trojan heur

View previous topic View next topic Go down

trojan heur

Post by bill01 on 30th January 2010, 3:46 am

i have a trojan on my pc os windows vista 32 bit and i was using combofix with kaspersky but i still feel i have the virus can you please guide me on how to work with you and combofix please

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 30th January 2010, 4:11 am

I HAVE JUST RUN ADVANCE SYSTEM CARE AND ADVISE ME TO PUT THIS ON A LOG THAT WORK WITH HIJACK THIS SO HERE IS THE REPORT
Logfile of Advanced SystemCare 3 Security Analyzer
Scan saved at 11:08:21 PM, on 1/29/2010
Platform: Windows Vista (WinNT 6.0)
MSIE: Internet Explorer v8.0 (8.0.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\aol\1263870160\ee\aolsoftware.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\AOL 9.5\waol.exe
C:\Program Files\AOL 9.5\shellmon.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\program files\internet explorer\iexplore.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Groove GFS Browser Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Groove GFS Browser Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Groove GFS Browser Helper - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Groove GFS Browser Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.5\AOL.EXE" -b
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
O8 - Extra context menu item: E&xportar a Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Estadísticas de protección del tráfico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - [You must be registered and logged in to see this link.]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_17) - [You must be registered and logged in to see this link.]
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - [You must be registered and logged in to see this link.]
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.6.0) - [You must be registered and logged in to see this link.]
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) - [You must be registered and logged in to see this link.]
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - [You must be registered and logged in to see this link.]
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: GoToAssist (gpsvc) - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 30th January 2010, 5:08 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 31st January 2010, 5:29 pm

Malwarebytes' Anti-Malware 1.44
Database version: 3668
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

1/31/2010 12:28:50 PM
mbam-log-2010-01-31 (12-28-50).txt

Scan type: Quick Scan
Objects scanned: 115860
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 31st January 2010, 5:30 pm

this is the report you ask me too and it seems that there is no virus

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 31st January 2010, 7:55 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 2nd February 2010, 6:36 am

first part (1) OTL Extras logfile created on: 2/2/2010 1:23:31 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 199.62 Gb Free Space | 66.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.96 Gb Free Space | 85.24% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CC7D6C-44DE-41A9-A984-ABFDEA9E4BC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29FA746C-D0E7-490E-80C0-83CCBB112624}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7DE68028-D0F5-4668-BD93-3D324B173ECB}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7A50B-0C75-401F-A4FA-FAF741D798A6}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0365D8E7-3C2E-4F87-A2D2-EB0C99A5412F}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{127A2468-2459-4D51-9D5C-1502095967BE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{14A5AEEE-7ACC-4C24-9CC8-34BF982D21A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{176B6002-A003-40AD-9D29-A63440A1971F}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{26B73FFC-346E-4708-8D74-74BA0FD5D32A}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{39ACEBB1-E69D-4618-91EF-7898E65D4507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4014B4DD-E149-4D12-AE91-2E76EB1F0B2E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{40702937-73B1-4BA0-B0F8-4C308B858D61}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4427C42E-9B96-4261-B9B1-592262A07861}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{463060C8-55D9-4699-91BF-594895246ECC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{60F07F92-3A46-4DD3-9B7B-1F62781DD7AF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{631FA709-9EFE-416E-B337-8E13AEC7231D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{634B0789-3487-4587-94AB-50F79ABE5357}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{6A056CE6-7C00-4CD6-82F3-4E4F8BA2A150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7FAFD966-A976-46C7-9317-38A5DC586C1B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{803F4237-B775-4DCF-9BCA-297C9E5D14D2}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{8156C224-BE5B-44E5-9512-3EC3A40812BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85D0402B-FC8A-4BA1-86C5-121120EB9DEB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{86E06BD6-ABCD-4441-8CAE-E848623938E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8A1DAC2C-D3A4-4758-B591-AAA9CC2A9F82}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{934FD6D6-AA13-4EED-AEA4-262B6ECCF692}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{945FC088-F6B7-46BF-93DA-54C37CC53650}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{964990C9-E885-4A5C-81F0-6826B53042C7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A08B9794-E5A2-4954-B995-86BE2762AD7E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5B38B81-D26C-4E40-B754-120033E81719}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{BA7A7DC5-5860-46E2-82B8-30102094D7F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BE5E5A27-3BF0-4165-B953-A9946FE835A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D92391C5-7EF3-4422-8FA7-2AD01B633FAE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{DD06A051-1637-4F71-9345-8A0483EE6FDD}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{DDBBAD11-9A5F-488B-A73A-F1F5F23DEF2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DE4819AA-A779-4F6D-9C0A-433BD78A5258}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{F4303C63-4873-4ABB-88C1-9CAC4CDAC4E9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FE3971FC-D3BC-4319-9490-EF414A988752}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"TCP Query User{03FE0169-CEDA-4076-989B-19F3394190CD}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{3E255A02-6B74-4D29-BEFB-CB30FFA5D291}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{A6EFDE20-4394-435B-A717-A8A9C8E67E18}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{006BBAC0-05DF-43FA-A005-BC692AB5D3C0}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{5BF2DA3A-7D7A-402C-8FE8-E5D41472AA92}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{72783167-F055-4883-A288-C65D5DC08F43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 2nd February 2010, 6:40 am

second part of the report
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AA5F2C-EEBB-47A3-AB7B-B235E620FFDB}_is1" = los Boeing 737-200 Advanced, de las Líneas Aérea LAN, SKY y AER
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 18
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5aa47dba-b584-4d47-a626-76e53f010201}" = JavaFX(TM) 1.2 SDK
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74550cae-c3fe-4c94-ab8e-a26a71eb49c4}" = Nero 9
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.26
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}" = TuneUp Utilities Language Pack (es-ES)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AMDAway INF" = AMDAway INF
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow" = ffdshow (remove only)
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"LimeWire" = LimeWire 5.4.6
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2010 2:56:37 AM | Computer Name = HORACIO-PC | Source = Perflib | ID = 1008
Description =

Error - 1/29/2010 3:06:36 AM | Computer Name = HORACIO-PC | Source = pctsSvc.exe | ID = 0
Description =

Error - 1/30/2010 2:10:13 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01caa1ce6b0970f2 Termination Time: 0

Error - 1/31/2010 10:31:13 PM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

Error - 2/1/2010 12:51:07 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 103c Start Time: 01caa35e7b4c3e11 Termination Time: 0

Error - 2/2/2010 12:43:40 AM | Computer Name = HORACIO-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18882, time stamp
0x4b3ed243, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00041e3b, process id 0x14f8, application
start time 0x01caa392ccaf2700.

Error - 2/2/2010 1:59:30 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17ac Start Time: 01caa3cb66aa0ef0 Termination Time: 63

Error - 2/2/2010 2:00:20 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 50c Start Time: 01caa3cce762f330 Termination Time: 15

Error - 2/2/2010 2:16:01 AM | Computer Name = HORACIO-PC | Source = VSS | ID = 8194
Description =

Error - 2/2/2010 2:17:19 AM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 1/19/2010 3:28:14 AM | Computer Name = HORACIO-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 1/19/2010 10:46:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 11:01:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 12:52:03 PM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 2nd February 2010, 6:41 am

EXTRAS.TXT
OTL Extras logfile created on: 2/2/2010 1:23:31 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 199.62 Gb Free Space | 66.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.96 Gb Free Space | 85.24% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CC7D6C-44DE-41A9-A984-ABFDEA9E4BC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29FA746C-D0E7-490E-80C0-83CCBB112624}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7DE68028-D0F5-4668-BD93-3D324B173ECB}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7A50B-0C75-401F-A4FA-FAF741D798A6}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0365D8E7-3C2E-4F87-A2D2-EB0C99A5412F}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{127A2468-2459-4D51-9D5C-1502095967BE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{14A5AEEE-7ACC-4C24-9CC8-34BF982D21A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{176B6002-A003-40AD-9D29-A63440A1971F}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{26B73FFC-346E-4708-8D74-74BA0FD5D32A}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{39ACEBB1-E69D-4618-91EF-7898E65D4507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4014B4DD-E149-4D12-AE91-2E76EB1F0B2E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{40702937-73B1-4BA0-B0F8-4C308B858D61}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4427C42E-9B96-4261-B9B1-592262A07861}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{463060C8-55D9-4699-91BF-594895246ECC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{60F07F92-3A46-4DD3-9B7B-1F62781DD7AF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{631FA709-9EFE-416E-B337-8E13AEC7231D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{634B0789-3487-4587-94AB-50F79ABE5357}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{6A056CE6-7C00-4CD6-82F3-4E4F8BA2A150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7FAFD966-A976-46C7-9317-38A5DC586C1B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{803F4237-B775-4DCF-9BCA-297C9E5D14D2}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{8156C224-BE5B-44E5-9512-3EC3A40812BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85D0402B-FC8A-4BA1-86C5-121120EB9DEB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{86E06BD6-ABCD-4441-8CAE-E848623938E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8A1DAC2C-D3A4-4758-B591-AAA9CC2A9F82}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{934FD6D6-AA13-4EED-AEA4-262B6ECCF692}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{945FC088-F6B7-46BF-93DA-54C37CC53650}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{964990C9-E885-4A5C-81F0-6826B53042C7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A08B9794-E5A2-4954-B995-86BE2762AD7E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5B38B81-D26C-4E40-B754-120033E81719}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{BA7A7DC5-5860-46E2-82B8-30102094D7F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BE5E5A27-3BF0-4165-B953-A9946FE835A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D92391C5-7EF3-4422-8FA7-2AD01B633FAE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{DD06A051-1637-4F71-9345-8A0483EE6FDD}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{DDBBAD11-9A5F-488B-A73A-F1F5F23DEF2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DE4819AA-A779-4F6D-9C0A-433BD78A5258}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{F4303C63-4873-4ABB-88C1-9CAC4CDAC4E9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FE3971FC-D3BC-4319-9490-EF414A988752}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"TCP Query User{03FE0169-CEDA-4076-989B-19F3394190CD}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{3E255A02-6B74-4D29-BEFB-CB30FFA5D291}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{A6EFDE20-4394-435B-A717-A8A9C8E67E18}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{006BBAC0-05DF-43FA-A005-BC692AB5D3C0}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{5BF2DA3A-7D7A-402C-8FE8-E5D41472AA92}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{72783167-F055-4883-A288-C65D5DC08F43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AA5F2C-EEBB-47A3-AB7B-B235E620FFDB}_is1" = los Boeing 737-200 Advanced, de las Líneas Aérea LAN, SKY y AER
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 18
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5aa47dba-b584-4d47-a626-76e53f010201}" = JavaFX(TM) 1.2 SDK
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74550cae-c3fe-4c94-ab8e-a26a71eb49c4}" = Nero 9
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.26
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}" = TuneUp Utilities Language Pack (es-ES)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AMDAway INF" = AMDAway INF
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow" = ffdshow (remove only)
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"LimeWire" = LimeWire 5.4.6
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2010 2:56:37 AM | Computer Name = HORACIO-PC | Source = Perflib | ID = 1008
Description =

Error - 1/29/2010 3:06:36 AM | Computer Name = HORACIO-PC | Source = pctsSvc.exe | ID = 0
Description =

Error - 1/30/2010 2:10:13 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01caa1ce6b0970f2 Termination Time: 0

Error - 1/31/2010 10:31:13 PM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

Error - 2/1/2010 12:51:07 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 103c Start Time: 01caa35e7b4c3e11 Termination Time: 0

Error - 2/2/2010 12:43:40 AM | Computer Name = HORACIO-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18882, time stamp
0x4b3ed243, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00041e3b, process id 0x14f8, application
start time 0x01caa392ccaf2700.

Error - 2/2/2010 1:59:30 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17ac Start Time: 01caa3cb66aa0ef0 Termination Time: 63

Error - 2/2/2010 2:00:20 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 50c Start Time: 01caa3cce762f330 Termination Time: 15

Error - 2/2/2010 2:16:01 AM | Computer Name = HORACIO-PC | Source = VSS | ID = 8194
Description =

Error - 2/2/2010 2:17:19 AM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 1/19/2010 3:28:14 AM | Computer Name = HORACIO-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 1/19/2010 10:46:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 11:01:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 12:52:03 PM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 2nd February 2010, 6:44 am

I AM DOING EVERYTHING YOU ASK ME TO DO AS SOON AS POSSIBLE THANK YOU SO MUCH FOR YOUR HELP

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 2nd February 2010, 8:11 pm

Hello.
You posted Extras.txt twice, can you post the other log too please?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:24 am

i will send you the first log pop up in 3 parts
OTL logfile created on: 2/2/2010 7:44:21 PM - Run 2
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 202.23 Gb Free Space | 67.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.94 Gb Free Space | 85.23% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/02 01:21:11 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
PRC - [2010/01/25 00:05:23 | 000,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2010/01/18 09:15:31 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/01/17 23:26:25 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010/01/06 15:33:06 | 002,335,952 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/01/05 07:56:02 | 002,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/12/10 12:34:08 | 000,713,032 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009/12/10 12:32:08 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/12/07 19:29:44 | 000,055,016 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009/11/05 15:06:30 | 001,108,992 | ---- | M] (CBS Interactive) -- C:\Users\HORACIO\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2009/10/28 09:38:50 | 000,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\waol.exe
PRC - [2009/10/28 09:38:49 | 000,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files\AOL 9.5\shellmon.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/20 14:52:23 | 000,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1263870160\ee\aolsoftware.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/01/30 00:50:06 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/04/30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
PRC - [2007/04/02 07:33:32 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/08/04 16:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe


========== Modules (SafeList) ==========

MOD - [2010/02/02 01:21:11 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/25 00:05:23 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2010/01/20 22:19:00 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/01/19 00:42:02 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2010/01/18 12:59:51 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/01/18 09:15:31 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/17 23:26:24 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2010/01/11 21:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/12/10 12:32:08 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009/12/10 12:28:46 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/12/07 19:29:44 | 000,055,016 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/14 00:04:40 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/08/04 16:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010/01/25 00:05:23 | 000,239,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/01/25 00:05:23 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2010/01/11 23:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/01/05 07:56:06 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/01/05 07:56:04 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/05 07:56:02 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/10/07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009/10/07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 08:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/28 19:42:52 | 000,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/30 17:12:56 | 000,282,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/11/04 18:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})
DRV - [2008/07/21 17:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2008/07/09 17:28:26 | 000,020,496 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/02/21 14:49:47 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/02/21 14:49:47 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/02/21 14:49:47 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/01/06 00:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007/01/06 00:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2006/11/02 02:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 10:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 10:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 10:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/08/04 16:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/19 13:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]

IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 55 83 99 65 F5 97 CA 01 [binary data]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B5 8A 15 15 8C F8 E2 49 BD E6 27 79 A8 25 D2 37 [binary data]
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2010/01/23 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\HORACIO\AppData\Roaming\Mozilla\Extensions
[2010/01/23 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\HORACIO\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/01/27 12:37:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (WinAVI FLVSense) - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RDesc] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [AOL Fast Start] C:\Program Files\AOL 9.5\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\HORACIO\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe (CBS Interactive)
O4 - Startup: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Estadísticas de protección del tráfico Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O9 - Extra 'Tools' menuitem : WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll (ZJMedia)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} [You must be registered and logged in to see this link.] (ActiveScan 2.0 Installer Class)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} [You must be registered and logged in to see this link.] (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/02 19:34:04 | 000,900,026 | ---- | C] (Bllua ) -- C:\Users\HORACIO\Desktop\Instalar_RDesc_2.27.exe
[2010/02/02 13:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/02/02 13:09:47 | 029,635,880 | ---- | C] (Apple Inc.) -- C:\Users\HORACIO\Desktop\SafariSetup.exe
[2010/02/02 12:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinAVI MP4 Converter
[2010/02/02 12:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2010/02/02 12:36:52 | 000,000,000 | ---D | C] -- C:\Windows\Amazing Bubbles 3D
[2010/02/02 12:36:15 | 001,244,718 | ---- | C] (Rixane Interactive ) -- C:\Users\HORACIO\Desktop\amazingbubbles3d_dc.exe
[2010/02/02 01:20:46 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
[2010/02/02 01:19:50 | 002,149,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3dx9d_42.dll
[2010/02/02 01:19:50 | 000,926,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudioD2_5.dll
[2010/02/02 01:19:50 | 000,434,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XactEngineA3_5.dll
[2010/02/02 01:19:50 | 000,348,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XactEngineD3_5.dll
[2010/02/02 01:19:50 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFXD1_3.dll
[2010/02/02 01:19:50 | 000,045,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudioD1_6.dll
[2010/02/02 01:19:49 | 003,795,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9d_33.dll
[2010/02/02 01:19:44 | 005,516,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCSXd_42.dll
[2010/02/02 01:19:44 | 000,497,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX10d_42.dll
[2010/02/02 01:19:44 | 000,348,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dref9.dll
[2010/02/02 01:19:44 | 000,252,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX11d_42.dll
[2010/02/02 01:19:41 | 002,650,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9d.dll
[2010/02/02 01:19:41 | 000,500,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D11Ref.dll
[2010/02/02 01:19:41 | 000,496,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D11SDKLayers.dll
[2010/02/02 01:19:41 | 000,442,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D10SDKLayers.DLL
[2010/02/02 01:19:41 | 000,356,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3D10Ref.DLL
[2010/02/02 01:17:13 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/02/02 01:17:13 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/02/02 01:17:11 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/02/02 01:15:44 | 000,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2010/02/02 01:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft DirectX SDK (August 2009)
[2010/02/01 11:38:44 | 003,370,400 | ---- | C] (Piriform Ltd) -- C:\Users\HORACIO\Desktop\ccsetup228.exe
[2010/01/31 21:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2010/01/31 21:34:02 | 001,146,696 | ---- | C] (Microsoft Corporation) -- C:\Users\HORACIO\Desktop\wlsetup-custom.exe
[2010/01/31 21:28:04 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Desktop\unused folder
[2010/01/31 17:52:17 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Xobni
[2010/01/31 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Xobni
[2010/01/31 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\OpenCandy
[2010/01/31 17:51:36 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\OpenCandy
[2010/01/31 17:51:36 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\CBS Interactive
[2010/01/31 17:48:07 | 003,404,816 | ---- | C] (CBS Interactive) -- C:\Users\HORACIO\Desktop\CNET_TechTracker_1_3_52_Setup.exe
[2010/01/31 14:10:42 | 000,000,000 | ---D | C] -- C:\Sun
[2010/01/30 14:08:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\time warner chat
[2010/01/30 11:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/30 11:56:26 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/30 11:56:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/30 11:56:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/29 23:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/01/29 02:05:45 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Threat Expert
[2010/01/29 01:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/01/27 12:01:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/01/27 11:52:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/01/27 11:41:02 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/27 01:05:00 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Malwarebytes
[2010/01/27 01:04:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/27 01:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/27 01:04:42 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/27 01:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/27 00:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/01/27 00:51:09 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\SUPERAntiSpyware.com
[2010/01/27 00:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/01/27 00:34:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Yahoo!
[2010/01/27 00:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/01/27 00:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/26 13:24:07 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\temp
[2010/01/26 11:40:27 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/25 14:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/01/25 14:49:25 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\HORACIO\Desktop\HJTInstall.exe
[2010/01/25 13:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\JavaFX
[2010/01/25 13:54:29 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/01/24 23:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/01/24 23:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/01/24 23:38:25 | 000,239,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/01/24 21:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/01/24 20:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2010/01/24 19:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/01/24 19:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/24 19:35:22 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\HORACIO\Desktop\spybotsd162.exe
[2010/01/23 23:14:08 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Wide Angle Software
[2010/01/23 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\LimeWire
[2010/01/23 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Mozilla
[2010/01/23 20:43:24 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\LimeWire
[2010/01/23 20:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/01/23 20:42:31 | 018,848,592 | ---- | C] (Lime Wire LLC) -- C:\Users\HORACIO\Desktop\LimeWireWin.exe
[2010/01/23 18:38:42 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\Flight Simulator X Files
[2010/01/23 18:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/01/22 20:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/01/22 20:40:37 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Office Genuine Advantage
[2010/01/22 09:55:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/22 09:55:24 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/22 09:55:24 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/22 09:55:24 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/22 09:55:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/22 09:55:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/22 09:55:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/22 09:55:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/22 09:55:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/22 09:55:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/22 09:55:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/22 09:55:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/22 09:55:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/22 09:55:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/01/22 02:40:09 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\iCloner
[2010/01/22 02:34:15 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WindSolutions
[2010/01/22 02:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2010/01/22 02:28:46 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\iLibs
[2010/01/22 02:28:22 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\SyncGuardian
[2010/01/22 02:21:47 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\CopyTrans
[2010/01/22 01:55:41 | 011,586,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/01/22 01:55:41 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/01/22 01:55:41 | 000,068,200 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/01/22 01:55:41 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010/01/22 01:55:40 | 014,924,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/01/22 01:55:40 | 004,321,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/01/22 01:55:40 | 002,243,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010/01/22 01:55:39 | 004,077,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010/01/22 01:55:38 | 011,639,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010/01/22 01:55:38 | 004,061,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010/01/22 01:55:38 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010/01/22 01:29:27 | 000,705,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010/01/22 01:15:38 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\DriverGenius
[2010/01/22 01:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010/01/21 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/01/20 23:17:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Nero
[2010/01/20 23:16:35 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Real
[2010/01/20 22:19:04 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010/01/20 22:19:02 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010/01/20 22:19:02 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010/01/20 22:18:46 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\TuneUp Software
[2010/01/20 22:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/01/20 22:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/01/20 22:18:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/01/20 22:02:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\uniblue
[2010/01/20 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/01/20 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Nero
[2010/01/20 20:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/01/20 20:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/01/20 20:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/01/20 15:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/01/20 15:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/01/20 15:37:54 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/01/20 15:37:54 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/01/20 15:37:54 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/01/20 15:37:39 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/01/20 15:37:39 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/01/20 15:37:38 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/01/20 15:37:38 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/01/20 15:37:38 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/01/20 15:37:38 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/01/20 15:37:38 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/01/20 15:37:38 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/01/20 15:37:38 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/01/20 15:37:38 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/01/20 15:37:38 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/01/20 15:37:38 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/01/20 15:37:38 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/01/20 15:37:38 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/01/20 15:37:38 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/01/20 15:37:38 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/01/20 15:37:38 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/01/20 15:37:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/01/20 15:37:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/01/20 15:37:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/01/20 15:37:38 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/01/20 15:37:38 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/01/20 15:37:38 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/01/20 15:37:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/01/20 15:37:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/01/20 15:37:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/01/20 15:37:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/01/20 15:37:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/01/20 15:37:18 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/01/20 15:37:17 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/01/20 15:37:17 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/01/20 15:37:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/01/20 15:37:17 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/01/20 15:37:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/01/20 15:36:44 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/01/20 15:36:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/01/20 13:23:45 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010/01/20 13:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/01/20 13:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/01/20 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/01/20 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/01/20 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/01/20 13:17:11 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Microsoft Help
[2010/01/20 13:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/01/20 13:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/01/20 13:16:27 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/01/20 11:09:26 | 000,000,000 | ---D | C] -- C:\downloads
[2010/01/20 11:09:19 | 000,000,000 | ---D | C] -- C:\RDesc
[2010/01/20 10:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/01/20 00:41:07 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\OpenOffice.org
[2010/01/19 23:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/01/19 19:16:28 | 000,089,184 | ---- | C] (Ahead Software AG and its licensors) -- C:\Windows\System32\drivers\imagedrv.sys
[2010/01/19 19:16:20 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\System32\picn20.dll
[2010/01/19 19:16:19 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\Windows\System32\imagr5.dll
[2010/01/19 19:16:19 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\System32\imagx5.dll
[2010/01/19 19:16:19 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\Windows\System32\ImagXpr5.dll
[2010/01/19 19:16:19 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\Windows\System32\NeroCheck.exe
[2010/01/19 19:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010/01/19 19:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/01/19 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WinAVI
[2010/01/19 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\WinAVI
[2010/01/19 19:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinAVI FLV Converter
[2010/01/19 19:08:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\WinRAR
[2010/01/19 18:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/01/19 18:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/01/19 18:26:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/01/19 18:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/01/19 18:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/01/19 18:26:08 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Adobe
[2010/01/19 18:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/01/19 14:30:11 | 000,000,000 | R-SD | C] -- C:\Users\HORACIO\Documents\My Stationery
[2010/01/19 12:46:48 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/01/19 12:15:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/01/19 12:15:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/01/19 12:15:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/01/19 12:00:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:29 am

00 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/01/19 10:18:07 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/01/19 10:18:02 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/01/19 10:18:00 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/01/19 10:18:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/01/19 10:17:59 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/01/19 10:17:57 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/01/19 10:17:56 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/01/19 10:17:55 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/01/19 10:17:54 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/01/19 10:17:54 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/01/19 10:17:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/01/19 10:17:53 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/01/19 10:17:53 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/01/19 10:17:52 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/01/19 10:17:51 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/01/19 10:17:51 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/01/19 10:17:51 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/01/19 10:17:50 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/01/19 10:17:49 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2010/01/19 10:17:49 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/01/19 10:17:48 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/01/19 10:17:48 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/01/19 10:17:48 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/01/19 10:17:47 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/01/19 10:17:47 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/01/19 10:17:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/01/19 10:17:45 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/01/19 10:17:45 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2010/01/19 10:17:45 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/01/19 10:17:45 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/01/19 10:17:44 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/01/19 10:17:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/01/19 10:17:43 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/01/19 10:17:43 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/01/19 10:17:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/01/19 10:17:42 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/01/19 10:17:42 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/01/19 10:17:42 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/01/19 10:17:42 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/01/19 10:17:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/01/19 10:17:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/01/19 10:17:41 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/01/19 10:17:41 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/01/19 10:17:40 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/01/19 10:17:39 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/01/19 10:17:38 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/01/19 10:17:38 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/01/19 10:17:38 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/01/19 10:17:38 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/01/19 10:17:37 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/01/19 10:17:37 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/01/19 10:17:37 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/01/19 10:17:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/01/19 10:17:37 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/01/19 10:17:36 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/01/19 10:17:36 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/01/19 10:17:36 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/01/19 10:17:35 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/01/19 10:17:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/01/19 10:17:33 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/01/19 10:17:33 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/01/19 10:17:33 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/01/19 10:17:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/01/19 10:17:32 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/01/19 10:17:31 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/01/19 10:17:31 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/01/19 10:17:31 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/01/19 10:17:31 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2010/01/19 10:17:31 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/01/19 10:17:30 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/01/19 10:17:29 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/01/19 10:17:29 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/01/19 10:17:29 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2010/01/19 10:17:29 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2010/01/19 10:17:28 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/01/19 10:17:28 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/01/19 10:17:28 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/01/19 10:17:28 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/01/19 10:17:28 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010/01/19 10:17:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/01/19 10:17:27 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/01/19 10:17:27 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2010/01/19 10:17:26 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/01/19 10:17:26 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/01/19 10:17:26 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/01/19 10:17:26 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/01/19 10:17:26 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/01/19 10:17:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/01/19 10:17:26 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/01/19 10:17:25 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/01/19 10:17:24 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/01/19 10:17:24 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/01/19 10:17:24 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/01/19 10:17:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/01/19 10:17:23 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/01/19 10:17:23 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/01/19 10:17:23 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/01/19 10:17:23 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/01/19 10:17:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/01/19 10:17:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/01/19 10:17:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/01/19 10:17:21 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/01/19 10:17:21 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/01/19 10:17:21 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/01/19 10:17:21 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/01/19 10:17:21 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/01/19 10:17:20 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/01/19 10:17:20 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/01/19 10:17:19 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/01/19 10:17:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/01/19 10:17:16 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/01/19 10:17:16 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/01/19 10:17:16 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/01/19 10:17:16 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/01/19 10:17:16 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/01/19 10:17:15 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/01/19 10:17:15 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/01/19 10:17:15 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/01/19 10:17:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/01/19 10:17:14 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/01/19 10:17:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/01/19 10:17:14 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/01/19 10:17:13 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/01/19 10:17:13 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/01/19 10:17:13 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/01/19 10:17:12 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/01/19 10:17:12 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/01/19 10:17:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/01/19 10:17:12 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/01/19 10:17:12 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/01/19 10:17:12 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/01/19 10:17:12 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/01/19 10:17:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/01/19 10:17:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/01/19 10:17:11 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/01/19 10:17:11 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/01/19 10:17:11 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/01/19 10:17:11 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/01/19 10:17:11 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/01/19 10:17:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/01/19 10:17:10 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/01/19 10:17:10 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/01/19 10:17:10 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/01/19 10:17:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/01/19 10:17:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/01/19 10:17:03 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/01/19 10:16:54 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/01/19 10:16:52 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/01/19 10:16:51 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/01/19 10:16:51 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/01/19 10:16:50 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/01/19 10:16:50 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/01/19 10:16:50 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/01/19 10:16:50 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/01/19 10:16:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/01/19 10:16:50 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/01/19 10:16:49 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/01/19 10:16:49 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/01/19 10:16:49 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/01/19 10:16:49 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/01/19 10:16:49 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/01/19 10:16:49 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/01/19 10:16:49 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/01/19 10:16:49 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/01/19 10:16:49 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/01/19 10:16:48 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/01/19 10:16:48 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/01/19 10:16:48 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/01/19 10:16:48 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/01/19 10:16:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/01/19 10:16:48 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/01/19 10:16:48 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/01/19 10:16:48 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/01/19 10:16:48 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2010/01/19 10:16:48 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/01/19 10:16:48 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/01/19 10:16:48 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/01/19 10:16:47 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/01/19 10:16:47 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/01/19 10:16:47 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/01/19 10:16:47 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/01/19 10:16:47 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/01/19 10:16:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/01/19 10:16:47 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/01/19 10:16:47 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/01/19 10:16:46 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/01/19 10:16:46 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/01/19 10:16:46 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/01/19 10:16:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/01/19 10:16:46 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/01/19 10:16:45 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/01/19 10:16:45 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/01/19 10:16:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/01/19 10:16:45 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/01/19 10:16:45 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/01/19 10:16:45 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/01/19 10:16:45 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/01/19 10:16:45 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/01/19 10:16:45 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/01/19 10:16:45 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/01/19 10:16:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/01/19 10:16:45 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/01/19 10:16:45 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/01/19 10:16:45 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/01/19 10:16:45 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/01/19 10:16:45 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/01/19 10:16:45 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/01/19 10:16:44 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/01/19 10:16:44 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/01/19 10:16:44 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/01/19 10:16:44 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/01/19 10:16:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/01/19 10:16:44 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/01/19 10:16:44 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/01/19 10:16:44 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/01/19 10:16:44 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/01/19 10:16:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/19 10:16:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/01/19 10:16:44 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/01/19 10:16:44 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/01/19 10:16:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/01/19 10:16:43 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010/01/19 10:16:43 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/01/19 10:16:43 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/01/19 10:16:43 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/01/19 10:16:43 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/01/19 10:16:43 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/01/19 10:16:43 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/01/19 10:16:43 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/01/19 10:16:43 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/01/19 10:16:43 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/01/19 10:16:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/01/19 10:16:43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/01/19 10:16:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/01/19 10:16:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/01/19 10:16:43 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/01/19 10:16:42 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/01/19 10:16:42 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/01/19 10:16:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/01/19 10:16:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/01/19 10:16:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/01/19 10:16:41 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/01/19 10:16:41 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/01/19 10:16:41 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/01/19 10:16:41 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/01/19 10:16:41 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/01/19 10:16:41 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/01/19 10:16:41 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/01/19 10:16:41 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/01/19 10:16:41 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/01/19 10:16:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/01/19 10:16:41 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/01/19 10:16:40 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/01/19 10:16:40 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/01/19 10:16:40 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/01/19 10:16:40 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/01/19 10:16:40 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/01/19 10:16:40 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/01/19 10:16:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/01/19 10:16:40 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/01/19 10:16:40 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/01/19 10:16:40 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/01/19 10:16:40 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/01/19 10:16:40 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/01/19 10:16:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/01/19 10:16:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/01/19 10:16:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/01/19 10:16:40 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/01/19 10:16:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/01/19 10:16:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/01/19 10:16:39 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/01/19 10:16:39 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/01/19 10:16:39 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/01/19 10:16:39 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/01/19 10:16:39 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/01/19 10:16:39 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/01/19 10:16:39 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/01/19 10:16:39 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/01/19 10:16:39 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/01/19 10:16:39 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe
[2010/01/19 10:16:39 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/01/19 10:16:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/01/19 10:16:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/01/19 10:16:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/01/19 10:16:39 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/01/19 10:16:39 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/01/19 10:16:39 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/01/19 10:16:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/01/19 10:16:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/01/19 10:16:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/01/19 10:16:39 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/01/19 10:16:38 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/01/19 10:16:38 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/01/19 10:16:38 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/01/19 10:16:38 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/01/19 10:16:38 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/01/19 10:16:38 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/01/19 10:16:38 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/01/19 10:16:38 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/01/19 10:16:38 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/01/19 10:16:38 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/01/19 10:16:38 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/01/19 10:16:38 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/01/19 10:16:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/01/19 10:16:38 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/01/19 10:16:38 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/01/19 10:16:38 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/01/19 10:16:38 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/01/19 10:16:38 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/01/19 10:16:38 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/01/19 10:16:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/01/19 10:16:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/01/19 10:16:38 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/01/19 10:16:38 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/01/19 10:16:38 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/01/19 10:16:38 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/01/19 10:16:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/01/19 10:16:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys
[2010/01/19 10:16:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/01/19 10:16:38 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/01/19 10:16:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/01/19 10:16:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/01/19 10:16:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/01/19 10:16:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/01/19 10:16:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/01/19 10:16:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/01/19 10:16:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/01/19 10:16:38 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/01/19 10:16:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/01/19 10:16:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/01/19 10:16:37 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/01/19 10:16:37 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/01/19 10:16:37 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/01/19 10:16:37 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/01/19 10:16:37 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/01/19 10:16:37 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/01/19 10:16:37 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/01/19 10:16:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/01/19 10:16:37 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/01/19 10:16:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/01/19 10:16:37 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2010/01/19 10:16:37 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/01/19 10:16:37 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/01/19 10:16:37 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/01/19 10:16:37 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/01/19 10:16:37 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/01/19 10:16:37 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/01/19 10:16:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/01/19 10:16:37 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/01/19 10:16:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/01/19 10:16:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/01/19 10:16:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/01/19 10:16:36 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/01/19 10:16:36 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/01/19 10:16:36 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/01/19 10:16:36 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/01/19 10:16:36 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/01/19 10:16:36 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/01/19 10:16:36 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/01/19 10:16:36 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/01/19 10:16:36 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/01/19 10:16:36 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/01/19 10:16:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/01/19 10:16:36 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/01/19 10:16:36 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/01/19 10:16:36 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/01/19 10:16:36 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/01/19 10:16:36 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/01/19 10:16:36 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/01/19 10:16:36 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/01/19 10:16:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/01/19 10:16:36 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/01/19 10:16:36 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/01/19 10:16:36 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/01/19 10:16:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/01/19 10:16:36 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/01/19 10:16:36 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/01/19 10:16:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/01/19 10:16:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/01/19 10:16:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/01/19 10:16:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/01/19 10:16:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/01/19 10:16:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/01/19 10:16:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/01/19 10:16:35 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/01/19 10:16:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/01/19 10:16:35 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/01/19 10:16:35 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:34 am

2010/01/19 10:16:35 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/01/19 10:16:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/01/19 10:16:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/01/19 10:16:35 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/01/19 10:16:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/01/19 10:16:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/01/19 10:16:35 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/01/19 10:16:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/01/19 10:16:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/01/19 10:16:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\[You must be registered and logged in to see this link.]
[2010/01/19 10:16:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/01/19 10:16:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/01/19 10:16:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/01/19 10:16:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/01/19 10:16:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/01/19 10:16:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/01/19 10:16:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/01/19 10:16:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/01/19 10:16:34 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/01/19 10:16:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/01/19 10:16:34 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/01/19 10:16:34 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/01/19 10:16:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/01/19 10:16:34 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/01/19 10:16:34 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/01/19 10:16:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/01/19 10:16:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/01/19 10:16:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/01/19 10:16:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/01/19 10:16:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/01/19 10:16:34 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/01/19 10:16:34 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/01/19 10:16:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/01/19 10:16:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/01/19 10:16:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/01/19 10:16:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/01/19 10:16:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/01/19 10:16:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/01/19 10:16:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/01/19 10:16:34 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/01/19 10:16:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/01/19 10:16:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/01/19 10:16:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/01/19 10:16:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/01/19 10:16:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/01/19 10:16:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/01/19 10:16:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/01/19 10:16:33 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/01/19 10:16:22 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/01/19 10:16:20 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/01/19 10:16:20 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/01/19 10:16:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/01/19 02:04:01 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010/01/19 00:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/01/18 22:05:33 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\AOL
[2010/01/18 22:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2010/01/18 22:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2010/01/18 22:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2010/01/18 22:04:23 | 000,054,832 | ---- | C] (AOL LLC) -- C:\Windows\System32\AOLParconLink.exe
[2010/01/18 22:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/01/18 22:03:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
[2010/01/18 22:03:03 | 000,033,588 | ---- | C] (America Online, Inc.) -- C:\Windows\System32\drivers\wanatw4.sys
[2010/01/18 22:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2010/01/18 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\AOL
[2010/01/18 22:02:39 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\AOL 9.5
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
[2010/01/18 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aol
[2010/01/18 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
[2010/01/18 19:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010/01/18 13:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2010/01/18 12:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/01/18 12:59:49 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Citrix
[2010/01/18 12:35:05 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\IObit
[2010/01/18 12:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/01/18 11:47:58 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imagesp1.dll
[2010/01/18 11:47:54 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2010/01/18 11:47:45 | 001,675,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpssvcs.dll
[2010/01/18 11:47:43 | 008,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizimg.dll
[2010/01/18 11:47:43 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2010/01/18 11:47:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2010/01/18 11:47:40 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2010/01/18 11:47:38 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompMgmtLauncher.exe
[2010/01/18 11:47:35 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm60.dll
[2010/01/18 11:47:31 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ADEC.DLL
[2010/01/18 11:47:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/01/18 11:47:28 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlmgp.dll
[2010/01/18 11:47:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2010/01/18 11:47:26 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2010/01/18 11:47:21 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2010/01/18 11:47:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2010/01/18 11:47:15 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2010/01/18 11:47:14 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2010/01/18 11:47:14 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmipnpinstall.dll
[2010/01/18 11:47:14 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2010/01/18 11:47:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmicryptinstall.dll
[2010/01/18 11:47:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gacinstall.dll
[2010/01/18 11:47:12 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2010/01/18 11:47:10 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlceqp30.dll
[2010/01/18 11:47:10 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/01/18 11:47:09 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
[2010/01/18 11:47:06 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authfwcfg.dll
[2010/01/18 11:47:05 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2010/01/18 11:47:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2010/01/18 11:47:04 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uexfat.dll
[2010/01/18 11:47:03 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2010/01/18 11:47:03 | 000,163,840 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\DfrgNtfs.exe
[2010/01/18 11:46:58 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2010/01/18 11:46:58 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssha.dll
[2010/01/18 11:46:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2010/01/18 11:46:56 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2010/01/18 11:46:55 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
[2010/01/18 11:46:54 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2010/01/18 11:46:54 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\objsel.dll
[2010/01/18 11:46:54 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2010/01/18 11:46:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
[2010/01/18 11:46:53 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2010/01/18 11:46:52 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2010/01/18 11:46:52 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2010/01/18 11:46:50 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/01/18 11:46:50 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2010/01/18 11:46:49 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2010/01/18 11:46:48 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/01/18 11:46:48 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2010/01/18 11:46:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2010/01/18 11:46:47 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2010/01/18 11:46:47 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2010/01/18 11:46:46 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcuiu.dll
[2010/01/18 11:46:45 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2010/01/18 11:46:45 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2010/01/18 11:46:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2010/01/18 11:46:43 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010/01/18 11:46:43 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
[2010/01/18 11:46:42 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpui.dll
[2010/01/18 11:46:40 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsnap.dll
[2010/01/18 11:46:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2010/01/18 11:46:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2010/01/18 11:46:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/01/18 11:46:37 | 004,595,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2010/01/18 11:46:37 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2010/01/18 11:46:37 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2010/01/18 11:46:37 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2010/01/18 11:46:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2010/01/18 11:46:36 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/01/18 11:46:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlancfg.dll
[2010/01/18 11:46:35 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2010/01/18 11:46:35 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010/01/18 11:46:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcVSp1res.dll
[2010/01/18 11:46:34 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2010/01/18 11:46:34 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/01/18 11:46:34 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll
[2010/01/18 11:46:33 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2010/01/18 11:46:33 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\filemgmt.dll
[2010/01/18 11:46:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2010/01/18 11:46:33 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPMONTR.DLL
[2010/01/18 11:46:33 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2010/01/18 11:46:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2010/01/18 11:46:32 | 001,295,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsecedit.dll
[2010/01/18 11:46:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2010/01/18 11:46:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2010/01/18 11:46:32 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2010/01/18 11:46:32 | 000,016,896 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2010/01/18 11:46:31 | 000,498,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2010/01/18 11:46:31 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2010/01/18 11:46:31 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2010/01/18 11:46:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2010/01/18 11:46:30 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msra.exe
[2010/01/18 11:46:30 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2010/01/18 11:46:30 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/01/18 11:46:30 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2010/01/18 11:46:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2010/01/18 11:46:29 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unbcl.dll
[2010/01/18 11:46:29 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrink.dll
[2010/01/18 11:46:28 | 001,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2010/01/18 11:46:28 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/01/18 11:46:25 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
[2010/01/18 11:46:25 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2010/01/18 11:46:24 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2010/01/18 11:46:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2010/01/18 11:46:22 | 000,155,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
[2010/01/18 11:46:22 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/01/18 11:46:21 | 000,913,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2010/01/18 11:46:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsnt.dll
[2010/01/18 11:46:20 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2010/01/18 11:46:20 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2010/01/18 11:46:20 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2010/01/18 11:46:20 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll
[2010/01/18 11:46:19 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrvut.dll
[2010/01/18 11:46:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2010/01/18 11:46:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2010/01/18 11:46:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2010/01/18 11:46:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2010/01/18 11:46:17 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2010/01/18 11:46:17 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2010/01/18 11:46:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2010/01/18 11:46:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2010/01/18 11:46:15 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPSTAT.EXE
[2010/01/18 11:46:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2010/01/18 11:46:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2010/01/18 11:46:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2010/01/18 11:46:13 | 008,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/01/18 11:46:13 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\catsrv.dll
[2010/01/18 11:46:13 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdlgs.dll
[2010/01/18 11:46:13 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2010/01/18 11:46:13 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010/01/18 11:46:13 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2010/01/18 11:46:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2010/01/18 11:46:12 | 002,585,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.exe
[2010/01/18 11:46:12 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2010/01/18 11:46:12 | 000,096,768 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\dfrgfat.exe
[2010/01/18 11:46:11 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2010/01/18 11:46:11 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2010/01/18 11:46:11 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2010/01/18 11:46:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
[2010/01/18 11:46:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.dll
[2010/01/18 11:46:10 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2010/01/18 11:46:10 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2010/01/18 11:46:09 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2010/01/18 11:46:08 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hhctrl.ocx
[2010/01/18 11:46:08 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2010/01/18 11:46:07 | 000,226,816 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2010/01/18 11:46:07 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprmsg.dll
[2010/01/18 11:46:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2010/01/18 11:46:06 | 001,405,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActiveContentWizard.dll
[2010/01/18 11:46:06 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatUI.dll
[2010/01/18 11:46:06 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2P.dll
[2010/01/18 11:46:06 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
[2010/01/18 11:46:05 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2010/01/18 11:46:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2010/01/18 11:46:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2010/01/18 11:46:05 | 000,094,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MigAutoPlay.exe
[2010/01/18 11:46:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/01/18 11:46:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loghours.dll
[2010/01/18 11:46:05 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
[2010/01/18 11:46:04 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtm.dll
[2010/01/18 11:46:04 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys
[2010/01/18 11:46:04 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2010/01/18 11:46:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2010/01/18 11:46:03 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
[2010/01/18 11:46:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2010/01/18 11:46:02 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswmdm.dll
[2010/01/18 11:46:02 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbmon.dll
[2010/01/18 11:46:02 | 000,024,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BOOTVID.DLL
[2010/01/18 11:46:01 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssadmin.exe
[2010/01/18 11:46:00 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlandlg.dll
[2010/01/18 11:46:00 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mycomput.dll
[2010/01/18 11:46:00 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2010/01/18 11:46:00 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uudf.dll
[2010/01/18 11:46:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.tlb
[2010/01/18 11:45:59 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspaint.exe
[2010/01/18 11:45:59 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:35 am

08 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
[2010/01/18 11:45:58 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cic.dll
[2010/01/18 11:45:58 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxoci.dll
[2010/01/18 11:45:58 | 000,087,552 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2010/01/18 11:45:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2010/01/18 11:45:57 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys
[2010/01/18 11:45:56 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010/01/18 11:45:56 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdt.exe
[2010/01/18 11:45:56 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.exe
[2010/01/18 11:45:56 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdshext.dll
[2010/01/18 11:45:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtclog.dll
[2010/01/18 11:45:55 | 001,039,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d8.dll
[2010/01/18 11:45:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmview.ocx
[2010/01/18 11:45:54 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcbase.dll
[2010/01/18 11:45:54 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
[2010/01/18 11:45:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
[2010/01/18 11:45:54 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/01/18 11:45:54 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2010/01/18 11:45:54 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsldr.exe
[2010/01/18 11:45:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaatext.dll
[2010/01/18 11:45:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasqec.dll
[2010/01/18 11:45:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncobjapi.dll
[2010/01/18 11:45:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2010/01/18 11:45:53 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/01/18 11:45:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/01/18 11:45:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/01/18 11:45:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2010/01/18 11:45:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lnkstub.exe
[2010/01/18 11:45:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2010/01/18 11:45:51 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ogldrv.dll
[2010/01/18 11:45:51 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2010/01/18 11:45:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2010/01/18 11:45:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfdts.dll
[2010/01/18 11:45:50 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pcollab.dll
[2010/01/18 11:45:50 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2010/01/18 11:45:50 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdspres.dll
[2010/01/18 11:45:49 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispdiag.exe
[2010/01/18 11:45:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DHCPQEC.DLL
[2010/01/18 11:45:46 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\verifier.dll
[2010/01/18 11:45:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RstrtMgr.dll
[2010/01/18 11:45:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efsadu.dll
[2010/01/18 11:45:42 | 002,249,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Firewall.cpl
[2010/01/18 11:45:42 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/01/18 11:45:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiascanprofiles.dll
[2010/01/18 11:45:42 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2010/01/18 11:45:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/01/18 11:45:42 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icacls.exe
[2010/01/18 11:45:41 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrdc.dll
[2010/01/18 11:45:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2pnetsh.dll
[2010/01/18 11:45:41 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactsrv.dll
[2010/01/18 11:45:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2010/01/18 11:45:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssocPrx.dll
[2010/01/18 11:45:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2010/01/18 11:45:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systeminfo.exe
[2010/01/18 11:45:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
[2010/01/18 11:45:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2010/01/18 11:45:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/01/18 11:45:39 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2010/01/18 11:45:39 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwizards.dll
[2010/01/18 11:45:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/01/18 11:45:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdl32.exe
[2010/01/18 11:45:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2010/01/18 11:45:38 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netprof.dll
[2010/01/18 11:45:38 | 000,614,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2010/01/18 11:45:38 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2010/01/18 11:45:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2010/01/18 11:45:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbnetlib.dll
[2010/01/18 11:45:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgifc.exe
[2010/01/18 11:45:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2010/01/18 11:45:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\btpanui.dll
[2010/01/18 11:45:36 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apircl.dll
[2010/01/18 11:45:35 | 000,975,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2010/01/18 11:45:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2010/01/18 11:45:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2010/01/18 11:45:35 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txflog.dll
[2010/01/18 11:45:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskkill.exe
[2010/01/18 11:45:35 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll
[2010/01/18 11:45:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdprov.dll
[2010/01/18 11:45:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
[2010/01/18 11:45:34 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\provthrd.dll
[2010/01/18 11:45:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2010/01/18 11:45:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EAPQEC.DLL
[2010/01/18 11:45:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmocx.dll
[2010/01/18 11:45:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/01/18 11:45:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raserver.exe
[2010/01/18 11:45:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcplsdw.dll
[2010/01/18 11:45:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/01/18 11:45:32 | 002,588,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIHub.dll
[2010/01/18 11:45:32 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2010/01/18 11:45:32 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2010/01/18 11:45:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xcopy.exe
[2010/01/18 11:45:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ias.dll
[2010/01/18 11:45:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsfiltr.dll
[2010/01/18 11:45:31 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/01/18 11:45:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2010/01/18 11:45:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mountvol.exe
[2010/01/18 11:45:30 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayApi.dll
[2010/01/18 11:45:30 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2010/01/18 11:45:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2010/01/18 11:45:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
[2010/01/18 11:45:29 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2010/01/18 11:45:29 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2010/01/18 11:45:29 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2010/01/18 11:45:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2010/01/18 11:45:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2010/01/18 11:45:29 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SoundRecorder.exe
[2010/01/18 11:45:29 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010/01/18 11:45:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2010/01/18 11:45:28 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2010/01/18 11:45:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2010/01/18 11:45:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtstocom.exe
[2010/01/18 11:45:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\makecab.exe
[2010/01/18 11:45:28 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SecEdit.exe
[2010/01/18 11:45:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2010/01/18 11:45:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/01/18 11:45:27 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdadiag.dll
[2010/01/18 11:45:27 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010/01/18 11:45:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfapi.dll
[2010/01/18 11:45:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
[2010/01/18 11:45:27 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xwtpw32.dll
[2010/01/18 11:45:27 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wzcdlg.dll
[2010/01/18 11:45:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2010/01/18 11:45:27 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3gpclnt.dll
[2010/01/18 11:45:26 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2010/01/18 11:45:26 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apss.dll
[2010/01/18 11:45:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
[2010/01/18 11:45:26 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2010/01/18 11:45:26 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2010/01/18 11:45:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscmisetup.dll
[2010/01/18 11:45:25 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2010/01/18 11:45:25 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2010/01/18 11:45:25 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\keymgr.dll
[2010/01/18 11:45:25 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2010/01/18 11:45:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll
[2010/01/18 11:45:25 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2010/01/18 11:45:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/01/18 11:45:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napipsec.dll
[2010/01/18 11:45:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxstrace.exe
[2010/01/18 11:45:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2010/01/18 11:45:25 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmutil.exe
[2010/01/18 11:45:24 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim700.dll
[2010/01/18 11:45:24 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colorui.dll
[2010/01/18 11:45:24 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/01/18 11:45:24 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2010/01/18 11:45:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TapiMigPlugin.dll
[2010/01/18 11:45:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tasklist.exe
[2010/01/18 11:45:24 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2010/01/18 11:45:23 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2010/01/18 11:45:23 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/01/18 11:45:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2010/01/18 11:45:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\driverquery.exe
[2010/01/18 11:45:23 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winethc.dll
[2010/01/18 11:45:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdll.dll
[2010/01/18 11:45:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2010/01/18 11:45:23 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/01/18 11:45:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\txfw32.dll
[2010/01/18 11:45:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscproxystub.dll
[2010/01/18 11:45:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findnetprinters.dll
[2010/01/18 11:45:22 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmiprop.dll
[2010/01/18 11:45:22 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capisp.dll
[2010/01/18 11:45:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pots.dll
[2010/01/18 11:45:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\joy.cpl
[2010/01/18 11:45:21 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shrpubw.exe
[2010/01/18 11:45:21 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2010/01/18 11:45:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2010/01/18 11:45:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnshc.dll
[2010/01/18 11:45:20 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
[2010/01/18 11:45:20 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2010/01/18 11:45:20 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dim.dll
[2010/01/18 11:45:20 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compstui.dll
[2010/01/18 11:45:20 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanHC.dll
[2010/01/18 11:45:20 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2010/01/18 11:45:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaacmgr.exe
[2010/01/18 11:45:20 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olecli32.dll
[2010/01/18 11:45:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2010/01/18 11:45:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\getmac.exe
[2010/01/18 11:45:20 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
[2010/01/18 11:45:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2010/01/18 11:45:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
[2010/01/18 11:45:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RpcPing.exe
[2010/01/18 11:45:20 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmlua.dll
[2010/01/18 11:45:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfnet.dll
[2010/01/18 11:45:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ktmw32.dll
[2010/01/18 11:45:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2010/01/18 11:45:19 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2010/01/18 11:45:19 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdminst.dll
[2010/01/18 11:45:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2010/01/18 11:45:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net.exe
[2010/01/18 11:45:19 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2010/01/18 11:45:18 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2010/01/18 11:45:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdchange.exe
[2010/01/18 11:45:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACW.exe
[2010/01/18 11:45:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/01/18 11:45:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpts.dll
[2010/01/18 11:45:17 | 001,370,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Aurora.scr
[2010/01/18 11:45:17 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dinput8.dll
[2010/01/18 11:45:17 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWiaCompat.dll
[2010/01/18 11:45:17 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diantz.exe
[2010/01/18 11:45:17 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comrepl.dll
[2010/01/18 11:45:17 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmutil.dll
[2010/01/18 11:45:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/01/18 11:45:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfc.exe
[2010/01/18 11:45:16 | 000,879,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2010/01/18 11:45:16 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2010/01/18 11:45:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2010/01/18 11:45:16 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmidx.dll
[2010/01/18 11:45:16 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmvdspa.dll
[2010/01/18 11:45:16 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\McxDriv.dll
[2010/01/18 11:45:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TpmInit.exe
[2010/01/18 11:45:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2010/01/18 11:45:16 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2010/01/18 11:45:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\colbact.dll
[2010/01/18 11:45:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fwcfg.dll
[2010/01/18 11:45:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\expand.exe
[2010/01/18 11:45:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgbkend.dll
[2010/01/18 11:45:16 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2010/01/18 11:45:16 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmredir.dll
[2010/01/18 11:45:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2010/01/18 11:45:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bridgeunattend.exe
[2010/01/18 11:45:15 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2010/01/18 11:45:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2010/01/18 11:45:15 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sti_ci.dll
[2010/01/18 11:45:15 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentutl.exe
[2010/01/18 11:45:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootcfg.exe
[2010/01/18 11:45:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2010/01/18 11:45:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osblprov.dll
[2010/01/18 11:45:15 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vds_ps.dll
[2010/01/18 11:45:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\waitfor.exe
[2010/01/18 11:45:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmcfg32.dll
[2010/01/18 11:45:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrleakdiag.exe
[2010/01/18 11:45:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2010/01/18 11:45:14 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2010/01/18 11:45:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2010/01/18 11:45:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shutdown.exe
[2010/01/18 11:45:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cacls.exe
[2010/01/18 11:45:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/01/18 11:45:14 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll
[2010/01/18 11:45:13 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2010/01/18 11:45:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2010/01/18 11:45:13 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2010/01/18 11:45:13 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DpiScaling.exe
[2010/01/18 11:45:13 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ufat.dll
[2010/01/18 11:45:13 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2010/01/18 11:45:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsiwmi.dll
[2010/01/18 11:45:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2010/01/18 11:45:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnpinst.exe
[2010/01/18 11:45:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2010/01/18 11:45:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olesvr32.dll
[2010/01/18 11:45:13 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpcm.dll
[2010/01/18 11:45:12 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWGP.dll
[2010/01/18 11:45:12 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2010/01/18 11:45:12 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rgb9rast.dll
[2010/01/18 11:45:12 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2010/01/18 11:45:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dskquota.dll
[2010/01/18 11:45:12 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucsvc.exe
[2010/01/18 11:45:12 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TimeDateMUICallback.dll
[2010/01/18 11:45:12 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegCtrl.dll
[2010/01/18 11:45:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2010/01/18 11:45:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2010/01/18 11:45:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\at.exe
[2010/01/18 11:45:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2010/01/18 11:45:12 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\convert.exe
[2010/01/18 11:45:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlprovi.dll
[2010/01/18 11:45:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsied.dll
[2010/01/18 11:45:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AtBroker.exe
[2010/01/18 11:45:11 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2010/01/18 11:45:10 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmime.dll
[2010/01/18 11:45:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2010/01/18 11:45:10 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GuidedHelp.dll
[2010/01/18 11:45:10 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2010/01/18 11:45:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattendedjoin.exe
[2010/01/18 11:45:09 | 005,714,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logon.scr
[2010/01/18 11:45:09 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsdmo.dll
[2010/01/18 11:45:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
[2010/01/18 11:45:09 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbui.dll
[2010/01/18 11:45:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2010/01/18 11:45:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2010/01/18 11:45:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2010/01/18 11:45:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2010/01/18 11:45:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2010/01/18 11:45:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2010/01/18 11:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
[2010/01/18 11:45:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3dlg.dll
[2010/01/18 11:45:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regini.exe
[2010/01/18 11:45:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmpbk32.dll
[2010/01/18 11:45:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/01/18 11:45:09 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
[2010/01/18 11:45:09 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/01/18 11:45:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2010/01/18 11:45:08 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpclsp.dll
[2010/01/18 11:45:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\graftabl.com
[2010/01/18 11:45:08 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxlegih.dll
[2010/01/18 11:45:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcsubs.dll
[2010/01/18 11:45:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vss_ps.dll
[2010/01/18 11:45:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys
[2010/01/18 11:45:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srwmi.dll
[2010/01/18 11:45:08 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnpcont.exe
[2010/01/18 11:45:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxdm.dll
[2010/01/18 11:45:08 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
[2010/01/18 11:45:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSRPC.DLL
[2010/01/18 11:45:08 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbtstat.exe
[2010/01/18 11:45:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstplua.dll
[2010/01/18 11:45:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2010/01/18 11:45:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
[2010/01/18 11:45:07 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2010/01/18 11:45:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2010/01/18 11:45:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extrac32.exe
[2010/01/18 11:45:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2010/01/18 11:45:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2010/01/18 11:45:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasphone.exe
[2010/01/18 11:45:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2010/01/18 11:45:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndfetw.dll
[2010/01/18 11:45:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcbcp.dll
[2010/01/18 11:45:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syskey.exe
[2010/01/18 11:45:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eventcls.dll
[2010/01/18 11:45:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
[2010/01/18 11:45:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\procinst.dll
[2010/01/18 11:45:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dxof.dll
[2010/01/18 11:45:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2010/01/18 11:45:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadss.dll
[2010/01/18 11:45:05 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabbtn.dll
[2010/01/18 11:45:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmscript.dll
[2010/01/18 11:45:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabbtnEx.dll
[2010/01/18 11:45:05 | 000,041,472 | ---- | C] (Microsoft) -- C:\Windows\System32\WlanMmHC.dll
[2010/01/18 11:45:05 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psbase.dll
[2010/01/18 11:45:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollCtrl.exe
[2010/01/18 11:45:04 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmloader.dll
[2010/01/18 11:45:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2010/01/18 11:45:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Netplwiz.exe
[2010/01/18 11:45:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2010/01/18 11:45:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2010/01/18 11:45:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lltdapi.dll
[2010/01/18 11:45:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxsstore.dll
[2010/01/18 11:45:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2010/01/18 11:45:03 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
[2010/01/18 11:45:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/01/18 11:45:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2010/01/18 11:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
[2010/01/18 11:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
[2010/01/18 11:45:02 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OptionalFeatures.exe
[2010/01/18 11:45:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2010/01/18 11:45:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ComputerDefaults.exe
[2010/01/18 11:45:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2010/01/18 11:45:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll
[2010/01/18 11:45:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmutil.dll
[2010/01/18 11:45:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2010/01/18 11:45:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\serialui.dll
[2010/01/18 11:45:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localui.dll
[2010/01/18 11:45:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupSNK.exe
[2010/01/18 11:45:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/01/18 11:45:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cofiredm.dll
[2010/01/18 11:45:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2010/01/18 11:45:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usbperf.dll
[2010/01/18 11:44:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2010/01/18 11:44:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasctrs.dll
[2010/01/18 11:44:58 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/01/18 11:44:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2010/01/18 11:44:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esentprf.dll
[2010/01/18 11:44:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hnetmon.dll
[2010/01/18 11:44:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InfDefaultInstall.exe
[2010/01/18 11:44:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtprio.dll
[2010/01/18 11:44:57 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2010/01/18 11:44:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll
[2010/01/18 11:44:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/01/18 11:44:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2010/01/18 11:44:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
[2010/01/18 11:44:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2010/01/18 11:44:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2010/01/18 11:44:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Nlsdl.dll
[2010/01/18 11:44:45 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys
[2010/01/18 11:44:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\idndl.dll
[2010/01/18 11:44:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys
[2010/01/18 11:44:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
[2010/01/18 11:44:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rootmdm.sys
[2010/01/18 11:44:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/01/18 11:44:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys
[2010/01/18 11:44:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys
[2010/01/18 11:44:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDJPN.DLL
[2010/01/18 11:44:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDKOR.DLL
[2010/01/18 11:44:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\umpass.sys
[2010/01/18 11:44:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga256.dll
[2010/01/18 11:44:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2010/01/18 11:44:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsddd.dll
[2010/01/18 11:44:39 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framebuf.dll
[2010/01/18 11:44:39 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010/01/18 11:44:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga64k.dll
[2010/01/18 11:44:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vga.dll
[2010/01/18 11:44:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootstr.dll
[2010/01/18 11:44:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2010/01/18 11:44:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskres2.dll
[2010/01/18 11:44:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wertargets.wtl
[2010/01/18 11:43:47 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2010/01/18 11:43:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiInstaller.dll
[2010/01/18 11:43:44 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2010/01/18 11:43:23 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdelta.dll
[2010/01/18 11:43:23 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/01/18 11:43:23 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspatcha.dll
[2010/01/18 11:20:06 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:37 am

2010/01/18 11:18:04 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\LogiShrd
[2010/01/18 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Leadertech
[2010/01/18 11:16:00 | 000,199,192 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\lvci1201278.dll
[2010/01/18 11:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/01/18 11:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2010/01/18 11:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/01/18 11:09:06 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\My Received Files
[2010/01/18 09:16:04 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\My Google Gadgets
[2010/01/18 09:00:21 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\InstallShield
[2010/01/18 09:00:13 | 000,360,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvraiins.dll
[2010/01/18 09:00:13 | 000,360,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvraidco.dll
[2010/01/18 08:47:07 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\iolo
[2010/01/18 08:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2010/01/18 01:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2010/01/18 01:14:25 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2010/01/18 00:50:04 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Tracing
[2010/01/18 00:45:46 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010/01/18 00:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/01/18 00:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/01/18 00:42:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/01/18 00:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/01/18 00:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/01/18 00:41:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/01/18 00:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/01/18 00:37:48 | 001,146,184 | ---- | C] (Microsoft Corporation) -- C:\Users\HORACIO\Desktop\wlsetup-web.exe
[2010/01/18 00:28:49 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/01/18 00:28:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/01/18 00:28:49 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/01/18 00:28:48 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/01/18 00:28:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/01/18 00:28:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/01/18 00:28:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/01/18 00:28:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/01/18 00:28:46 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/01/18 00:28:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/01/18 00:28:45 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/01/18 00:28:45 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/01/18 00:28:45 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/01/18 00:28:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/01/18 00:28:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/01/18 00:28:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/01/18 00:28:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/01/18 00:28:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/01/18 00:28:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/01/18 00:28:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/01/18 00:28:41 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/01/18 00:28:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/01/18 00:28:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/01/18 00:28:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/01/18 00:28:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/01/18 00:28:41 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/01/18 00:28:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/01/18 00:28:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/01/18 00:28:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/01/18 00:28:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/01/18 00:28:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/01/18 00:28:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/01/18 00:28:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/01/18 00:28:39 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/01/18 00:28:39 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/01/18 00:28:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/01/18 00:28:38 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/01/18 00:28:38 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/01/18 00:28:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/01/18 00:28:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/01/18 00:28:36 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/01/18 00:28:35 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/01/18 00:28:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/01/18 00:28:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/01/18 00:28:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/01/18 00:28:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/01/18 00:28:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/01/18 00:28:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/01/18 00:28:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/01/18 00:28:29 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/01/18 00:28:29 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/01/18 00:28:28 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/01/18 00:28:27 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/01/18 00:28:27 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/01/18 00:28:27 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/01/18 00:28:26 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/01/18 00:28:25 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/01/18 00:28:25 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/01/18 00:28:25 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/01/18 00:28:24 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/01/18 00:28:24 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/01/18 00:28:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/01/18 00:28:23 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/01/18 00:28:22 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/01/18 00:28:21 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/01/18 00:28:21 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/01/18 00:28:20 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/01/18 00:28:14 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/01/18 00:28:14 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/01/18 00:28:14 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/01/18 00:28:13 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/01/18 00:28:13 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/01/18 00:28:12 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/01/18 00:28:11 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/01/18 00:28:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/01/18 00:28:08 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/01/18 00:26:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/01/17 23:53:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Apple Computer
[2010/01/17 23:53:12 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Apple Computer
[2010/01/17 23:53:07 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/01/17 23:53:07 | 000,026,600 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2010/01/17 23:53:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/01/17 23:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/01/17 23:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/01/17 23:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/01/17 23:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/01/17 23:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/17 23:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/01/17 23:50:45 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Apple
[2010/01/17 23:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/01/17 23:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/01/17 23:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/01/17 23:49:03 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\vlc
[2010/01/17 23:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/01/17 23:42:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\VistaCodecs
[2010/01/17 23:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\VistaCodecPack
[2010/01/17 23:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs
[2010/01/17 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\Documents\Stardock
[2010/01/17 23:37:38 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Stardock
[2010/01/17 23:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2010/01/17 23:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Stardock
[2010/01/17 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Google
[2010/01/17 23:30:00 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Google
[2010/01/17 23:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/01/17 23:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/01/17 23:24:59 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/01/17 23:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/01/17 23:10:18 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/17 23:10:18 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/17 23:10:18 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/01/17 23:10:18 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/01/17 23:10:18 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/17 23:10:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/17 23:10:18 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/01/17 23:10:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/01/17 23:10:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/17 23:10:17 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/17 23:10:17 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/01/17 23:10:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/01/17 23:10:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/17 23:10:17 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/17 23:10:17 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/01/17 23:10:17 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/01/17 23:10:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/17 23:10:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/01/17 23:10:16 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/17 23:10:16 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/01/17 23:10:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/17 23:10:16 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/01/17 23:10:15 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/01/17 23:10:15 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/01/17 23:10:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/01/17 23:10:15 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/01/17 23:10:15 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/01/17 23:10:15 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010/01/17 23:09:00 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/01/17 22:54:27 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/01/17 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010/01/17 22:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/01/17 22:27:57 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod178.dll
[2010/01/17 22:27:57 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010/01/17 22:27:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/01/17 22:25:40 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Macromedia
[2010/01/17 22:25:40 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Adobe
[2010/01/17 22:25:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/01/17 22:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/01/17 22:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/01/17 22:08:14 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/01/17 22:07:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/01/17 22:06:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/01/17 22:06:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/01/17 22:05:48 | 000,000,000 | ---D | C] -- C:\Boot
[2010/01/17 22:05:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
[2010/01/17 22:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/17 22:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/01/17 21:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/01/17 21:53:38 | 000,986,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys
[2010/01/17 21:53:38 | 000,659,968 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys
[2010/01/17 21:53:38 | 000,386,560 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
[2010/01/17 21:53:38 | 000,258,048 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys
[2010/01/17 21:53:38 | 000,163,840 | ---- | C] (Conexant Systems, Inc) -- C:\Windows\System32\uci32113.dll
[2010/01/17 21:53:38 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll
[2010/01/17 21:53:38 | 000,012,672 | ---- | C] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys
[2010/01/17 21:53:38 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys
[2010/01/17 21:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2010/01/17 21:50:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010/01/17 21:49:28 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/01/17 21:49:23 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/01/17 21:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/01/17 21:46:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010/01/17 21:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2010/01/17 21:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/01/17 21:26:17 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/17 21:26:17 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/17 21:26:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/17 21:26:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/17 21:26:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/17 21:25:17 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/01/17 21:25:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/01/17 21:21:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/17 21:21:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/17 21:21:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/17 21:21:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/17 21:21:04 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/17 21:21:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/17 21:21:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/17 21:21:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/17 21:21:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/17 21:17:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/17 21:17:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/17 21:17:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/17 21:17:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/17 21:17:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/17 21:16:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/17 21:16:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/17 21:16:21 | 001,073,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010/01/17 21:16:21 | 000,753,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2010/01/17 21:16:21 | 000,413,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2010/01/17 21:16:21 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010/01/17 21:15:22 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/17 21:13:33 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/17 21:13:33 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/17 21:13:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/17 21:13:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/17 21:13:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/17 21:13:32 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/17 21:12:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/17 21:04:42 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\SupportSoft
[2010/01/17 21:04:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2010/01/17 21:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2010/01/17 21:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor
[2010/01/17 21:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2010/01/17 21:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2010/01/17 21:03:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2010/01/17 21:03:44 | 000,000,000 | ---D | C] -- C:\dell
[2010/01/17 21:03:12 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/17 21:03:12 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/17 21:02:11 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Deployment
[2010/01/17 21:02:11 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Apps
[2010/01/17 20:58:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/17 20:58:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/17 20:55:03 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/17 20:54:01 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\mIRC

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:38 am

[2010/01/17 20:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010/01/17 20:50:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/17 20:48:12 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/17 20:47:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/01/17 20:47:30 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/17 20:47:30 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/01/17 20:47:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/01/17 20:42:07 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/01/17 20:42:07 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/01/17 20:42:07 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/01/17 20:42:07 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/01/17 20:42:06 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/01/17 20:42:06 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/01/17 20:42:06 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/01/17 20:42:06 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/01/17 20:42:05 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/01/17 20:42:05 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/01/17 20:42:05 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/01/17 20:42:05 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/01/17 20:42:04 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/01/17 20:42:04 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/01/17 20:42:04 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/01/17 20:42:04 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/01/17 20:42:03 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/01/17 20:42:03 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/01/17 20:42:03 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/01/17 20:42:02 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/01/17 20:42:02 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/01/17 20:42:01 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/01/17 20:42:01 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/01/17 20:42:01 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/01/17 20:42:01 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/01/17 20:42:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/01/17 20:42:00 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/01/17 20:42:00 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/01/17 20:41:59 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/01/17 20:41:59 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/01/17 20:41:59 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/01/17 20:41:59 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/01/17 20:41:58 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/01/17 20:41:58 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/01/17 20:41:58 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/01/17 20:41:58 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/01/17 20:41:57 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/01/17 20:41:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/01/17 20:41:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/01/17 20:41:56 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/01/17 20:41:56 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/01/17 20:41:56 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/01/17 20:41:56 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/01/17 20:41:55 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/01/17 20:41:55 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/01/17 20:41:55 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/01/17 20:41:55 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/01/17 20:41:55 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/01/17 20:41:54 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/01/17 20:41:54 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/01/17 20:41:54 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/01/17 20:41:53 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/01/17 20:41:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/01/17 20:41:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/01/17 20:41:53 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/01/17 20:41:52 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/01/17 20:41:52 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/01/17 20:41:52 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/01/17 20:41:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/01/17 20:41:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/01/17 20:41:51 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/01/17 20:41:51 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/01/17 20:41:51 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/01/17 20:41:51 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/01/17 20:41:50 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/01/17 20:41:50 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/01/17 20:41:50 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/01/17 20:41:50 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/01/17 20:41:49 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/01/17 20:41:49 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/01/17 20:41:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/01/17 20:41:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/01/17 20:39:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/01/17 20:32:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/17 20:32:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/17 20:30:09 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/01/17 20:29:35 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/17 20:29:18 | 000,181,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/17 20:28:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/01/17 20:28:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/17 20:28:19 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/17 20:24:11 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/01/17 20:09:51 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/17 20:00:43 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/17 20:00:43 | 001,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/17 20:00:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/17 19:59:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/01/17 19:58:16 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/17 19:58:03 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/17 19:57:12 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/17 19:56:38 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/17 19:56:37 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/17 19:56:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/17 19:56:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/17 19:56:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/17 19:15:59 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Searches
[2010/01/17 19:15:51 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Identities
[2010/01/17 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Contacts
[2010/01/17 19:15:47 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\VirtualStore
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\AppData\Local\Temporary Internet Files
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Templates
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Start Menu
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\SendTo
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Recent
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\PrintHood
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\NetHood
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Documents\My Videos
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Documents\My Pictures
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Documents\My Music
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\My Documents
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Local Settings
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\AppData\Local\History
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Cookies
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\Application Data
[2010/01/17 19:15:41 | 000,000,000 | -HSD | C] -- C:\Users\HORACIO\AppData\Local\Application Data
[2010/01/17 19:15:40 | 000,000,000 | --SD | C] -- C:\Users\HORACIO\AppData\Roaming\Microsoft
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Videos
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Saved Games
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Pictures
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Music
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Links
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Favorites
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Downloads
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Documents
[2010/01/17 19:15:40 | 000,000,000 | R--D | C] -- C:\Users\HORACIO\Desktop
[2010/01/17 19:15:40 | 000,000,000 | -H-D | C] -- C:\Users\HORACIO\AppData
[2010/01/17 19:15:40 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Local\Microsoft
[2010/01/17 19:15:40 | 000,000,000 | ---D | C] -- C:\Users\HORACIO\AppData\Roaming\Media Center Programs
[2010/01/17 19:14:51 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/17 19:14:51 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/17 19:14:23 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/17 19:14:23 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/17 19:14:23 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/17 19:13:52 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/17 19:13:52 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/17 19:09:07 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/01/11 22:18:00 | 013,679,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010/01/11 22:18:00 | 001,515,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010/01/11 22:18:00 | 000,962,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010/01/11 22:18:00 | 000,129,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
[2010/01/11 22:18:00 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/02 19:45:39 | 003,145,728 | -HS- | M] () -- C:\Users\HORACIO\NTUSER.DAT
[2010/02/02 19:43:11 | 000,827,424 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.dat
[2010/02/02 19:34:38 | 000,000,496 | ---- | M] () -- C:\Users\Public\Desktop\RDesc.lnk
[2010/02/02 19:34:13 | 000,006,004 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.idx
[2010/02/02 19:34:12 | 000,900,026 | ---- | M] (Bllua ) -- C:\Users\HORACIO\Desktop\Instalar_RDesc_2.27.exe
[2010/02/02 19:30:34 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/02 19:30:34 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/02 18:47:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/02 18:36:04 | 006,299,344 | ---- | M] () -- C:\Users\HORACIO\Desktop\Resetter_v2.2.0.0.rar
[2010/02/02 17:30:42 | 000,052,941 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/02/02 17:30:42 | 000,052,941 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/02/02 17:30:41 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/02/02 17:30:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/02 15:48:25 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0DA21C02-D373-4E84-BC24-7AB1B6914BEF}.job
[2010/02/02 13:19:03 | 000,077,312 | ---- | M] () -- C:\Users\HORACIO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/02 13:11:09 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/02/02 13:10:45 | 000,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/02 13:10:45 | 000,598,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/02 13:10:45 | 000,101,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/02 13:09:52 | 029,635,880 | ---- | M] (Apple Inc.) -- C:\Users\HORACIO\Desktop\SafariSetup.exe
[2010/02/02 13:04:36 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/02 13:04:36 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/02/02 13:04:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/02 13:03:48 | 3756,412,928 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/02 13:02:52 | 006,924,320 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2010/02/02 13:02:52 | 000,058,320 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2010/02/02 13:02:48 | 000,524,288 | -HS- | M] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/02/02 13:02:48 | 000,065,536 | -HS- | M] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/02/02 13:02:43 | 003,293,202 | -H-- | M] () -- C:\Users\HORACIO\AppData\Local\IconCache.db
[2010/02/02 12:49:44 | 000,000,872 | ---- | M] () -- C:\Users\HORACIO\Desktop\WinAVI MP4 Converter.lnk
[2010/02/02 12:36:53 | 000,000,621 | ---- | M] () -- C:\Users\HORACIO\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2010/02/02 12:36:29 | 001,244,718 | ---- | M] (Rixane Interactive ) -- C:\Users\HORACIO\Desktop\amazingbubbles3d_dc.exe
[2010/02/02 12:30:46 | 000,000,137 | ---- | M] () -- C:\Users\HORACIO\Desktop\IObit Freeware.url
[2010/02/02 01:21:11 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\HORACIO\Desktop\OTL.exe
[2010/02/02 01:15:21 | 000,093,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2010/02/02 00:00:29 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-HORACIO-PC_HORACIO.job
[2010/02/01 11:39:12 | 000,001,670 | ---- | M] () -- C:\Users\HORACIO\Desktop\CCleaner.lnk
[2010/02/01 11:38:53 | 003,370,400 | ---- | M] (Piriform Ltd) -- C:\Users\HORACIO\Desktop\ccsetup228.exe
[2010/01/31 21:34:07 | 001,146,696 | ---- | M] (Microsoft Corporation) -- C:\Users\HORACIO\Desktop\wlsetup-custom.exe
[2010/01/31 17:51:39 | 000,001,104 | ---- | M] () -- C:\Users\HORACIO\Desktop\CNET TechTracker.lnk
[2010/01/31 17:51:39 | 000,001,096 | ---- | M] () -- C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk
[2010/01/31 17:48:47 | 003,404,816 | ---- | M] (CBS Interactive) -- C:\Users\HORACIO\Desktop\CNET_TechTracker_1_3_52_Setup.exe
[2010/01/31 12:19:42 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/31 01:02:29 | 000,000,136 | ---- | M] () -- C:\Users\HORACIO\Desktop\Microsoft Flight Simulator X - Shortcut.lnk
[2010/01/30 11:47:55 | 000,105,648 | ---- | M] () -- C:\Users\HORACIO\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/01/30 11:42:30 | 000,392,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/30 11:13:00 | 000,000,169 | ---- | M] () -- C:\Users\HORACIO\AppData\Roaming\default.rss
[2010/01/29 10:49:16 | 000,000,827 | ---- | M] () -- C:\Users\HORACIO\Desktop\KAV7-CM-20100726-0784C95D.KEY
[2010/01/29 01:47:37 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/27 12:48:37 | 000,011,909 | ---- | M] () -- C:\My_CFix_Quarantine.zip
[2010/01/27 12:38:05 | 000,011,909 | ---- | M] () -- C:\My_AVZ_Quarantine.zip
[2010/01/27 12:37:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/01/27 11:48:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/01/27 00:51:11 | 000,000,902 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/26 09:43:59 | 000,000,054 | ---- | M] () -- C:\Users\HORACIO\AppData\Roaming\2ef08e46
[2010/01/25 16:44:45 | 000,000,333 | ---- | M] () -- C:\Windows\win.ini
[2010/01/25 14:49:29 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\HORACIO\Desktop\HJTInstall.exe
[2010/01/25 00:05:23 | 000,239,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/01/25 00:05:23 | 000,033,808 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klbg.sys
[2010/01/25 00:05:22 | 000,108,059 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/01/25 00:05:22 | 000,095,259 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/01/24 23:43:54 | 009,953,316 | ---- | M] () -- C:\Users\HORACIO\Desktop\reguistro recien copiado.reg
[2010/01/24 22:54:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/01/24 22:54:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/24 22:54:23 | 000,000,209 | ---- | M] () -- C:\Windows\wininit.ini
[2010/01/24 21:00:20 | 000,000,042 | ---- | M] () -- C:\Windows\System32\scud.udf
[2010/01/24 20:06:40 | 000,000,232 | ---- | M] () -- C:\Windows\reimage.ini
[2010/01/24 20:04:27 | 000,000,166 | ---- | M] () -- C:\Windows\System32\Compress.res
[2010/01/24 19:35:41 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\HORACIO\Desktop\spybotsd162.exe
[2010/01/23 23:27:10 | 000,000,056 | ---- | M] () -- C:\Users\HORACIO\AppData\Local\84756-11986-27475-00TC1-94865
[2010/01/23 20:43:10 | 000,001,700 | ---- | M] () -- C:\Users\HORACIO\Desktop\LimeWire 5.4.6.lnk
[2010/01/23 20:42:53 | 018,848,592 | ---- | M] (Lime Wire LLC) -- C:\Users\HORACIO\Desktop\LimeWireWin.exe
[2010/01/22 15:54:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/01/22 01:37:34 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/01/22 01:13:37 | 000,000,916 | ---- | M] () -- C:\Users\HORACIO\Desktop\Driver Genius Professional Edition.lnk
[2010/01/20 22:18:59 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010/01/20 21:03:58 | 000,004,767 | ---- | M] () -- C:\Windows\Irremote.ini
[2010/01/20 21:00:05 | 000,002,527 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010/01/19 23:51:47 | 000,000,037 | ---- | M] () -- C:\Windows\sys05420.ini
[2010/01/19 19:49:59 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2010/01/19 02:28:59 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010/01/19 01:54:35 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2010/01/19 01:54:35 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2010/01/19 00:43:45 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/01/18 22:05:25 | 000,000,734 | ---- | M] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/18 22:00:48 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/01/18 21:30:07 | 000,000,852 | ---- | M] () -- C:\Users\HORACIO\Documents\imap.aol.com.iaf
[2010/01/18 19:06:39 | 000,000,919 | ---- | M] () -- C:\Users\HORACIO\Desktop\YouTube Downloader.lnk
[2010/01/18 12:59:48 | 000,061,224 | ---- | M] () -- C:\Users\HORACIO\GoToAssistDownloadHelper.exe
[2010/01/18 12:38:55 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010/01/18 12:35:09 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/01/18 09:04:50 | 039,282,438 | ---- | M] () -- C:\Users\HORACIO\Documents\R180772.exe
[2010/01/18 08:59:54 | 021,378,440 | ---- | M] () -- C:\Users\HORACIO\Documents\R152143.EXE
[2010/01/18 08:52:21 | 000,000,000 | ---- | M] () -- C:\Windows\I531_1013.INI
[2010/01/18 08:47:09 | 000,074,703 | ---- | M] () -- C:\Windows\System32\mfc45.dll
[2010/01/18 08:37:06 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/01/18 00:43:01 | 000,002,077 | ---- | M] () -- C:\Users\HORACIO\Desktop\Windows Live Mail.lnk
[2010/01/18 00:42:39 | 000,001,985 | ---- | M] () -- C:\Users\HORACIO\Desktop\Windows Live Messenger .lnk
[2010/01/18 00:37:52 | 001,146,184 | ---- | M] (Microsoft Corporation) -- C:\Users\HORACIO\Desktop\wlsetup-web.exe
[2010/01/17 23:53:10 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/17 23:51:20 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/01/17 23:46:14 | 018,030,130 | ---- | M] () -- C:\Users\HORACIO\Documents\vlc-1.0.3-win32.exe
[2010/01/17 23:37:39 | 000,001,849 | ---- | M] () -- C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2010/01/17 23:36:55 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\ObjectDock.lnk
[2010/01/17 22:05:49 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/01/17 21:26:17 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/17 21:26:17 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/17 21:26:17 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/17 21:26:17 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/17 21:26:17 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/01/17 21:25:17 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/01/17 21:25:17 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/01/17 21:24:18 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010/01/17 21:21:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/01/17 21:21:04 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/01/17 21:21:04 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/01/17 21:21:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/01/17 21:21:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/01/17 21:21:04 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/01/17 21:21:04 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/01/17 21:21:04 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/01/17 21:21:04 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/01/17 21:17:56 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010/01/17 21:17:56 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/01/17 21:17:55 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/01/17 21:17:55 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/01/17 21:17:55 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/01/17 21:17:55 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/01/17 21:16:52 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/01/17 21:16:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/01/17 21:15:22 | 001,259,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/01/17 21:13:33 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/01/17 21:13:33 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/01/17 21:13:33 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/01/17 21:13:33 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/01/17 21:13:33 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/01/17 21:13:32 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/01/17 21:12:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/01/17 21:04:17 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/01/17 21:03:12 | 003,600,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/01/17 21:03:12 | 003,548,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/01/17 20:58:10 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/01/17 20:58:10 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/01/17 20:55:03 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/01/17 20:54:01 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/01/17 20:50:58 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010/01/17 20:48:12 | 000,623,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/01/17 20:47:30 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/01/17 20:47:30 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/01/17 20:47:30 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/01/17 20:47:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/01/17 20:42:07 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/01/17 20:42:07 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/01/17 20:42:07 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/01/17 20:42:07 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/01/17 20:42:06 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/01/17 20:42:06 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/01/17 20:42:06 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/01/17 20:42:06 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/01/17 20:42:05 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/01/17 20:42:05 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/01/17 20:42:05 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/01/17 20:42:05 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/01/17 20:42:04 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/01/17 20:42:04 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/01/17 20:42:04 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/01/17 20:42:04 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/01/17 20:42:03 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/01/17 20:42:03 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/01/17 20:42:03 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/01/17 20:42:02 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/01/17 20:42:02 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/01/17 20:42:02 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/01/17 20:42:01 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/01/17 20:42:01 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/01/17 20:42:01 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/01/17 20:42:01 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/01/17 20:42:00 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/01/17 20:42:00 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/01/17 20:42:00 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/01/17 20:41:59 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/01/17 20:41:59 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/01/17 20:41:59 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/01/17 20:41:59 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/01/17 20:41:58 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/01/17 20:41:58 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/01/17 20:41:58 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/01/17 20:41:57 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/01/17 20:41:57 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/01/17 20:41:56 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/01/17 20:41:56 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/01/17 20:41:56 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/01/17 20:41:56 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/01/17 20:41:56 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/01/17 20:41:55 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/01/17 20:41:55 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/01/17 20:41:55 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/01/17 20:41:55 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/01/17 20:41:55 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/01/17 20:41:54 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/01/17 20:41:54 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/01/17 20:41:54 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/01/17 20:41:54 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/01/17 20:41:53 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/01/17 20:41:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/01/17 20:41:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/01/17 20:41:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/01/17 20:41:53 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/01/17 20:41:52 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/01/17 20:41:52 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/01/17 20:41:52 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/01/17 20:41:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/01/17 20:41:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/01/17 20:41:51 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/01/17 20:41:51 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/01/17 20:41:51 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/01/17 20:41:50 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/01/17 20:41:50 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/01/17 20:41:50 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/01/17 20:41:50 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/01/17 20:41:50 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/01/17 20:41:49 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/01/17 20:41:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/01/17 20:41:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/01/17 20:39:21 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/01/17 20:32:20 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/01/17 20:32:20 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/01/17 20:30:09 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/01/17 20:29:35 | 002,036,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/01/17 20:28:56 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/01/17 20:28:19 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/01/17 20:28:19 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/01/17 20:15:32 | 024,444,928 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/01/17 20:15:31 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/01/17 20:15:31 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/01/17 20:09:51 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/01/17 20:00:43 | 004,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/01/17 20:00:43 | 001,696,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/01/17 20:00:43 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/01/17 19:59:56 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/01/17 19:58:16 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/01/17 19:58:03 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/01/17 19:57:12 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/01/17 19:56:38 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/01/17 19:56:37 | 008,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/01/17 19:56:35 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/01/17 19:56:35 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/01/17 19:56:34 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/01/17 19:19:32 | 000,000,680 | ---- | M] () -- C:\Users\HORACIO\AppData\Local\d3d9caps.dat
[2010/01/17 19:17:12 | 000,524,288 | -HS- | M] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/01/17 19:15:41 | 000,000,020 | -HS- | M] () -- C:\Users\HORACIO\ntuser.ini
[2010/01/17 19:14:51 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/01/17 19:14:51 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/01/17 19:14:23 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/01/17 19:14:23 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/01/17 19:14:23 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/01/17 19:13:52 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/01/17 19:13:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/01/17 19:09:55 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/01/14 11:12:06 | 000,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/11 23:03:33 | 014,924,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/01/11 23:03:33 | 011,639,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010/01/11 23:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/01/11 23:03:33 | 009,388,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010/01/11 23:03:33 | 004,321,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/01/11 23:03:33 | 004,077,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010/01/11 23:03:33 | 004,061,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010/01/11 23:03:33 | 002,243,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010/01/11 23:03:33 | 001,280,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010/01/11 23:03:33 | 000,795,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/01/11 23:03:33 | 000,182,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010/01/11 23:03:33 | 000,068,200 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/01/11 23:03:33 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010/01/11 23:03:33 | 000,007,437 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/01/11 22:18:44 | 000,271,481 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010/01/11 22:18:44 | 000,065,332 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010/01/11 22:18:00 | 013,679,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010/01/11 22:18:00 | 001,515,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010/01/11 22:18:00 | 000,962,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
[2010/01/11 22:18:00 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/02 19:27:44 | 000,000,827 | ---- | C] () -- C:\Users\HORACIO\Desktop\KAV7-CM-20100726-0784C95D.KEY
[2010/02/02 18:36:02 | 006,299,344 | ---- | C] () -- C:\Users\HORACIO\Desktop\Resetter_v2.2.0.0.rar
[2010/02/02 13:11:09 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/02/02 12:49:44 | 000,000,872 | ---- | C] () -- C:\Users\HORACIO\Desktop\WinAVI MP4 Converter.lnk
[2010/02/02 12:36:53 | 000,000,621 | ---- | C] () -- C:\Users\HORACIO\Desktop\Amazing Bubbles 3D Screensaver.lnk
[2010/02/02 12:36:52 | 000,908,288 | ---- | C] () -- C:\Windows\Amazing Bubbles 3D.scr
[2010/02/02 12:36:52 | 000,018,902 | ---- | C] () -- C:\Windows\rixane-icon.ico
[2010/02/02 12:36:52 | 000,000,081 | ---- | C] () -- C:\Windows\amazing-bubbles-3D-homepage.url
[2010/02/02 12:36:52 | 000,000,046 | ---- | C] () -- C:\Windows\rixane-screensavers.url
[2010/02/01 11:39:12 | 000,001,670 | ---- | C] () -- C:\Users\HORACIO\Desktop\CCleaner.lnk
[2010/01/31 17:52:20 | 000,000,032 | ---- | C] () -- C:\Users\HORACIO\AppData\Local\xobni_installer_updater.log
[2010/01/31 17:51:39 | 000,001,104 | ---- | C] () -- C:\Users\HORACIO\Desktop\CNET TechTracker.lnk
[2010/01/31 17:51:39 | 000,001,096 | ---- | C] () -- C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk
[2010/01/31 01:02:29 | 000,000,136 | ---- | C] () -- C:\Users\HORACIO\Desktop\Microsoft Flight Simulator X - Shortcut.lnk
[2010/01/30 11:13:00 | 000,000,169 | ---- | C] () -- C:\Users\HORACIO\AppData\Roaming\default.rss
[2010/01/27 12:48:37 | 000,011,909 | ---- | C] () -- C:\My_CFix_Quarantine.zip
[2010/01/27 12:38:05 | 000,011,909 | ---- | C] () -- C:\My_AVZ_Quarantine.zip
[2010/01/27 09:17:21 | 3756,412,928 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/27 01:04:56 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/27 00:51:11 | 000,000,902 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/01/26 11:40:43 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/01/26 11:40:43 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/01/24 23:43:53 | 009,953,316 | ---- | C] () -- C:\Users\HORACIO\Desktop\reguistro recien copiado.reg
[2010/01/24 23:40:28 | 000,108,059 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/01/24 23:40:28 | 000,095,259 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/01/24 23:39:50 | 006,924,320 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2010/01/24 23:39:50 | 000,827,424 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox2.dat
[2010/01/24 23:39:50 | 000,058,320 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.idx
[2010/01/24 23:39:50 | 000,005,976 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox2.idx
[2010/01/24 22:54:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/01/24 22:54:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/01/24 21:00:20 | 000,000,042 | ---- | C] () -- C:\Windows\System32\scud.udf
[2010/01/24 20:04:27 | 000,000,166 | ---- | C] () -- C:\Windows\System32\Compress.res
[2010/01/24 20:04:23 | 000,000,232 | ---- | C] () -- C:\Windows\reimage.ini
[2010/01/24 19:52:30 | 000,000,209 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/24 10:15:16 | 000,000,054 | ---- | C] () -- C:\Users\HORACIO\AppData\Roaming\2ef08e46
[2010/01/23 23:01:23 | 000,000,056 | ---- | C] () -- C:\Users\HORACIO\AppData\Local\84756-11986-27475-00TC1-94865
[2010/01/23 20:43:10 | 000,001,700 | ---- | C] () -- C:\Users\HORACIO\Desktop\LimeWire 5.4.6.lnk
[2010/01/22 15:54:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/01/22 01:55:41 | 000,007,437 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/01/22 01:29:27 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010/01/22 01:13:37 | 000,000,916 | ---- | C] () -- C:\Users\HORACIO\Desktop\Driver Genius Professional Edition.lnk
[2010/01/20 23:17:22 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\NeroLiveEpgUpdate-HORACIO-PC_HORACIO.job
[2010/01/20 22:18:59 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010/01/20 21:03:58 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/01/20 21:00:05 | 000,002,527 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010/01/20 11:09:20 | 000,000,496 | ---- | C] () -- C:\Users\Public\Desktop\RDesc.lnk
[2010/01/19 23:51:47 | 000,000,037 | ---- | C] () -- C:\Windows\sys05420.ini
[2010/01/19 19:49:59 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/19 11:47:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/01/19 11:47:36 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/01/19 10:17:35 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/01/19 10:17:32 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2010/01/19 10:17:25 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/01/19 10:17:24 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/19 10:17:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/19 10:17:22 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/01/19 10:17:21 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/01/19 10:17:16 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/01/19 10:16:48 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/01/19 10:16:48 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/01/19 10:16:34 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/01/19 10:16:32 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2010/01/19 00:44:43 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/01/19 00:43:45 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/01/19 00:42:14 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/19 00:42:13 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/18 22:05:25 | 000,000,734 | ---- | C] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
[2010/01/18 22:00:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/18 21:30:07 | 000,000,852 | ---- | C] () -- C:\Users\HORACIO\Documents\imap.aol.com.iaf
[2010/01/18 19:06:39 | 000,000,919 | ---- | C] () -- C:\Users\HORACIO\Desktop\YouTube Downloader.lnk
[2010/01/18 12:59:48 | 000,061,224 | ---- | C] () -- C:\Users\HORACIO\GoToAssistDownloadHelper.exe
[2010/01/18 12:38:55 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010/01/18 12:35:14 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010/01/18 12:35:09 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/01/18 12:35:09 | 000,000,137 | ---- | C] () -- C:\Users\HORACIO\Desktop\IObit Freeware.url
[2010/01/18 11:46:12 | 000,195,122 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/01/18 11:44:33 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2010/01/18 11:44:31 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2010/01/18 11:44:26 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2010/01/18 11:44:26 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010/01/18 11:17:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/01/18 11:16:51 | 000,266,828 | ---- | C] () -- C:\Windows\System32\drivers\LVAFT.cfg
[2010/01/18 11:16:00 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/01/18 09:22:12 | 000,077,312 | ---- | C] () -- C:\Users\HORACIO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/18 09:06:43 | 000,000,553 | ---- | C] () -- C:\Windows\USetup.iss
[2010/01/18 09:04:11 | 039,282,438 | ---- | C] () -- C:\Users\HORACIO\Documents\R180772.exe
[2010/01/18 08:59:33 | 021,378,440 | ---- | C] () -- C:\Users\HORACIO\Documents\R152143.EXE
[2010/01/18 08:52:21 | 000,000,000 | ---- | C] () -- C:\Windows\I531_1013.INI
[2010/01/18 08:47:09 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2010/01/18 00:43:01 | 000,002,077 | ---- | C] () -- C:\Users\HORACIO\Desktop\Windows Live Mail.lnk
[2010/01/18 00:42:39 | 000,001,985 | ---- | C] () -- C:\Users\HORACIO\Desktop\Windows Live Messenger .lnk
[2010/01/17 23:53:10 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/01/17 23:51:20 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/01/17 23:45:06 | 018,030,130 | ---- | C] () -- C:\Users\HORACIO\Documents\vlc-1.0.3-win32.exe
[2010/01/17 23:37:39 | 000,001,849 | ---- | C] () -- C:\Users\HORACIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2010/01/17 23:36:55 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\ObjectDock.lnk
[2010/01/17 23:17:22 | 000,000,426 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{0DA21C02-D373-4E84-BC24-7AB1B6914BEF}.job
[2010/01/17 23:12:02 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/01/17 22:32:06 | 000,052,941 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/17 22:32:06 | 000,052,941 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/17 22:05:49 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/01/17 22:05:48 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2010/01/17 22:05:35 | 000,000,036 | RH-- | C] () -- C:\Windows\DELL_VERSION
[2010/01/17 21:53:38 | 000,144,360 | ---- | C] () -- C:\Windows\System32\drivers\del1028.cty
[2010/01/17 21:24:18 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010/01/17 21:17:56 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/01/17 21:04:17 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
[2010/01/17 20:54:01 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/01/17 20:11:23 | 024,444,928 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/01/17 20:11:23 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/01/17 20:11:23 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/01/17 19:15:43 | 000,000,680 | ---- | C] () -- C:\Users\HORACIO\AppData\Local\d3d9caps.dat
[2010/01/17 19:15:41 | 000,524,288 | -HS- | C] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/01/17 19:15:41 | 000,524,288 | -HS- | C] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/17 19:15:41 | 000,065,536 | -HS- | C] () -- C:\Users\HORACIO\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/17 19:15:41 | 000,000,020 | -HS- | C] () -- C:\Users\HORACIO\ntuser.ini
[2010/01/17 19:15:40 | 003,145,728 | -HS- | C] () -- C:\Users\HORACIO\NTUSER.DAT
[2010/01/11 22:18:44 | 000,271,481 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010/01/11 22:18:44 | 000,065,332 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/09/23 23:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/09/12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/09/04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/07/20 07:09:58 | 000,196,608 | ---- | C] () -- C:\Windows\System32\swfobjs.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:45 am

this is the extra report
OTL Extras logfile created on: 2/2/2010 1:23:31 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\HORACIO\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 199.62 Gb Free Space | 66.98% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390.62 Gb Total Space | 332.96 Gb Free Space | 85.24% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 246.41 Gb Free Space | 84.11% Space Free | Partition Type: NTFS
Drive G: | 247.92 Gb Total Space | 169.94 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HORACIO-PC
Current User Name: HORACIO
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23CC7D6C-44DE-41A9-A984-ABFDEA9E4BC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{29FA746C-D0E7-490E-80C0-83CCBB112624}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7DE68028-D0F5-4668-BD93-3D324B173ECB}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E7A50B-0C75-401F-A4FA-FAF741D798A6}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{0365D8E7-3C2E-4F87-A2D2-EB0C99A5412F}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{127A2468-2459-4D51-9D5C-1502095967BE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{14A5AEEE-7ACC-4C24-9CC8-34BF982D21A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{176B6002-A003-40AD-9D29-A63440A1971F}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{26B73FFC-346E-4708-8D74-74BA0FD5D32A}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{39ACEBB1-E69D-4618-91EF-7898E65D4507}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4014B4DD-E149-4D12-AE91-2E76EB1F0B2E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{40702937-73B1-4BA0-B0F8-4C308B858D61}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4427C42E-9B96-4261-B9B1-592262A07861}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{463060C8-55D9-4699-91BF-594895246ECC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{60F07F92-3A46-4DD3-9B7B-1F62781DD7AF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{631FA709-9EFE-416E-B337-8E13AEC7231D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{634B0789-3487-4587-94AB-50F79ABE5357}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{6A056CE6-7C00-4CD6-82F3-4E4F8BA2A150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7FAFD966-A976-46C7-9317-38A5DC586C1B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{803F4237-B775-4DCF-9BCA-297C9E5D14D2}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{8156C224-BE5B-44E5-9512-3EC3A40812BF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{85D0402B-FC8A-4BA1-86C5-121120EB9DEB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{86E06BD6-ABCD-4441-8CAE-E848623938E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8A1DAC2C-D3A4-4758-B591-AAA9CC2A9F82}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{934FD6D6-AA13-4EED-AEA4-262B6ECCF692}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe |
"{945FC088-F6B7-46BF-93DA-54C37CC53650}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{964990C9-E885-4A5C-81F0-6826B53042C7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A08B9794-E5A2-4954-B995-86BE2762AD7E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A5B38B81-D26C-4E40-B754-120033E81719}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{BA7A7DC5-5860-46E2-82B8-30102094D7F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BE5E5A27-3BF0-4165-B953-A9946FE835A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D92391C5-7EF3-4422-8FA7-2AD01B633FAE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe |
"{DD06A051-1637-4F71-9345-8A0483EE6FDD}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{DDBBAD11-9A5F-488B-A73A-F1F5F23DEF2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DE4819AA-A779-4F6D-9C0A-433BD78A5258}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1263870160\ee\aolsoftware.exe |
"{F4303C63-4873-4ABB-88C1-9CAC4CDAC4E9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{FE3971FC-D3BC-4319-9490-EF414A988752}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"TCP Query User{03FE0169-CEDA-4076-989B-19F3394190CD}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{3E255A02-6B74-4D29-BEFB-CB30FFA5D291}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{A6EFDE20-4394-435B-A717-A8A9C8E67E18}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{006BBAC0-05DF-43FA-A005-BC692AB5D3C0}C:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{5BF2DA3A-7D7A-402C-8FE8-E5D41472AA92}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{72783167-F055-4883-A288-C65D5DC08F43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AA5F2C-EEBB-47A3-AB7B-B235E620FFDB}_is1" = los Boeing 737-200 Advanced, de las Líneas Aérea LAN, SKY y AER
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 18
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{30120000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2007 (Beta)
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5aa47dba-b584-4d47-a626-76e53f010201}" = JavaFX(TM) 1.2 SDK
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74550cae-c3fe-4c94-ab8e-a26a71eb49c4}" = Nero 9
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.26
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2007
"{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}" = TuneUp Utilities Language Pack (es-ES)
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AMDAway INF" = AMDAway INF
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow" = ffdshow (remove only)
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"LimeWire" = LimeWire 5.4.6
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities" = TuneUp Utilities
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"XobniMain" = Xobni

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2010 2:56:37 AM | Computer Name = HORACIO-PC | Source = Perflib | ID = 1008
Description =

Error - 1/29/2010 3:06:36 AM | Computer Name = HORACIO-PC | Source = pctsSvc.exe | ID = 0
Description =

Error - 1/30/2010 2:10:13 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01caa1ce6b0970f2 Termination Time: 0

Error - 1/31/2010 10:31:13 PM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

Error - 2/1/2010 12:51:07 PM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 103c Start Time: 01caa35e7b4c3e11 Termination Time: 0

Error - 2/2/2010 12:43:40 AM | Computer Name = HORACIO-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18882, time stamp
0x4b3ed243, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x00041e3b, process id 0x14f8, application
start time 0x01caa392ccaf2700.

Error - 2/2/2010 1:59:30 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17ac Start Time: 01caa3cb66aa0ef0 Termination Time: 63

Error - 2/2/2010 2:00:20 AM | Computer Name = HORACIO-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18882 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 50c Start Time: 01caa3cce762f330 Termination Time: 15

Error - 2/2/2010 2:16:01 AM | Computer Name = HORACIO-PC | Source = VSS | ID = 8194
Description =

Error - 2/2/2010 2:17:19 AM | Computer Name = HORACIO-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 1/19/2010 3:28:14 AM | Computer Name = HORACIO-PC | Source = Microsoft-Windows-Eventlog | ID = 30
Description =

Error - 1/19/2010 10:46:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 10:48:20 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 11:01:56 AM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 11:03:19 AM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2010 12:52:03 PM | Computer Name = HORACIO-PC | Source = HTTP | ID = 15016
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/19/2010 12:53:26 PM | Computer Name = HORACIO-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 3rd February 2010, 1:45 am

i hope this is what you requested and thank you much for your help

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 3rd February 2010, 6:28 pm

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :OTL
    O4 - HKLM..\Run: [RDesc] File not found
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found



  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 4th February 2010, 2:42 am

HERE IS WHAT YOU ASK ME TO DO I HOPE IS OK

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RDesc deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-1961057425-2708360034-2878373316-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.

OTL by OldTimer - Version 3.1.27.1 log created on 02032010_214130

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 4th February 2010, 10:00 pm

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 11th February 2010, 2:12 am

i have done what you told me but you are not telling me if i had a virus or if it was one and clean it please answer me thenk you
bill

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

Re: trojan heur

Post by Belahzur on 11th February 2010, 9:05 pm

How is the machine running now? Smile The logs look good to me.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: trojan heur

Post by bill01 on 12th February 2010, 12:58 am

it is running good thank yu so much
if i want to give a donation how can i send it?
i have no credit card but a money order will do
thank you

bill01
Novice
Novice

Posts Posts : 29
Joined Joined : 2010-01-30
OS OS : vista 32 bit
Points Points : 25464
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum