275904-9237-94A3-2144-E3D6A62B57E9}" = CCC Help Turkish
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C48EB957-0CCB-D590-AB3F-B3F8A14ECC2F}" = Catalyst Control Center Graphics Full Existing
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CBA7FD59-19A7-5724-5646-CF307326CC18}" = Catalyst Control Center Core Implementation
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CC7A4274-E6F2-2351-DA6A-07AB73896609}" = CCC Help Norwegian
"{CD7D2C01-F3C8-4127-325D-49853FCCDB62}" = Catalyst Control Center Localization German
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1E7EA15-5F96-728C-AF32-E1CFF8F9CE44}" = CCC Help Swedish
"{D4250558-4DE6-4342-8865-D397FD66076B}" = C6300
"{D47419B2-62BD-6B53-A96F-7E2F6F3D50C0}" = Catalyst Control Center Localization Turkish
"{D62C79B5-44E0-DEC0-AF01-6A1404E093E9}" = CCC Help Spanish
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E12F2B78-CF64-2438-391F-3D3411A6E193}" = CCC Help English
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E5C3A144-0F9B-8F3E-F1A3-2BB7B26014A6}" = ccc-core-static
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{E8B11A27-5CA6-748E-0F68-159CCF789DF3}" = CCC Help Dutch
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED65A382-3F80-D5A8-CCE0-DAB59D85CA91}" = CCC Help Russian
"{EDBB71B2-3C17-4EA5-ED91-E2EA5C2305CF}" = CCC Help Korean
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F250EA7A-F117-2CCE-03E7-BB62C2BF476C}" = Catalyst Control Center Graphics Previews Vista
"{F38CC586-4703-CE3C-F466-D7821E87926A}" = Catalyst Control Center Localization Chinese Standard
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F62F62BD-E5C5-56E3-6CF6-00407B743E32}" = CCC Help Chinese Traditional
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAF7448B-7AB8-8C58-745E-1551CB481C3D}" = CCC Help Chinese Standard
"{FDE3DBB7-AA79-AA91-ABE9-3696883FAB20}" = Catalyst Control Center Localization Japanese
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"N360" = Norton 360
"tinySpell_is1" = tinySpell 1.8.010
"Tux Paint_is1" = Tux Paint 0.9.21
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AlphaAV" = Alpha Antivirus

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 6:59 pm

OTL logfile created on: 11/2/2009 1:46:17 PM - Run 1
OTL by OldTimer - Version 3.1.3.0 Folder = C:\Users\Dennis\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 41.48% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 227.52 Gb Free Space | 79.83% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENNIS-PC
Current User Name: Dennis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/02 13:45:58 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/07/17 22:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/02/09 17:14:02 | 00,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/03 08:15:18 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/25 16:41:20 | 00,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/25 16:41:16 | 01,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/12/02 21:28:22 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/28 21:04:26 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/28 21:04:26 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/19 12:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/22 13:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/10/10 15:24:44 | 00,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008/08/28 23:09:08 | 00,133,648 | ---- | M] (Microsoft Corp.) -- c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe
PRC - [2008/06/09 13:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/06/09 13:16:32 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/25 20:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 20:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe


========== Modules (SafeList) ==========

MOD - [2009/11/02 13:45:58 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
MOD - [2009/07/17 08:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/04/11 01:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/04/11 01:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/04/11 01:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 21:52:09 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/24 20:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- 64bit-(FontCache)
SRV:64bit: - [2009/04/11 02:11:13 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- 64bit-(BthServ)
SRV:64bit: - [2008/12/10 09:04:58 | 00,935,424 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\Ati2evxx.exe -- 64bit-(Ati External Event Utility)
SRV:64bit: - [2008/09/26 14:13:54 | 00,279,040 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- 64bit-(STacSV)
SRV:64bit: - [2008/09/26 14:13:24 | 00,089,088 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- 64bit-(AESTFilters)
SRV:64bit: - [2008/03/18 19:25:40 | 00,023,040 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\Hpservice.exe -- 64bit-(hpsrv)
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- 64bit-(WMPNetworkSvc)
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- 64bit-(WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 00,015,872 | ---- | M] (Agere Systems) -- C:\Windows\SysNative\agr64svc.exe -- 64bit-(AgereModemAudio)
SRV - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/07/16 18:16:44 | 00,250,616 | ---- | M] (WildTangent, Inc.) -- C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 23:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/02/18 13:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 13:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/02/09 17:14:02 | 00,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2008/12/02 21:28:22 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/19 12:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008/10/09 10:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
SRV - [2008/06/09 13:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:23:58 | 00,894,976 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 06:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/09/14 04:16:04 | 00,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- 64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running]
DRV:64bit: - [2009/09/14 04:15:13 | 00,034,152 | R--- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,583,296 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\ccHPx64.sys -- 64bit-(ccHP) Symantec Hash Provider [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,476,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SRTSP64.SYS -- 64bit-(SRTSP) Symantec Real Time Storage Protection x64 [File_System | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,402,992 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SYMEFA64.SYS -- 64bit-(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,334,384 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\BHDrvx64.sys -- 64bit-(BHDrvx64) Symantec Heuristics Driver [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,278,576 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMTDI.SYS -- 64bit-(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,120,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMFW.SYS -- 64bit-(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,056,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMNDISV.SYS -- 64bit-(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SRTSPX64.SYS -- 64bit-(SRTSPX) Symantec Real Time Storage Protection (PEL) x64 [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,031,280 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- 64bit-(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running]
DRV:64bit: - [2009/04/11 00:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- 64bit-(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running]
DRV:64bit: - [2009/01/19 23:57:37 | 00,694,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\BTHport.sys -- 64bit-(BTHPORT) Bluetooth Port Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- 64bit-(RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- 64bit-(BTHUSB) Bluetooth Radio USB Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- 64bit-(BthEnum) Bluetooth Request Block Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/12/10 10:31:26 | 04,993,024 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running]
DRV:64bit: - [2008/10/27 20:40:02 | 01,164,288 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\DRIVERS\athrx.sys -- 64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/09/26 14:14:14 | 00,465,408 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- 64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running]
DRV:64bit: - [2008/07/21 05:53:04 | 00,145,496 | ---- | M] (JMicron Technology Corporation) -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- 64bit-(JMCR) JMCR [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/05/28 16:54:18 | 00,026,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- 64bit-(usbfilter) AMD USB Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/04/28 00:25:06 | 00,016,400 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- 64bit-(AtiPcie) ATI PCI Express (3GIO) Filter [Kernel | Boot | Running]
DRV:64bit: - [2008/03/27 15:10:56 | 00,026,984 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- 64bit-(hpdskflt) HP Filter [Kernel | Boot | Running]
DRV:64bit: - [2008/03/27 15:10:14 | 00,040,296 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- 64bit-(Accelerometer) HP Accelerometer [Kernel | On_Demand | Running]
DRV:64bit: - [2008/02/29 18:59:32 | 01,252,352 | ---- | M] (Agere Systems) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- 64bit-(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running]
DRV:64bit: - [2008/02/14 09:56:14 | 00,160,768 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- 64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/24 08:24:24 | 00,060,928 | ---- | M] (ENE TECHNOLOGY INC.) -- C:\Windows\SysNative\DRIVERS\enecir.sys -- 64bit-(enecir) ENE CIR Receiver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\usbvideo.sys -- 64bit-(usbvideo) USB Video Device (WDM) [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:25 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\serscan.sys -- 64bit-(StillCam) Still Serial Digital Camera Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:02 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- 64bit-(BthPan) Bluetooth Device (Personal Area Network) [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:57 | 03,154,432 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- 64bit-(NETw3v64) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:55 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- 64bit-(sdbus) sdbus [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- 64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/18 06:31:30 | 00,320,560 | ---- | M] (Synaptics, Inc.) -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- 64bit-(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2007/06/18 19:13:12 | 00,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- 64bit-(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2006/10/03 20:45:36 | 00,273,408 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- 64bit-(yukonx64) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Stopped]
DRV - [2009/10/28 17:37:21 | 00,466,992 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091028.004\IDSviA64.sys -- (IDSVia64) IDSVia64 [Kernel | System | Running]
DRV - [2009/09/11 16:50:48 | 01,742,896 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091102.003\EX64.SYS -- (NAVEX15) NAVEX15 [Kernel | On_Demand | Running]
DRV - [2009/09/11 16:50:48 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running]
DRV - [2009/09/11 16:50:48 | 00,132,656 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running]
DRV - [2009/09/11 16:50:48 | 00,116,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091102.003\ENG64.SYS -- (NAVENG) NAVENG [Kernel | On_Demand | Running]
DRV - [2008/11/28 21:04:24 | 00,146,928 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) Power Control [2009/02/26 05:35:27] [Kernel | Auto | Running]
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running]
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running]


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 02:01:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/04/01 19:01:21 | 00,000,000 | ---D | M]


O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (&Advanced Explorer Editor) - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\SysWOW64\AdvancedIEupdate.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [tinySpell] C:\Program Files (x86)\tinySpell\tinyspell.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr =
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:00 pm

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} [You must be registered and logged in to see this link.] (FixItClient Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} [You must be registered and logged in to see this link.] (Groove Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} [You must be registered and logged in to see this link.] (Creative Toolbox Plug-in)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} [You must be registered and logged in to see this link.] (Virtools WebPlayer Class)
O16 - DPF: PackageCab [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c09c4d6c-af7b-11de-8b5b-00235a2fe768}\Shell - "" = AutoRun
O33 - MountPoints2\{c09c4d6c-af7b-11de-8b5b-00235a2fe768}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:00 pm

========== Files/Folders - Created Within 30 Days ==========

[2009/11/02 13:45:58 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2009/11/01 22:22:38 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/11/01 22:22:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/11/01 17:35:12 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009/11/01 17:35:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2009/11/01 17:35:10 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/11/01 17:31:43 | 00,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2009/11/01 17:31:43 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winspool.drv
[2009/11/01 17:31:42 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2009/11/01 17:31:42 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2009/11/01 17:31:22 | 00,893,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/11/01 17:31:22 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2009/11/01 17:31:16 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2009/11/01 17:31:16 | 00,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2009/11/01 17:31:16 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2009/11/01 17:31:16 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2009/11/01 17:31:16 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009/11/01 17:31:16 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009/11/01 17:31:15 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2009/11/01 17:31:15 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009/11/01 17:31:15 | 00,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2009/11/01 17:31:15 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2009/11/01 17:31:15 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2009/11/01 17:31:15 | 00,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009/11/01 17:31:15 | 00,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2009/11/01 17:31:15 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009/11/01 17:31:15 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2009/11/01 17:31:15 | 00,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2009/11/01 17:31:15 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2009/11/01 17:31:15 | 00,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009/11/01 17:31:15 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2009/11/01 17:31:15 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2009/11/01 17:31:15 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2009/11/01 17:31:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2009/11/01 17:31:14 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2009/11/01 17:31:14 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009/11/01 17:31:14 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2009/11/01 17:31:14 | 00,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2009/11/01 17:31:14 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2009/11/01 17:31:14 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2009/11/01 17:31:14 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2009/11/01 17:31:14 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2009/11/01 17:31:14 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2009/11/01 17:31:14 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2009/11/01 17:31:14 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2009/11/01 17:31:14 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2009/11/01 17:31:13 | 03,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2009/11/01 17:31:13 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2009/11/01 17:31:13 | 01,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2009/11/01 17:31:13 | 01,142,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll
[2009/11/01 17:31:13 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2009/11/01 17:31:13 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2009/11/01 17:31:12 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2009/11/01 17:31:12 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2009/11/01 17:31:12 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2009/11/01 17:28:31 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2009/11/01 17:28:31 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2009/11/01 17:28:30 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdbusenum.dll
[2009/11/01 17:28:30 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2009/11/01 17:28:14 | 02,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2009/11/01 17:28:14 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2009/11/01 17:28:13 | 02,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2009/11/01 17:28:13 | 00,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2009/11/01 17:28:13 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2009/11/01 17:28:13 | 00,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2009/11/01 17:28:13 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2009/11/01 17:28:13 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2009/11/01 17:28:13 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2009/11/01 17:28:13 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2009/11/01 17:28:13 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2009/11/01 17:28:13 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2009/11/01 17:28:13 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2009/11/01 17:28:13 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2009/11/01 17:28:13 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShServiceObj.dll
[2009/11/01 17:28:13 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2009/11/01 17:28:12 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2009/11/01 17:25:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2009/11/01 17:25:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2009/11/01 17:25:35 | 00,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2009/11/01 17:25:35 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2009/11/01 17:25:35 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2009/11/01 17:25:35 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2009/11/01 17:14:08 | 00,000,000 | ---D | C] -- C:\Users\Dennis\Documents\JavaRa[1]

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:01 pm

[2009/10/30 21:12:40 | 00,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes
[2009/10/30 21:12:29 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/30 21:12:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/30 21:12:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/30 18:47:20 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2009/10/30 17:05:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AlphaAVUninstall
[2009/10/30 17:05:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AlphaAV
[2009/10/29 02:01:33 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2009/10/29 02:01:33 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2009/10/29 02:01:12 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2009/10/29 02:01:11 | 03,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2009/10/29 02:01:11 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2009/10/29 02:01:10 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2009/10/28 03:39:50 | 10,626,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/10/28 03:39:49 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2009/10/28 03:39:49 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2009/10/28 03:39:47 | 13,428,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/10/28 03:39:44 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/10/28 03:39:44 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/10/27 07:09:26 | 02,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2009/10/27 07:09:26 | 02,424,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2009/10/27 07:09:26 | 00,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2009/10/27 07:09:26 | 00,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2009/10/27 07:08:37 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2009/10/27 07:08:37 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/10/27 07:08:37 | 00,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2009/10/27 07:08:36 | 00,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2009/10/27 07:08:36 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/10/27 07:08:36 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/10/27 07:08:17 | 00,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2009/10/27 07:08:17 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/10/27 07:08:17 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2009/10/27 07:08:17 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/10/24 23:05:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TuxPaint
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2009/10/24 11:34:51 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2009/10/24 08:09:21 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2009/10/23 22:13:49 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/10/23 22:13:49 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/10/22 23:06:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2009/10/20 21:03:23 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009/10/20 21:03:23 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009/10/20 21:03:17 | 02,582,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLsvc.exe
[2009/10/20 21:03:17 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2009/10/20 21:03:16 | 02,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2009/10/20 21:03:16 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2009/10/20 21:03:14 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009/10/20 21:03:14 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009/10/20 21:03:11 | 02,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2009/10/20 21:03:11 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2009/10/20 21:03:11 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:01 pm

[2009/10/20 21:03:11 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2009/10/20 21:03:11 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2009/10/20 21:03:10 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2009/10/20 21:03:10 | 00,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2009/10/20 21:03:07 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009/10/20 21:03:03 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2009/10/20 21:03:02 | 02,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2009/10/20 21:03:02 | 01,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2009/10/20 21:03:02 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2009/10/20 21:03:02 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2009/10/20 21:03:01 | 01,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2009/10/20 21:03:01 | 01,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009/10/20 21:03:01 | 00,948,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys
[2009/10/20 21:03:01 | 00,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2009/10/20 21:03:00 | 01,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2009/10/20 21:02:59 | 00,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2009/10/20 21:02:58 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2009/10/20 21:02:57 | 03,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2009/10/20 21:02:57 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009/10/20 21:02:56 | 00,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmain.dll
[2009/10/20 21:02:55 | 01,515,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys
[2009/10/20 21:02:55 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009/10/20 21:02:54 | 12,897,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2009/10/20 21:02:52 | 01,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2009/10/20 21:02:52 | 00,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2009/10/20 21:02:52 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2009/10/20 21:02:51 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2009/10/20 21:02:50 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2009/10/20 21:02:50 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2009/10/20 21:02:50 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2009/10/20 21:02:48 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2009/10/20 21:02:47 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2009/10/20 21:02:46 | 01,804,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2009/10/20 21:02:46 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2009/10/20 21:02:45 | 03,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2009/10/20 21:02:43 | 00,836,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\p2psvc.dll
[2009/10/20 21:02:43 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009/10/20 21:02:43 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009/10/20 21:02:41 | 01,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2009/10/20 21:02:41 | 01,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2009/10/20 21:02:40 | 02,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2009/10/20 21:02:40 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2009/10/20 21:02:40 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:02 pm

[2009/10/20 21:02:39 | 01,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2009/10/20 21:02:38 | 02,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2009/10/20 21:02:37 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2009/10/20 21:02:37 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchIndexer.exe
[2009/10/20 21:02:37 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2009/10/20 21:02:37 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2009/10/20 21:02:33 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2009/10/20 21:02:33 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2009/10/20 21:02:32 | 01,915,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2009/10/20 21:02:32 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2009/10/20 21:02:32 | 00,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2009/10/20 21:02:31 | 03,433,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfsr.exe
[2009/10/20 21:02:31 | 00,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2009/10/20 21:02:31 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2009/10/20 21:02:30 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shell32.dll
[2009/10/20 21:02:30 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2009/10/20 21:02:29 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p2psvc.dll
[2009/10/20 21:02:29 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe
[2009/10/20 21:02:29 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2009/10/20 21:02:29 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2009/10/20 21:02:28 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009/10/20 21:02:28 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2009/10/20 21:02:28 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2009/10/20 21:02:28 | 00,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2009/10/20 21:02:27 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2009/10/20 21:02:26 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2009/10/20 21:02:25 | 00,858,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kernel32.dll
[2009/10/20 21:02:25 | 00,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys
[2009/10/20 21:02:25 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2009/10/20 21:02:25 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscoree.dll
[2009/10/20 21:02:24 | 01,165,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntdll.dll
[2009/10/20 21:02:24 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2009/10/20 21:02:24 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009/10/20 21:02:24 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009/10/20 21:02:24 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2009/10/20 21:02:23 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2009/10/20 21:02:23 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009/10/20 21:02:22 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2009/10/20 21:02:22 | 00,403,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscoree.dll
[2009/10/20 21:02:21 | 00,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2009/10/20 21:02:21 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2009/10/20 21:02:20 | 03,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2009/10/20 21:02:20 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2009/10/20 21:02:19 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2009/10/20 21:02:19 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2009/10/20 21:02:19 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2009/10/20 21:02:18 | 00,606,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:03 pm

[2009/10/20 21:02:18 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009/10/20 21:02:17 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2009/10/20 21:02:16 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2009/10/20 21:02:15 | 01,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2009/10/20 21:02:15 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2009/10/20 21:02:15 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009/10/20 21:02:14 | 01,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2009/10/20 21:02:14 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2009/10/20 21:02:14 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009/10/20 21:02:14 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLC.dll
[2009/10/20 21:02:13 | 01,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2009/10/20 21:02:13 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2009/10/20 21:02:13 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2009/10/20 21:02:12 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2009/10/20 21:02:12 | 01,491,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtsvc.dll
[2009/10/20 21:02:12 | 00,581,632 | ---- | C] (Microsoft) -- C:\Windows\SysNative\IasMigPlugin.dll
[2009/10/20 21:02:11 | 01,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2009/10/20 21:02:11 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6.dll
[2009/10/20 21:02:11 | 00,738,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys
[2009/10/20 21:02:11 | 00,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2009/10/20 21:02:11 | 00,049,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009/10/20 21:02:10 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2009/10/20 21:02:10 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009/10/20 21:02:10 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2009/10/20 21:02:10 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2009/10/20 21:02:09 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2009/10/20 21:02:09 | 01,081,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qmgr.dll
[2009/10/20 21:02:09 | 01,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2009/10/20 21:02:08 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2009/10/20 21:02:08 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user32.dll
[2009/10/20 21:02:08 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2009/10/20 21:02:08 | 00,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2009/10/20 21:02:08 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2009/10/20 21:02:08 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorShell.dll
[2009/10/20 21:02:08 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2009/10/20 21:02:07 | 01,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2009/10/20 21:02:07 | 01,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2009/10/20 21:02:07 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2009/10/20 21:02:06 | 01,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2009/10/20 21:02:06 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ole32.dll
[2009/10/20 21:02:06 | 01,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2009/10/20 21:02:06 | 00,719,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcss.dll
[2009/10/20 21:02:06 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IasMigReader.exe
[2009/10/20 21:02:06 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2009/10/20 21:02:05 | 03,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/10/20 21:02:04 | 01,733,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2009/10/20 21:02:04 | 01,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:03 pm

[2009/10/20 21:02:04 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3.dll
[2009/10/20 21:02:04 | 00,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2009/10/20 21:02:04 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2009/10/20 21:02:03 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2009/10/20 21:02:03 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2009/10/20 21:02:02 | 01,433,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VSSVC.exe
[2009/10/20 21:02:02 | 01,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2009/10/20 21:02:02 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32.dll
[2009/10/20 21:02:02 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2009/10/20 21:02:02 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2009/10/20 21:02:02 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2009/10/20 21:02:01 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2009/10/20 21:02:01 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2009/10/20 21:02:01 | 01,650,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browseui.dll
[2009/10/20 21:02:01 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2009/10/20 21:02:01 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\IasMigPlugin.dll
[2009/10/20 21:02:00 | 01,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2009/10/20 21:02:00 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2009/10/20 21:02:00 | 00,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys
[2009/10/20 21:01:59 | 01,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2009/10/20 21:01:59 | 00,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009/10/20 21:01:59 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2009/10/20 21:01:58 | 01,092,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmSvc.dll
[2009/10/20 21:01:57 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009/10/20 21:01:57 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2009/10/20 21:01:57 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchFilterHost.exe
[2009/10/20 21:01:56 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2009/10/20 21:01:56 | 00,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2009/10/20 21:01:56 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchProtocolHost.exe
[2009/10/20 21:01:55 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009/10/20 21:01:55 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrecst.dll
[2009/10/20 21:01:55 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2009/10/20 21:01:54 | 02,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2009/10/20 21:01:54 | 00,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2009/10/20 21:01:54 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009/10/20 21:01:54 | 00,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2009/10/20 21:01:53 | 02,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2009/10/20 21:01:53 | 00,843,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedsvc.dll
[2009/10/20 21:01:53 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2009/10/20 21:01:52 | 01,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2009/10/20 21:01:52 | 01,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2009/10/20 21:01:52 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2009/10/20 21:01:52 | 00,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiosrv.dll
[2009/10/20 21:01:52 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\es.dll
[2009/10/20 21:01:52 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2009/10/20 21:01:51 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2009/10/20 21:01:51 | 00,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:04 pm

[2009/10/20 21:01:51 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2009/10/20 21:01:51 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2009/10/20 21:01:51 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009/10/20 21:01:51 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2009/10/20 21:01:51 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2009/10/20 21:01:50 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2009/10/20 21:01:50 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2009/10/20 21:01:50 | 00,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2009/10/20 21:01:50 | 00,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2009/10/20 21:01:50 | 00,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2009/10/20 21:01:50 | 00,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2009/10/20 21:01:50 | 00,275,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys
[2009/10/20 21:01:50 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\es.dll
[2009/10/20 21:01:49 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advapi32.dll
[2009/10/20 21:01:49 | 00,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2009/10/20 21:01:49 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2009/10/20 21:01:49 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2009/10/20 21:01:49 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2009/10/20 21:01:48 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2009/10/20 21:01:48 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebClnt.dll
[2009/10/20 21:01:48 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2009/10/20 21:01:48 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2009/10/20 21:01:48 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2009/10/20 21:01:48 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2009/10/20 21:01:47 | 00,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2009/10/20 21:01:47 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2009/10/20 21:01:47 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2009/10/20 21:01:46 | 01,570,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2009/10/20 21:01:46 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2009/10/20 21:01:46 | 00,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2009/10/20 21:01:46 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2009/10/20 21:01:46 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2009/10/20 21:01:46 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2009/10/20 21:01:45 | 01,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2009/10/20 21:01:45 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vssapi.dll
[2009/10/20 21:01:45 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2009/10/20 21:01:44 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys
[2009/10/20 21:01:44 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2009/10/20 21:01:44 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2009/10/20 21:01:43 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2009/10/20 21:01:43 | 00,581,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcncsvc.dll
[2009/10/20 21:01:42 | 01,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2009/10/20 21:01:42 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2009/10/20 21:01:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2009/10/20 21:01:41 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2009/10/20 21:01:41 | 01,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2009/10/20 21:01:40 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:04 pm

[2009/10/20 21:01:40 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2009/10/20 21:01:40 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32time.dll
[2009/10/20 21:01:40 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009/10/20 21:01:40 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll
[2009/10/20 21:01:40 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2009/10/20 21:01:39 | 00,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2009/10/20 21:01:39 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2009/10/20 21:01:39 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009/10/20 21:01:39 | 00,354,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2009/10/20 21:01:39 | 00,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2009/10/20 21:01:39 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolsv.exe
[2009/10/20 21:01:39 | 00,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2009/10/20 21:01:38 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2009/10/20 21:01:38 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propsys.dll
[2009/10/20 21:01:38 | 00,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpsvc.dll
[2009/10/20 21:01:38 | 00,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2009/10/20 21:01:38 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys
[2009/10/20 21:01:38 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2009/10/20 21:01:38 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2009/10/20 21:01:38 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009/10/20 21:01:37 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/10/20 21:01:37 | 01,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2009/10/20 21:01:37 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\crypt32.dll
[2009/10/20 21:01:37 | 00,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2009/10/20 21:01:37 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umpnpmgr.dll
[2009/10/20 21:01:36 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupapi.dll
[2009/10/20 21:01:34 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2009/10/20 21:01:33 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2009/10/20 21:01:33 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys
[2009/10/20 21:01:32 | 00,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2009/10/20 21:01:32 | 00,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\swprv.dll
[2009/10/20 21:01:32 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2009/10/20 21:01:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2009/10/20 21:01:31 | 01,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2009/10/20 21:01:31 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2009/10/20 21:01:30 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2009/10/20 21:01:30 | 00,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPSSVC.dll
[2009/10/20 21:01:30 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2009/10/20 21:01:30 | 00,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2009/10/20 21:01:30 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shlwapi.dll
[2009/10/20 21:01:30 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2009/10/20 21:01:29 | 01,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2009/10/20 21:01:29 | 00,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2009/10/20 21:01:29 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2009/10/20 21:01:28 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browseui.dll
[2009/10/20 21:01:28 | 00,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2009/10/20 21:01:28 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassdo.dll
[2009/10/20 21:01:28 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys
[2009/10/20 21:01:28 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:05 pm

[2009/10/20 21:01:27 | 01,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2009/10/20 21:01:27 | 00,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2009/10/20 21:01:27 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2009/10/20 21:01:27 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2009/10/20 21:01:26 | 00,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2009/10/20 21:01:25 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2009/10/20 21:01:25 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2009/10/20 21:01:24 | 02,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2009/10/20 21:01:23 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2009/10/20 21:01:23 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2009/10/20 21:01:23 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2009/10/20 21:01:23 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2009/10/20 21:01:22 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaut32.dll
[2009/10/20 21:01:22 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2009/10/20 21:01:22 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENTRT.DLL
[2009/10/20 21:01:22 | 00,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mswsock.dll
[2009/10/20 21:01:22 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2009/10/20 21:01:21 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2009/10/20 21:01:21 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2009/10/20 21:01:21 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2009/10/20 21:01:21 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2009/10/20 21:01:21 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winhttp.dll
[2009/10/20 21:01:21 | 00,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2009/10/20 21:01:21 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2009/10/20 21:01:20 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctf.dll
[2009/10/20 21:01:20 | 00,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2009/10/20 21:01:20 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxdav.sys
[2009/10/20 21:01:20 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2009/10/20 21:01:19 | 01,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2009/10/20 21:01:19 | 00,679,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcrt.dll
[2009/10/20 21:01:19 | 00,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2009/10/20 21:01:18 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2009/10/20 21:01:18 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\emdmgmt.dll
[2009/10/20 21:01:18 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2009/10/20 21:01:17 | 00,992,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2009/10/20 21:01:17 | 00,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2009/10/20 21:01:17 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2009/10/20 21:01:17 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2009/10/20 21:01:17 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2009/10/20 21:01:17 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2009/10/20 21:01:17 | 00,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2009/10/20 21:01:16 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2009/10/20 21:01:15 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPSECSVC.DLL
[2009/10/20 21:01:15 | 00,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2009/10/20 21:01:14 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2009/10/20 21:01:14 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2009/10/20 21:01:14 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:05 pm

[2009/10/20 21:01:13 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shdocvw.dll
[2009/10/20 21:01:13 | 00,981,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2009/10/20 21:01:13 | 00,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2009/10/20 21:01:12 | 02,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2009/10/20 21:01:12 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2009/10/20 21:01:11 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2009/10/20 21:01:11 | 00,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDApi.dll
[2009/10/20 21:01:11 | 00,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2009/10/20 21:01:11 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasnap.dll
[2009/10/20 21:01:11 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2009/10/20 21:01:09 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2009/10/20 21:01:09 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmSvc.dll
[2009/10/20 21:01:09 | 00,215,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msiscsi.sys
[2009/10/20 21:01:09 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2009/10/20 21:01:09 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2009/10/20 21:01:08 | 01,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2009/10/20 21:01:08 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usp10.dll
[2009/10/20 21:01:07 | 01,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2009/10/20 21:01:06 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2009/10/20 21:01:06 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2009/10/20 21:01:06 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassam.dll
[2009/10/20 21:01:06 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2009/10/20 21:01:06 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll
[2009/10/20 21:01:06 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2009/10/20 21:01:05 | 00,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2009/10/20 21:01:05 | 00,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll
[2009/10/20 21:01:05 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2009/10/20 21:01:05 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2009/10/20 21:01:05 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2009/10/20 21:01:05 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2009/10/20 21:01:05 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2009/10/20 21:01:03 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2009/10/20 21:01:03 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2009/10/20 21:01:03 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wldap32.dll
[2009/10/20 21:01:02 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2009/10/20 21:01:02 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2009/10/20 21:01:02 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds.exe
[2009/10/20 21:01:02 | 00,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2009/10/20 21:01:02 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDApi.dll
[2009/10/20 21:01:02 | 00,269,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volsnap.sys
[2009/10/20 21:01:02 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2009/10/20 21:01:02 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2009/10/20 21:01:01 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\services.exe
[2009/10/20 21:01:01 | 00,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2009/10/20 21:01:01 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2009/10/20 21:01:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:06 pm

[2009/10/20 21:01:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2009/10/20 21:01:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2009/10/20 21:01:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2009/10/20 21:01:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2009/10/20 21:01:01 | 00,073,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\partmgr.sys
[2009/10/20 21:01:01 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2009/10/20 21:01:00 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2009/10/20 21:01:00 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2009/10/20 21:01:00 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.dll
[2009/10/20 21:01:00 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2009/10/20 21:01:00 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2009/10/20 21:01:00 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2009/10/20 21:00:59 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2009/10/20 21:00:59 | 00,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2009/10/20 21:00:59 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcncsvc.dll
[2009/10/20 21:00:58 | 01,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2009/10/20 21:00:58 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2009/10/20 21:00:58 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2009/10/20 21:00:58 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2009/10/20 21:00:58 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2009/10/20 21:00:57 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2009/10/20 21:00:57 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2009/10/20 21:00:57 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmans.dll
[2009/10/20 21:00:57 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskeng.exe
[2009/10/20 21:00:57 | 00,014,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciide.sys
[2009/10/20 21:00:56 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2009/10/20 21:00:56 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2009/10/20 21:00:56 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnsapi.dll
[2009/10/20 21:00:56 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2009/10/20 21:00:56 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasl2tp.sys
[2009/10/20 21:00:56 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2009/10/20 21:00:56 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2009/10/20 21:00:55 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2009/10/20 21:00:55 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2009/10/20 21:00:55 | 00,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaservc.dll
[2009/10/20 21:00:55 | 00,361,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfs.sys
[2009/10/20 21:00:55 | 00,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2009/10/20 21:00:54 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2009/10/20 21:00:54 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2009/10/20 21:00:54 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2009/10/20 21:00:54 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2009/10/20 21:00:54 | 00,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2009/10/20 21:00:54 | 00,123,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2009/10/20 21:00:53 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2009/10/20 21:00:53 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2009/10/20 21:00:53 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspptp.sys
[2009/10/20 21:00:53 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:07 pm

[2009/10/20 21:00:53 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2009/10/20 21:00:52 | 00,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2009/10/20 21:00:52 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2009/10/20 21:00:52 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2009/10/20 21:00:52 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rsaenh.dll
[2009/10/20 21:00:52 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2009/10/20 21:00:52 | 00,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2009/10/20 21:00:52 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiswan.sys
[2009/10/20 21:00:52 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2009/10/20 21:00:52 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2009/10/20 21:00:51 | 00,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2009/10/20 21:00:51 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcomm.dll
[2009/10/20 21:00:51 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netapi32.dll
[2009/10/20 21:00:51 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2009/10/20 21:00:51 | 00,178,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pci.sys
[2009/10/20 21:00:51 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009/10/20 21:00:51 | 00,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msahci.sys
[2009/10/20 21:00:50 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2009/10/20 21:00:50 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptsvc.dll
[2009/10/20 21:00:50 | 00,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msiexec.exe
[2009/10/20 21:00:50 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2009/10/20 21:00:49 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fundisc.dll
[2009/10/20 21:00:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hidserv.dll
[2009/10/20 21:00:48 | 01,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2009/10/20 21:00:48 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2009/10/20 21:00:48 | 00,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrad.dll
[2009/10/20 21:00:48 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc6.dll
[2009/10/20 21:00:48 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2009/10/20 21:00:47 | 00,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2009/10/20 21:00:47 | 00,325,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpi.sys
[2009/10/20 21:00:47 | 00,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2009/10/20 21:00:47 | 00,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2009/10/20 21:00:47 | 00,062,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\termdd.sys
[2009/10/20 21:00:47 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2009/10/20 21:00:47 | 00,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2009/10/20 21:00:46 | 00,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2009/10/20 21:00:46 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2009/10/20 21:00:46 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2009/10/20 21:00:46 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2009/10/20 21:00:46 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2009/10/20 21:00:46 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUINotify.dll
[2009/10/20 21:00:46 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasdatastore.dll
[2009/10/20 21:00:45 | 01,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2009/10/20 21:00:45 | 00,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termsrv.dll
[2009/10/20 21:00:45 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsvcs.dll
[2009/10/20 21:00:45 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2009/10/20 21:00:45 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msiexec.exe

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:07 pm

[2009/10/20 21:00:44 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2009/10/20 21:00:44 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2009/10/20 21:00:44 | 00,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2009/10/20 21:00:43 | 01,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2009/10/20 21:00:43 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2009/10/20 21:00:43 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassdo.dll
[2009/10/20 21:00:43 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2009/10/20 21:00:43 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imm32.dll
[2009/10/20 21:00:43 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2009/10/20 21:00:42 | 02,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2009/10/20 21:00:42 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2009/10/20 21:00:42 | 00,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2009/10/20 21:00:42 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasads.dll
[2009/10/20 21:00:42 | 00,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2009/10/20 21:00:41 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2009/10/20 21:00:41 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc.dll
[2009/10/20 21:00:41 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2009/10/20 21:00:41 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2009/10/20 21:00:41 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2009/10/20 21:00:41 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2009/10/20 21:00:41 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2009/10/20 21:00:40 | 02,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2009/10/20 21:00:40 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2009/10/20 21:00:40 | 00,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2009/10/20 21:00:40 | 00,408,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgrx.sys
[2009/10/20 21:00:40 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2009/10/20 21:00:39 | 01,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2009/10/20 21:00:39 | 01,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2009/10/20 21:00:39 | 00,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2009/10/20 21:00:39 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2009/10/20 21:00:39 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc.dll
[2009/10/20 21:00:39 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2009/10/20 21:00:39 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SCardSvr.dll
[2009/10/20 21:00:39 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2009/10/20 21:00:39 | 00,059,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mup.sys
[2009/10/20 21:00:38 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2009/10/20 21:00:38 | 00,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2009/10/20 21:00:38 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2009/10/20 21:00:38 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2009/10/20 21:00:38 | 00,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2009/10/20 21:00:38 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2009/10/20 21:00:38 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2009/10/20 21:00:38 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2009/10/20 21:00:38 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2009/10/20 21:00:37 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2009/10/20 21:00:37 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2009/10/20 21:00:37 | 00,310,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msrpc.sys

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:08 pm

[2009/10/20 21:00:37 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2009/10/20 21:00:37 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipfltdrv.sys
[2009/10/20 21:00:36 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2009/10/20 21:00:36 | 01,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2009/10/20 21:00:36 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2009/10/20 21:00:36 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winlogon.exe
[2009/10/20 21:00:36 | 00,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2009/10/20 21:00:35 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2009/10/20 21:00:35 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2009/10/20 21:00:34 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2009/10/20 21:00:34 | 00,067,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\disk.sys
[2009/10/20 21:00:33 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2009/10/20 21:00:33 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncrypt.dll
[2009/10/20 21:00:33 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iashlpr.dll
[2009/10/20 21:00:33 | 00,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2009/10/20 21:00:32 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcomm.dll
[2009/10/20 21:00:32 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2009/10/20 21:00:32 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassam.dll
[2009/10/20 21:00:32 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2009/10/20 21:00:32 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spp.dll
[2009/10/20 21:00:32 | 00,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2009/10/20 21:00:32 | 00,049,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
[2009/10/20 21:00:32 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2009/10/20 21:00:31 | 00,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2009/10/20 21:00:31 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2009/10/20 21:00:31 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2009/10/20 21:00:31 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2009/10/20 21:00:31 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2009/10/20 21:00:30 | 01,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2009/10/20 21:00:30 | 00,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2009/10/20 21:00:30 | 00,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2009/10/20 21:00:30 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2009/10/20 21:00:30 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2009/10/20 21:00:30 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2009/10/20 21:00:30 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2009/10/20 21:00:29 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2009/10/20 21:00:29 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2009/10/20 21:00:29 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2009/10/20 21:00:29 | 00,155,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ecache.sys
[2009/10/20 21:00:29 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassvcs.dll
[2009/10/20 21:00:29 | 00,067,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgr.sys
[2009/10/20 21:00:28 | 01,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2009/10/20 21:00:28 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2009/10/20 21:00:28 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasnap.dll
[2009/10/20 21:00:27 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2009/10/20 21:00:27 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2009/10/20 21:00:27 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2009/10/20 21:00:27 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvsvc.dll
[2009/10/20 21:00:27 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2009/10/20 21:00:26 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2009/10/20 21:00:26 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:08 pm

[2009/10/20 21:00:26 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2009/10/20 21:00:25 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2009/10/20 21:00:25 | 01,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2009/10/20 21:00:25 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll
[2009/10/20 21:00:25 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2009/10/20 21:00:25 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userenv.dll
[2009/10/20 21:00:25 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2009/10/20 21:00:25 | 00,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2009/10/20 21:00:25 | 00,022,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2009/10/20 21:00:24 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswsock.dll
[2009/10/20 21:00:24 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2009/10/20 21:00:24 | 00,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2009/10/20 21:00:24 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2009/10/20 21:00:24 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2009/10/20 21:00:24 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasacct.dll
[2009/10/20 21:00:24 | 00,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spldr.sys
[2009/10/20 21:00:23 | 01,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2009/10/20 21:00:23 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2009/10/20 21:00:23 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2009/10/20 21:00:23 | 00,020,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\atapi.sys
[2009/10/20 21:00:22 | 03,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2009/10/20 21:00:22 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2009/10/20 21:00:22 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regsvc.dll
[2009/10/20 21:00:21 | 01,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2009/10/20 21:00:21 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2009/10/20 21:00:21 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2009/10/20 21:00:21 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmm.dll
[2009/10/20 21:00:21 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2009/10/20 21:00:21 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\exfat.sys
[2009/10/20 21:00:21 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsrslvr.dll
[2009/10/20 21:00:20 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2009/10/20 21:00:20 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2009/10/20 21:00:20 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2009/10/20 21:00:20 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tapisrv.dll
[2009/10/20 21:00:20 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2009/10/20 21:00:20 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2009/10/20 21:00:20 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2009/10/20 21:00:19 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2009/10/20 21:00:19 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2009/10/20 21:00:19 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2009/10/20 21:00:19 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2009/10/20 21:00:18 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2009/10/20 21:00:18 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\stobject.dll
[2009/10/20 21:00:18 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2009/10/20 21:00:18 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2009/10/20 21:00:18 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2009/10/20 21:00:18 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2009/10/20 21:00:18 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2009/10/20 21:00:17 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2009/10/20 21:00:17 | 00,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioEng.dll
[2009/10/20 21:00:17 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2009/10/20 21:00:17 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsvcs.dll
[2009/10/20 21:00:17 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2009/10/20 21:00:17 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2009/10/20 21:00:17 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apphelp.dll
[2009/10/20 21:00:17 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2009/10/20 21:00:17 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2009/10/20 21:00:17 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2009/10/20 21:00:16 | 00,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2009/10/20 21:00:16 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsound.dll
[2009/10/20 21:00:16 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3svc.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:09 pm

[2009/10/20 21:00:16 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscript.exe
[2009/10/20 21:00:16 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2009/10/20 21:00:16 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2009/10/20 21:00:16 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2009/10/20 21:00:16 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasdatastore.dll
[2009/10/20 21:00:15 | 01,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2009/10/20 21:00:15 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2009/10/20 21:00:15 | 00,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2009/10/20 21:00:15 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2009/10/20 21:00:15 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2009/10/20 21:00:15 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2009/10/20 21:00:15 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2009/10/20 21:00:15 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2009/10/20 21:00:15 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2009/10/20 21:00:14 | 01,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2009/10/20 21:00:14 | 00,881,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2009/10/20 21:00:14 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2009/10/20 21:00:14 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2009/10/20 21:00:14 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2009/10/20 21:00:14 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2009/10/20 21:00:14 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2009/10/20 21:00:14 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2009/10/20 21:00:14 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdProxy.dll
[2009/10/20 21:00:13 | 00,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2009/10/20 21:00:13 | 00,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2009/10/20 21:00:13 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2009/10/20 21:00:13 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2009/10/20 21:00:13 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpapi.dll
[2009/10/20 21:00:13 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iashlpr.dll
[2009/10/20 21:00:13 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2009/10/20 21:00:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2009/10/20 21:00:12 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2009/10/20 21:00:12 | 00,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2009/10/20 21:00:12 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2009/10/20 21:00:12 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2009/10/20 21:00:12 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IKEEXT.DLL
[2009/10/20 21:00:12 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys
[2009/10/20 21:00:12 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscript.exe
[2009/10/20 21:00:12 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdx.sys
[2009/10/20 21:00:12 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2009/10/20 21:00:12 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2009/10/20 21:00:11 | 00,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2009/10/20 21:00:11 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2009/10/20 21:00:11 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2009/10/20 21:00:11 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasapi32.dll
[2009/10/20 21:00:11 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2009/10/20 21:00:11 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2009/10/20 21:00:11 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2009/10/20 21:00:11 | 00,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2009/10/20 21:00:11 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2009/10/20 21:00:11 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2009/10/20 21:00:10 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2009/10/20 21:00:10 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2009/10/20 21:00:10 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrad.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:11 pm

[2009/10/20 21:00:10 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2009/10/20 21:00:10 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2009/10/20 21:00:10 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2009/10/20 21:00:10 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshbth.dll
[2009/10/20 21:00:09 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2009/10/20 21:00:09 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2009/10/20 21:00:09 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2009/10/20 21:00:08 | 02,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2009/10/20 21:00:08 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2009/10/20 21:00:08 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2009/10/20 21:00:08 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2009/10/20 21:00:08 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2009/10/20 21:00:08 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2009/10/20 21:00:08 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbehci.sys
[2009/10/20 21:00:07 | 00,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2009/10/20 21:00:07 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2009/10/20 21:00:07 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2009/10/20 21:00:07 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2009/10/20 21:00:07 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pacer.sys
[2009/10/20 21:00:06 | 06,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2009/10/20 21:00:06 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2009/10/20 21:00:06 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2009/10/20 21:00:06 | 00,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2009/10/20 21:00:06 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2009/10/20 21:00:06 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassvcs.dll
[2009/10/20 21:00:05 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2009/10/20 21:00:05 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2009/10/20 21:00:05 | 00,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2009/10/20 21:00:05 | 00,299,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\udfs.sys
[2009/10/20 21:00:05 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2009/10/20 21:00:04 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2009/10/20 21:00:04 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2009/10/20 21:00:04 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys
[2009/10/20 21:00:04 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2009/10/20 21:00:03 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2009/10/20 21:00:03 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2009/10/20 21:00:03 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2009/10/20 21:00:03 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2009/10/20 21:00:03 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntmarta.dll
[2009/10/20 21:00:03 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasads.dll
[2009/10/20 21:00:03 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsbyuv.dll
[2009/10/20 21:00:02 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2009/10/20 21:00:02 | 00,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2009/10/20 21:00:02 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2009/10/20 21:00:02 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2009/10/20 21:00:01 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2009/10/20 21:00:01 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2009/10/20 21:00:01 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2009/10/20 21:00:01 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2009/10/20 21:00:01 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powrprof.dll
[2009/10/20 21:00:01 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasacct.dll
[2009/10/20 21:00:01 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2009/10/20 21:00:00 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2009/10/20 21:00:00 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2009/10/20 21:00:00 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2009/10/20 21:00:00 | 00,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:12 pm

[2009/10/20 21:00:00 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2009/10/20 21:00:00 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authz.dll
[2009/10/20 21:00:00 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2009/10/20 21:00:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2009/10/20 21:00:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdhid.sys
[2009/10/20 21:00:00 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2009/10/20 21:00:00 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2009/10/20 20:59:59 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2009/10/20 20:59:59 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2009/10/20 20:59:59 | 00,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2009/10/20 20:59:59 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2009/10/20 20:59:59 | 00,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2009/10/20 20:59:59 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2009/10/20 20:59:59 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\npfs.sys
[2009/10/20 20:59:58 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2009/10/20 20:59:58 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2009/10/20 20:59:58 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2009/10/20 20:59:58 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2009/10/20 20:59:58 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BFE.DLL
[2009/10/20 20:59:58 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2009/10/20 20:59:58 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2009/10/20 20:59:58 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hidserv.dll
[2009/10/20 20:59:58 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2009/10/20 20:59:57 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2009/10/20 20:59:57 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\samlib.dll
[2009/10/20 20:59:57 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2009/10/20 20:59:57 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iaspolcy.dll
[2009/10/20 20:59:57 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2009/10/20 20:59:56 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2009/10/20 20:59:56 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2009/10/20 20:59:56 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2009/10/20 20:59:56 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2009/10/20 20:59:55 | 02,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2009/10/20 20:59:55 | 00,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fastfat.sys
[2009/10/20 20:59:55 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2009/10/20 20:59:55 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2009/10/20 20:59:55 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2009/10/20 20:59:55 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2009/10/20 20:59:55 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2009/10/20 20:59:54 | 00,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2009/10/20 20:59:54 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2009/10/20 20:59:54 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2009/10/20 20:59:54 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2009/10/20 20:59:54 | 00,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tapisrv.dll
[2009/10/20 20:59:54 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2009/10/20 20:59:54 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2009/10/20 20:59:54 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2009/10/20 20:59:54 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2009/10/20 20:59:54 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2009/10/20 20:59:53 | 00,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2009/10/20 20:59:53 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:14 pm

[2009/10/20 20:59:39 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2009/10/20 20:59:39 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2009/10/20 20:59:39 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nwifi.sys
[2009/10/20 20:59:39 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2009/10/20 20:59:39 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2009/10/20 20:59:38 | 01,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2009/10/20 20:59:38 | 00,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2009/10/20 20:59:38 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2009/10/20 20:59:38 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2009/10/20 20:59:38 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2009/10/20 20:59:38 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2009/10/20 20:59:37 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2009/10/20 20:59:37 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2009/10/20 20:59:37 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2009/10/20 20:59:37 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2009/10/20 20:59:36 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2009/10/20 20:59:36 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2009/10/20 20:59:36 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2009/10/20 20:59:36 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2009/10/20 20:59:36 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2009/10/20 20:59:36 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2009/10/20 20:59:36 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2009/10/20 20:59:35 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2009/10/20 20:59:35 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2009/10/20 20:59:34 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2009/10/20 20:59:34 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2009/10/20 20:59:34 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2009/10/20 20:59:34 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2009/10/20 20:59:34 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2009/10/20 20:59:33 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2009/10/20 20:59:33 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2009/10/20 20:59:33 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2009/10/20 20:59:33 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2009/10/20 20:59:32 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2009/10/20 20:59:32 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2009/10/20 20:59:32 | 00,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2009/10/20 20:59:32 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2009/10/20 20:59:32 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2009/10/20 20:59:32 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2009/10/20 20:59:32 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2009/10/20 20:59:32 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2009/10/20 20:59:31 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkexplorer.dll
[2009/10/20 20:59:31 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2009/10/20 20:59:31 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcsvc.dll
[2009/10/20 20:59:31 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2009/10/20 20:59:31 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2009/10/20 20:59:31 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2009/10/20 20:59:31 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2009/10/20 20:59:31 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2009/10/20 20:59:30 | 00,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2009/10/20 20:59:30 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2009/10/20 20:59:30 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2009/10/20 20:59:30 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2009/10/20 20:59:30 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2009/10/20 20:59:30 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2009/10/20 20:59:30 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2009/10/20 20:59:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimtf.dll
[2009/10/20 20:59:29 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2009/10/20 20:59:29 | 00,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2009/10/20 20:59:29 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2009/10/20 20:59:29 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2009/10/20 20:59:29 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2009/10/20 20:59:29 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2009/10/20 20:59:29 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2009/10/20 20:59:28 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2009/10/20 20:59:28 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2009/10/20 20:59:27 | 00,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2009/10/20 20:59:27 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2009/10/20 20:59:27 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2009/10/20 20:59:27 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olepro32.dll
[2009/10/20 20:59:27 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2009/10/20 20:59:27 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidusb.sys
[2009/10/20 20:59:26 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2009/10/20 20:59:26 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:15 pm

[2009/10/20 20:59:26 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2009/10/20 20:59:26 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2009/10/20 20:59:25 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2009/10/20 20:59:25 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2009/10/20 20:59:25 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2009/10/20 20:59:25 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2009/10/20 20:59:25 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smb.sys
[2009/10/20 20:59:25 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2009/10/20 20:59:25 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2009/10/20 20:59:25 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2009/10/20 20:59:25 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\version.dll
[2009/10/20 20:59:24 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2009/10/20 20:59:24 | 00,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2009/10/20 20:59:24 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2009/10/20 20:59:24 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2009/10/20 20:59:24 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshbth.dll
[2009/10/20 20:59:24 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2009/10/20 20:59:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2009/10/20 20:59:23 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdmaud.drv
[2009/10/20 20:59:23 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2009/10/20 20:59:23 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2009/10/20 20:59:23 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2009/10/20 20:59:22 | 02,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2009/10/20 20:59:22 | 00,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2009/10/20 20:59:22 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2009/10/20 20:59:22 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2009/10/20 20:59:22 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2009/10/20 20:59:22 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2009/10/20 20:59:22 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2009/10/20 20:59:22 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\[You must be registered and logged in to see this link.]
[2009/10/20 20:59:22 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscapi.dll
[2009/10/20 20:59:22 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2009/10/20 20:59:21 | 00,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2009/10/20 20:59:21 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2009/10/20 20:59:21 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2009/10/20 20:59:21 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2009/10/20 20:59:21 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2009/10/20 20:59:21 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\[You must be registered and logged in to see this link.]
[2009/10/20 20:59:21 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2009/10/20 20:59:21 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2009/10/20 20:59:21 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2009/10/20 20:59:20 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2009/10/20 20:59:20 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2009/10/20 20:59:20 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2009/10/20 20:59:20 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscdll.dll
[2009/10/20 20:59:20 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2009/10/20 20:59:19 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2009/10/20 20:59:19 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2009/10/20 20:59:19 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWCN.dll
[2009/10/20 20:59:19 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2009/10/20 20:59:19 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2009/10/20 20:59:19 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2009/10/20 20:59:19 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2009/10/20 20:59:19 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2009/10/20 20:59:18 | 00,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2009/10/20 20:59:18 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2009/10/20 20:59:18 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2009/10/20 20:59:18 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2009/10/20 20:59:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2009/10/20 20:59:18 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2009/10/20 20:59:17 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:16 pm

[2009/10/20 20:59:17 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2009/10/20 20:59:17 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2009/10/20 20:59:17 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2009/10/20 20:59:17 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2009/10/20 20:59:17 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2009/10/20 20:59:17 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkitemfactory.dll
[2009/10/20 20:59:16 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2009/10/20 20:59:16 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2009/10/20 20:59:16 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2009/10/20 20:59:16 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2009/10/20 20:59:16 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2009/10/20 20:59:16 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2009/10/20 20:59:16 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2009/10/20 20:59:16 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2009/10/20 20:59:16 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msacm32.drv
[2009/10/20 20:59:15 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dfsc.sys
[2009/10/20 20:59:15 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2009/10/20 20:59:15 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msacm32.drv
[2009/10/20 20:59:15 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2009/10/20 20:59:14 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2009/10/20 20:59:14 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2009/10/20 20:59:14 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2009/10/20 20:59:13 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2009/10/20 20:59:12 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2009/10/20 20:59:12 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2009/10/20 20:59:12 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2009/10/20 20:59:12 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2009/10/20 20:59:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2009/10/20 20:59:12 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2009/10/20 20:59:11 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2009/10/20 20:59:11 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2009/10/20 20:59:11 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2009/10/20 20:59:11 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrnr.dll
[2009/10/20 20:59:11 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2009/10/20 20:59:11 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2009/10/20 20:59:10 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/10/20 20:59:10 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbohci.sys
[2009/10/20 20:59:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\midimap.dll
[2009/10/20 20:59:10 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\midimap.dll
[2009/10/20 20:59:08 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2009/10/20 20:59:07 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2009/10/20 20:59:07 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspppoe.sys
[2009/10/20 20:59:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2009/10/20 20:59:04 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2009/10/20 20:59:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2009/10/20 20:59:04 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2009/10/20 20:59:04 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2009/10/20 20:58:38 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2009/10/20 20:58:21 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2009/10/20 19:19:31 | 00,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2009/10/20 19:19:22 | 00,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2009/10/20 19:19:22 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2009/10/20 19:18:58 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2009/10/13 18:26:29 | 05,940,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/13 18:26:27 | 09,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/13 18:26:26 | 12,461,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/13 18:26:25 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/13 18:26:24 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2009/10/13 18:26:24 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/10/13 18:26:23 | 01,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/13 18:26:23 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/13 18:26:23 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/13 18:26:22 | 01,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/13 18:26:22 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Mon Nov 02, 2009 7:16 pm

[2009/10/13 18:26:22 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/10/13 18:26:22 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2009/10/13 18:26:22 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/10/13 18:26:22 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2009/10/13 18:26:22 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/10/13 18:26:21 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2009/10/13 18:26:21 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/10/13 18:26:21 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/10/13 18:26:21 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/13 18:26:21 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2009/10/13 18:26:20 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2009/10/13 18:26:20 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/10/13 18:26:20 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/10/13 18:26:20 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2009/10/13 18:26:20 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/10/13 18:26:20 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009/10/13 18:26:20 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2009/10/13 18:26:20 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/10/13 18:26:20 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/10/13 18:26:20 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2009/10/13 18:26:19 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/10/13 18:26:19 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb
[2009/10/13 18:26:19 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2009/10/13 18:26:19 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2009/10/13 18:26:19 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2009/10/13 18:26:19 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/10/13 18:26:19 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/10/13 18:26:19 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2009/10/13 18:26:19 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/10/13 18:22:33 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/13 18:19:08 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/13 18:19:08 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/13 18:13:22 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/13 18:13:22 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/13 18:13:03 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/13 18:12:59 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/13 18:12:58 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll

========== Files - Modified Within 30 Days ==========

[2009/11/02 13:46:24 | 02,097,152 | -HS- | M] () -- C:\Users\Dennis\ntuser.dat
[2009/11/02 13:45:58 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2009/11/02 13:38:22 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/02 12:38:16 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-

601632D005A0
[2009/11/02 12:38:16 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-

601632D005A0
[2009/11/02 12:19:20 | 00,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EB86D9EB-393E-4B73-98EB-F65CA92AE16C}.job
[2009/11/01 22:22:42 | 00,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/01 19:17:12 | 00,000,238 | ---- | M] () -- C:\Windows\tasks\AlphaAV.job
[2009/11/01 19:12:28 | 00,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/11/01 19:12:28 | 00,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/11/01 19:12:27 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/11/01 19:04:45 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/01 19:04:18 | 40,242,62656 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/01 17:56:55 | 00,524,288 | -HS- | M] () -- C:\Users\Dennis\ntuser.dat{c730b2a1-8883-11de-a106-

00235a2fe768}.TMContainer00000000000000000001.regtrans-ms
[2009/11/01 17:56:55 | 00,065,536 | -HS- | M] () -- C:\Users\Dennis\ntuser.dat{c730b2a1-8883-11de-a106-00235a2fe768}.TM.blf
[2009/11/01 17:35:30 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/11/01 17:34:34 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/11/01 17:34:20 | 04,698,937 | -H-- | M] () -- C:\Users\Dennis\AppData\Local\IconCache.db
[2009/10/31 22:52:39 | 00,000,211 | ---- | M] () -- C:\Users\Dennis\Desktop\american greetings.url
[2009/10/30 17:05:24 | 00,355,328 | ---- | M] () -- C:\Windows\SysWow64\AdvancedIEupdate.dll
[2009/10/29 07:07:51 | 00,075,280 | ---- | M] () -- C:\Users\Dennis\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/29 02:21:31 | 00,304,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/28 07:20:44 | 00,046,096 | ---- | M] () -- C:\Users\Dennis\DSC00902.JPG
[2009/10/28 07:20:44 | 00,045,253 | ---- | M] () -- C:\Users\Dennis\DSC00898.JPG
[2009/10/28 07:20:44 | 00,037,068 | ---- | M] () -- C:\Users\Dennis\DSC00903.JPG
[2009/10/28 07:20:44 | 00,029,724 | ---- | M] () -- C:\Users\Dennis\DSC00905.JPG
[2009/10/28 07:20:44 | 00,028,286 | ---- | M] () -- C:\Users\Dennis\DSC00904.JPG
[2009/10/28 07:20:44 | 00,028,126 | ---- | M] () -- C:\Users\Dennis\DSC00901.JPG
[2009/10/28 07:20:43 | 00,057,015 | ---- | M] () -- C:\Users\Dennis\DSC00906.JPG
[2009/10/28 07:20:43 | 00,050,798 | ---- | M] () -- C:\Users\Dennis\DSC00907.JPG
[2009/10/28 07:20:43 | 00,038,151 | ---- | M] () -- C:\Users\Dennis\DSC00911.JPG
[2009/10/28 07:20:43 | 00,037,614 | ---- | M] () -- C:\Users\Dennis\DSC00915.JPG
[2009/10/28 07:20:43 | 00,037,363 | ---- | M] () -- C:\Users\Dennis\DSC00910.JPG
[2009/10/28 07:20:43 | 00,037,234 | ---- | M] () -- C:\Users\Dennis\DSC00913.JPG
[2009/10/28 07:20:43 | 00,035,327 | ---- | M] () -- C:\Users\Dennis\DSC00908.JPG
[2009/10/28 07:20:43 | 00,035,299 | ---- | M] () -- C:\Users\Dennis\DSC00914.JPG
[2009/10/28 07:20:43 | 00,034,882 | ---- | M] () -- C:\Users\Dennis\DSC00912.JPG
[2009/10/28 07:20:43 | 00,033,308 | ---- | M] () -- C:\Users\Dennis\DSC00909.JPG
[2009/10/28 07:20:42 | 00,056,092 | ---- | M] () -- C:\Users\Dennis\DSC00918.JPG
[2009/10/28 07:20:42 | 00,049,161 | ---- | M] () -- C:\Users\Dennis\DSC00923.JPG
[2009/10/28 07:20:42 | 00,045,508 | ---- | M] () -- C:\Users\Dennis\DSC00917.JPG
[2009/10/28 07:20:42 | 00,042,542 | ---- | M] () -- C:\Users\Dennis\DSC00916.JPG
[2009/10/28 07:20:42 | 00,040,247 | ---- | M] () -- C:\Users\Dennis\DSC00925.JPG
[2009/10/28 07:20:42 | 00,036,150 | ---- | M] () -- C:\Users\Dennis\DSC00922.JPG
[2009/10/28 07:20:42 | 00,035,053 | ---- | M] () -- C:\Users\Dennis\DSC00919.JPG
[2009/10/28 07:20:41 | 00,054,814 | ---- | M] () -- C:\Users\Dennis\DSC00931.JPG
[2009/10/28 07:20:41 | 00,053,758 | ---- | M] () -- C:\Users\Dennis\DSC00932.JPG
[2009/10/28 07:20:41 | 00,046,494 | ---- | M] () -- C:\Users\Dennis\DSC00929.JPG
[2009/10/28 07:20:41 | 00,043,682 | ---- | M] () -- C:\Users\Dennis\DSC00927.JPG
[2009/10/28 07:20:41 | 00,032,141 | ---- | M] () -- C:\Users\Dennis\DSC00926.JPG
[2009/10/28 07:20:40 | 00,054,176 | ---- | M] () -- C:\Users\Dennis\DSC00935.JPG
[2009/10/28 07:20:40 | 00,051,266 | ---- | M] () -- C:\Users\Dennis\DSC00944.JPG
[2009/10/28 07:20:40 | 00,050,390 | ---- | M] () -- C:\Users\Dennis\DSC00934.JPG
[2009/10/28 07:20:40 | 00,047,481 | ---- | M] () -- C:\Users\Dennis\DSC00947.JPG
[2009/10/28 07:20:40 | 00,047,408 | ---- | M] () -- C:\Users\Dennis\DSC00960.JPG
[2009/10/28 07:20:40 | 00,045,181 | ---- | M] () -- C:\Users\Dennis\DSC00943.JPG
[2009/10/28 07:20:40 | 00,044,893 | ---- | M] () -- C:\Users\Dennis\DSC00948.JPG
[2009/10/28 07:20:40 | 00,042,489 | ---- | M] () -- C:\Users\Dennis\DSC00950.JPG
[2009/10/28 07:20:40 | 00,042,356 | ---- | M] () -- C:\Users\Dennis\DSC00959.JPG
[2009/10/28 07:20:40 | 00,042,286 | ---- | M] () -- C:\Users\Dennis\DSC00951.JPG
[2009/10/28 07:20:40 | 00,041,809 | ---- | M] () -- C:\Users\Dennis\DSC00946.JPG
[2009/10/28 07:20:40 | 00,039,168 | ---- | M] () -- C:\Users\Dennis\DSC00940.JPG
[2009/10/28 07:20:40 | 00,037,363 | ---- | M] () -- C:\Users\Dennis\DSC00956.JPG
[2009/10/28 07:20:39 | 00,045,967 | ---- | M] () -- C:\Users\Dennis\DSC00965.JPG
[2009/10/28 07:20:39 | 00,044,271 | ---- | M] () -- C:\Users\Dennis\DSC00969.JPG
[2009/10/28 07:20:39 | 00,043,966 | ---- | M] () -- C:\Users\Dennis\DSC00963.JPG
[2009/10/28 07:20:39 | 00,043,754 | ---- | M] () -- C:\Users\Dennis\DSC00967.JPG
[2009/10/28 07:20:39 | 00,043,216 | ---- | M] () -- C:\Users\Dennis\DSC00961.JPG
[2009/10/28 07:20:39 | 00,041,327 | ---- | M] () -- C:\Users\Dennis\DSC00968.JPG
[2009/10/28 07:20:39 | 00,039,684 | ---- | M] () -- C:\Users\Dennis\DSC00962.JPG
[2009/10/28 07:20:39 | 00,035,880 | ---- | M] () -- C:\Users\Dennis\DSC00964.JPG
[2009/10/28 07:20:39 | 00,032,901 | ---- | M] () -- C:\Users\Dennis\DSC00966.JPG
[2009/10/27 12:53:14 | 00,524,288 | -HS- | M] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-

00235a2fe768}.TMContainer00000000000000000002.regtrans-ms
[2009/10/27 12:53:14 | 00,524,288 | -HS- | M] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-

00235a2fe768}.TMContainer00000000000000000001.regtrans-ms
[2009/10/27 12:53:14 | 00,065,536 | -HS- | M] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-00235a2fe768}.TM.blf
[2009/10/27 12:53:13 | 00,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/10/25 13:06:38 | 00,001,699 | ---- | M] () -- C:\Users\Dennis\Desktop\Notepad.lnk
[2009/10/25 13:06:29 | 00,001,875 | ---- | M] () -- C:\Users\Dennis\Desktop\Wordpad.lnk
[2009/10/24 23:06:02 | 00,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Tux Paint.lnk
[2009/10/13 06:39:04 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDennis.job
[2009/10/08 18:20:21 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\dxgkrnl.sys.mui
[2009/10/08 16:08:04 | 00,736,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2009/10/08 16:08:01 | 00,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2009/10/08 16:08:01 | 00,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2009/10/08 16:07:59 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2009/10/08 16:07:58 | 00,315,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2009/10/08 16:07:54 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll

========== Files Created - No Company Name ==========

[2009/11/01 22:22:42 | 00,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/01 17:34:34 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/30 17:05:26 | 00,000,238 | ---- | C] () -- C:\Windows\tasks\AlphaAV.job
[2009/10/30 17:05:23 | 00,355,328 | ---- | C] () -- C:\Windows\SysWow64\AdvancedIEupdate.dll
[2009/10/28 04:17:58 | 00,057,015 | ---- | C] () -- C:\Users\Dennis\DSC00906.JPG
[2009/10/28 04:17:58 | 00,050,798 | ---- | C] () -- C:\Users\Dennis\DSC00907.JPG
[2009/10/28 04:17:58 | 00,046,096 | ---- | C] () -- C:\Users\Dennis\DSC00902.JPG
[2009/10/28 04:17:58 | 00,045,253 | ---- | C] () -- C:\Users\Dennis\DSC00898.JPG
[2009/10/28 04:17:58 | 00,037,068 | ---- | C] () -- C:\Users\Dennis\DSC00903.JPG
[2009/10/28 04:17:58 | 00,035,327 | ---- | C] () -- C:\Users\Dennis\DSC00908.JPG
[2009/10/28 04:17:58 | 00,029,724 | ---- | C] () -- C:\Users\Dennis\DSC00905.JPG
[2009/10/28 04:17:58 | 00,028,286 | ---- | C] () -- C:\Users\Dennis\DSC00904.JPG
[2009/10/28 04:17:58 | 00,028,126 | ---- | C] () -- C:\Users\Dennis\DSC00901.JPG
[2009/10/28 04:17:56 | 00,056,092 | ---- | C] () -- C:\Users\Dennis\DSC00918.JPG
[2009/10/28 04:17:56 | 00,045,508 | ---- | C] () -- C:\Users\Dennis\DSC00917.JPG
[2009/10/28 04:17:56 | 00,042,542 | ---- | C] () -- C:\Users\Dennis\DSC00916.JPG
[2009/10/28 04:17:56 | 00,038,151 | ---- | C] () -- C:\Users\Dennis\DSC00911.JPG
[2009/10/28 04:17:56 | 00,037,614 | ---- | C] () -- C:\Users\Dennis\DSC00915.JPG
[2009/10/28 04:17:56 | 00,037,363 | ---- | C] () -- C:\Users\Dennis\DSC00910.JPG
[2009/10/28 04:17:56 | 00,037,234 | ---- | C] () -- C:\Users\Dennis\DSC00913.JPG
[2009/10/28 04:17:56 | 00,035,299 | ---- | C] () -- C:\Users\Dennis\DSC00914.JPG
[2009/10/28 04:17:56 | 00,034,882 | ---- | C] () -- C:\Users\Dennis\DSC00912.JPG
[2009/10/28 04:17:56 | 00,033,308 | ---- | C] () -- C:\Users\Dennis\DSC00909.JPG
[2009/10/28 04:17:54 | 00,049,161 | ---- | C] () -- C:\Users\Dennis\DSC00923.JPG
[2009/10/28 04:17:54 | 00,046,494 | ---- | C] () -- C:\Users\Dennis\DSC00929.JPG
[2009/10/28 04:17:54 | 00,043,682 | ---- | C] () -- C:\Users\Dennis\DSC00927.JPG
[2009/10/28 04:17:54 | 00,040,247 | ---- | C] () -- C:\Users\Dennis\DSC00925.JPG
[2009/10/28 04:17:54 | 00,036,150 | ---- | C] () -- C:\Users\Dennis\DSC00922.JPG
[2009/10/28 04:17:54 | 00,035,053 | ---- | C] () -- C:\Users\Dennis\DSC00919.JPG
[2009/10/28 04:17:54 | 00,032,141 | ---- | C] () -- C:\Users\Dennis\DSC00926.JPG
[2009/10/28 04:17:52 | 00,054,814 | ---- | C] () -- C:\Users\Dennis\DSC00931.JPG
[2009/10/28 04:17:52 | 00,054,176 | ---- | C] () -- C:\Users\Dennis\DSC00935.JPG
[2009/10/28 04:17:52 | 00,053,758 | ---- | C] () -- C:\Users\Dennis\DSC00932.JPG
[2009/10/28 04:17:52 | 00,051,266 | ---- | C] () -- C:\Users\Dennis\DSC00944.JPG
[2009/10/28 04:17:52 | 00,050,390 | ---- | C] () -- C:\Users\Dennis\DSC00934.JPG
[2009/10/28 04:17:52 | 00,045,181 | ---- | C] () -- C:\Users\Dennis\DSC00943.JPG
[2009/10/28 04:17:52 | 00,041,809 | ---- | C] () -- C:\Users\Dennis\DSC00946.JPG
[2009/10/28 04:17:52 | 00,039,168 | ---- | C] () -- C:\Users\Dennis\DSC00940.JPG
[2009/10/28 04:17:50 | 00,047,481 | ---- | C] () -- C:\Users\Dennis\DSC00947.JPG
[2009/10/28 04:17:50 | 00,047,408 | ---- | C] () -- C:\Users\Dennis\DSC00960.JPG
[2009/10/28 04:17:50 | 00,044,893 | ---- | C] () -- C:\Users\Dennis\DSC00948.JPG
[2009/10/28 04:17:50 | 00,043,216 | ---- | C] () -- C:\Users\Dennis\DSC00961.JPG
[2009/10/28 04:17:50 | 00,042,489 | ---- | C] () -- C:\Users\Dennis\DSC00950.JPG
[2009/10/28 04:17:50 | 00,042,356 | ---- | C] () -- C:\Users\Dennis\DSC00959.JPG
[2009/10/28 04:17:50 | 00,042,286 | ---- | C] () -- C:\Users\Dennis\DSC00951.JPG
[2009/10/28 04:17:50 | 00,039,684 | ---- | C] () -- C:\Users\Dennis\DSC00962.JPG
[2009/10/28 04:17:50 | 00,037,363 | ---- | C] () -- C:\Users\Dennis\DSC00956.JPG
[2009/10/28 04:17:48 | 00,045,967 | ---- | C] () -- C:\Users\Dennis\DSC00965.JPG
[2009/10/28 04:17:48 | 00,044,271 | ---- | C] () -- C:\Users\Dennis\DSC00969.JPG
[2009/10/28 04:17:48 | 00,043,966 | ---- | C] () -- C:\Users\Dennis\DSC00963.JPG
[2009/10/28 04:17:48 | 00,043,754 | ---- | C] () -- C:\Users\Dennis\DSC00967.JPG
[2009/10/28 04:17:48 | 00,041,327 | ---- | C] () -- C:\Users\Dennis\DSC00968.JPG
[2009/10/28 04:17:48 | 00,035,880 | ---- | C] () -- C:\Users\Dennis\DSC00964.JPG
[2009/10/28 04:17:48 | 00,032,901 | ---- | C] () -- C:\Users\Dennis\DSC00966.JPG
[2009/10/27 12:53:13 | 00,524,288 | -HS- | C] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-

00235a2fe768}.TMContainer00000000000000000002.regtrans-ms
[2009/10/27 12:53:13 | 00,524,288 | -HS- | C] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-

00235a2fe768}.TMContainer00000000000000000001.regtrans-ms
[2009/10/27 12:53:13 | 00,262,144 | ---- | C] () -- C:\ntuser.dat
[2009/10/27 12:53:13 | 00,065,536 | -HS- | C] () -- C:\ntuser.dat{fa28384c-c174-11de-a6ce-00235a2fe768}.TM.blf
[2009/10/25 13:06:38 | 00,001,699 | ---- | C] () -- C:\Users\Dennis\Desktop\Notepad.lnk
[2009/10/25 13:06:29 | 00,001,875 | ---- | C] () -- C:\Users\Dennis\Desktop\Wordpad.lnk
[2009/10/24 23:06:02 | 00,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Tux Paint.lnk
[2009/10/20 21:02:29 | 00,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2009/10/20 21:02:29 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/20 21:02:08 | 00,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2009/10/20 21:01:37 | 00,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2009/10/20 21:01:34 | 00,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2009/10/20 21:01:30 | 00,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/10/20 21:01:30 | 00,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009/10/20 21:01:25 | 03,662,128 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2009/10/20 21:01:25 | 03,662,128 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2009/10/20 21:01:24 | 00,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2009/10/20 21:00:44 | 00,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2009/10/20 21:00:40 | 00,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2009/10/20 21:00:40 | 00,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2009/10/20 21:00:35 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/10/20 20:59:51 | 00,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2009/10/20 20:59:51 | 00,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2009/10/20 20:59:10 | 00,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2009/10/20 20:59:10 | 00,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2009/04/12 09:54:57 | 00,003,584 | ---- | C] () -- C:\Users\Dennis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/01 18:48:39 | 00,003,345 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/03/31 18:33:59 | 04,698,937 | -H-- | C] () -- C:\Users\Dennis\AppData\Local\IconCache.db
[2009/03/31 18:04:21 | 00,046,974 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/03/31 18:04:17 | 00,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\QSwitch.txt
[2009/03/31 18:04:17 | 00,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\DSwitch.txt
[2009/03/31 18:04:17 | 00,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\AtStart.txt
[2009/03/31 18:02:10 | 00,075,280 | ---- | C] () -- C:\Users\Dennis\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/02/26 09:09:40 | 00,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/02/26 09:09:28 | 00,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/02/26 09:08:44 | 00,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/02/26 09:06:57 | 00,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/02/26 09:04:15 | 00,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/01/20 00:45:49 | 00,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/01/20 00:36:56 | 00,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/01/20 00:34:18 | 00,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/01/20 00:32:19 | 00,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 10:07:25 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 10:07:25 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 07:34:27 | 00,000,179 | ---- | C] () -- C:\Windows\win.ini
< End of report >

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by Belahzur on Mon Nov 02, 2009 9:23 pm

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    C:\Program Files (x86)\Common Files\AlphaAVUninstall
    C:\Program Files (x86)\AlphaAV
    C:\Windows\tasks\AlphaAV.job


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Tue Nov 03, 2009 5:44 pm

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.1.3.0 log created on 11032009_124345

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Tue Nov 03, 2009 5:47 pm

there were no such files so I just copied and pasted from your post but there is a file called C:\Program Files (x86)\AlphaAV\alpha.exe
actually there are 3 of those.

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by Belahzur on Tue Nov 03, 2009 8:47 pm

Hello.
You missed :files


:files
C:\Program Files (x86)\Common Files\AlphaAVUninstall
C:\Program Files (x86)\AlphaAV
C:\Windows\tasks\AlphaAV.job


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Thu Nov 05, 2009 3:37 am

========== FILES ==========
C:\Program Files (x86)\Common Files\AlphaAVUninstall folder moved successfully.
C:\Program Files (x86)\AlphaAV folder moved successfully.
File\Folder C:\Windows\tasks\AlphaAV.job not found.

OTL by OldTimer - Version 3.1.3.0 log created on 11042009_223704

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by Belahzur on Thu Nov 05, 2009 9:47 pm

Hello.
How is it now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: fake antivirus alpha

Post by sandy_hagen2001 on Sat Nov 07, 2009 4:38 pm

It seems to be gone.
Thanks you very much!!! Thank You!

sandy_hagen2001
Novice
Novice

Posts Posts : 31
Joined Joined : 2009-11-01
OS OS : vista
Points Points : 25953
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum