Antimalwaredoctor Aftermath problems

View previous topic View next topic Go down

Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sat 04 Sep 2010, 3:21 am

(System messages translated from swedish)

I got Antimalwaredoctorinfected the other day and I´ve tried a lot of things to get my computer stabilized again.

I don´t know if I´ve managed to delete all infected files, but here is a list of programs I´ve used to get rid of them:
Avast antivirus (wich was disabled and now I can´t even run it)
Malwarebytes Antimalware (Same goes here)
Spyhunter (seems to work fine, and deleted a lot of files, but gives BSoD most of the times and doesn´t actually make anything work better)
Eusing Registry Cleaner (BSoD)
Auslogics Registry Cleaner (makes no difference)
Spyware doctor (can´t run)

If I try to make a system restore, I get this message:
System restore can not protect the computer. Restart computer and then run System restore again. (And ofcourse if I do I get the sam message over and over).

So the reason I tried registry cleaners is I tried this [You must be registered and logged in to see this link.] to get my system restore working, but I didn´t found anything on the told destinations, and when I search for disableconfig i get BSoD so i assumed something is really wrong with my registry.

I can´t connect to internet with the infected computer since all the local area network connections has been killed somehow.I´ve tried it both in normal and in safe mode with networking.
When I go to the "network connections" folder in control panel, I get a message that says something like this: "can´t localize any network connections since the service Network Connections is not activated, activate the service Network services" (The reason I don´t know exactly is that that message only show once in ten tries and I have to reboot the computer to get it again after it has showed once)
I can´t start the network connections service via services (and hardly any other services either).
I get this message when i try to start Network Connections:
Couldn´t start the service Network Connections on Local computer.
Error 1068: can not start the superior service or group.

On every boot, when XP has started i get this message: ntdevice has encountered a problem and needs to close. We are sorry for the inconvenience.

The audio device has been deactivated, (the yellow "no driver" icon appears in the device manager) and same goes for CD-rom drives.
The only way I am able to transfer data to the infected computer is via an usbdevice, but I can´t click-and-drag anything so I have to use winRAR and put everything I want to download from the usbdevice in an archive, then exctract it to where I want it.

I ran the RKill wich I found at this thread: [You must be registered and logged in to see this link.] and I tried to run OTL with the instructions shown in the same thread but every time I do, after a while i get BSoD:ed

BSoD Technical information:
*** STOP: 0x0000008E (0xC0000005, 0x00650037, 0xA304D820, 0x00000000)

I actually thought it was time for format c: for a while, but XP wouldn´t run from the cd, I´ve tried with 2 different XP cd:s, and both gives the same result:
I start computer, it tells me press any key to start from CD, I do, the XP CD start up a lot of processes and get to the point "Launching windows XP" and there it stops. Yesterday i let it be like that the whole night so I don´t think it will come any further by more time. Now I am more into fixing it again since I took the time to write this killer thread

SO PLEASE Bruce Willises or Arnold Schwarzneggers of the cyberspace, save me! Any help would be greatly appreciated!
PS. Please excuse my poor english, I´m from sweden and this really isn´t my area of profession :> DS.

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by Belahzur on Sat 04 Sep 2010, 10:42 am

Hello.

Are you not able to run OTL at all?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sat 04 Sep 2010, 5:47 pm

Hello =)
It starts, but it does not finish, maybe I can find these files somewhere anyway? It runs for a long time before it shuts down, I think it´s almost finished

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sun 05 Sep 2010, 2:47 am

I tried running OTL without the custom scans, and it worked =) I got this:

OTL logfile created on: 2010-09-04 17:33:38 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = D:\
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 149,65 Gb Free Space | 50,20% Space Free | Partition Type: NTFS
Drive D: | 1023,69 Mb Total Space | 996,63 Mb Free Space | 97,36% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive N: | 465,76 Gb Total Space | 133,22 Gb Free Space | 28,60% Space Free | Partition Type: NTFS

Computer Name: TOTTE
Current User Name: Tutt
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-09-03 16:50:38 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2010-08-30 21:30:53 | 000,035,848 | ---- | M] () -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010-08-28 18:17:11 | 000,015,982 | ---- | M] () -- C:\WINDOWS\system32\mssrv32.exe
PRC - [2010-07-26 14:19:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program1\Mozilla Firefox\firefox.exe
PRC - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-03-15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010-03-11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010-03-09 09:40:26 | 001,286,608 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray .exe
PRC - [2009-07-26 17:44:56 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr .exe
PRC - [2009-03-21 15:54:07 | 000,026,112 | -HS- | M] () -- C:\WINDOWS\system32\ntdevice.exe
PRC - [2008-12-11 13:14:24 | 000,377,856 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\ekort\ekort.exe
PRC - [2007-07-06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2007-06-13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-10 14:00:00 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2004-08-10 14:00:00 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Restore\rstrui.exe
PRC - [2004-08-10 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
PRC - [2004-08-10 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe


========== Modules (SafeList) ==========

MOD - [2010-09-03 17:44:41 | 000,013,312 | -HS- | M] () -- C:\Documents and Settings\Tutt\pizda_ntload.dll
MOD - [2010-09-03 16:50:38 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2009-10-30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2004-11-11 00:56:14 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2004-08-10 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004-08-10 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-08-10 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-06-28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-06-10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-03-15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010-03-11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010-01-22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2008-10-19 19:10:49 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007-07-06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2004-08-10 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2003-03-09 22:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010-08-31 17:01:22 | 000,000,000 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\pywpy.sys -- (pywpy)
DRV - [2010-08-27 08:00:20 | 000,211,072 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2010-06-28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-06-28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-06-28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-06-28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-06-28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-06-28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-03-10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009-08-17 00:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-10-05 13:40:44 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-06-04 15:18:48 | 000,009,344 | ---- | M] (Lavasoft AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nsdriver.sys -- (Ad-Watch Connect Filter)
DRV - [2007-04-18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007-04-12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007-04-12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007-04-12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007-04-12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007-04-12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007-04-12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007-04-12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007-04-12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007-04-12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007-04-12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007-04-10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007-04-10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007-04-10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007-04-10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007-04-10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007-04-10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2007-04-10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007-04-10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007-04-10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007-04-10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2007-01-15 18:46:22 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2007-01-15 18:44:39 | 000,643,072 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006-09-29 11:18:28 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-09-12 20:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-07-14 14:55:42 | 000,089,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-07-14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006-07-11 21:31:02 | 000,084,096 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-06-19 00:38:18 | 000,043,520 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006-05-11 11:30:52 | 000,247,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2005-05-27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005-01-11 17:58:48 | 000,030,976 | ---- | M] (Silicon Integrated Systems Corp) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiSRaid2.sys -- (SiSRaid2)
DRV - [2005-01-07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2004-10-08 12:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004-08-10 14:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004-08-10 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004-08-10 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004-08-03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\URLSearchHook: {F08555B0-9CC3-11D2-AA8E-000000000567} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_shook.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.rollingstone.com/"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:0.4.3
FF - prefs.js..extensions.enabledItems: ekort@orbiscom:3.16.8.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.0.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\ekort@orbiscom: C:\Program Files\ekort [2009-04-08 13:24:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\Program\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program1\Mozilla Firefox\components [2010-08-02 12:02:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program1\Mozilla Firefox\plugins [2010-07-26 14:19:44 | 000,000,000 | ---D | M]

[2008-09-06 19:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tutt\Application Data\Mozilla\Extensions
[2010-09-03 22:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tutt\Application Data\Mozilla\Firefox\Profiles\ebufj7uh.default\extensions
[2010-05-05 16:46:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tutt\Application Data\Mozilla\Firefox\Profiles\ebufj7uh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009-04-08 01:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tutt\Application Data\Mozilla\Firefox\Profiles\ebufj7uh.default\extensions\betteryoutube@ginatrapani.org
[2009-10-03 11:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tutt\Application Data\Mozilla\Firefox\Profiles\ebufj7uh.default\extensions\en-US@dictionaries.addons.mozilla.org

O1 HOSTS File: ([2010-08-30 20:35:40 | 000,000,727 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (The blinkx Toolbar) - {0069B690-7A2B-41C5-98CA-9F535B4C8532} - C:\Program Files\blinkx Remote Toolbar\the_blinkx_bho.dll ()
O2 - BHO: (EKortBrowserHelper Class) - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\Program Files\ekort\Bhoekort.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program Files\ekort\EKortHelper.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files\ekort\EKortToolbar.dll ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [rundll32] C:\WINDOWS\system32\ntdevice.exe ()
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr .exe (Microsoft Corporation)
O4 - HKCU..\Run: [rundll32] C:\Documents and Settings\Tutt\userinit.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skapa mobilfavorit ... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe (Microgaming)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKCU\..Trusted Domains: youtube.com ([www] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [You must be registered and logged in to see this link.] (QuickTime Object)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} [You must be registered and logged in to see this link.] (System Requirements Lab Class)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} [You must be registered and logged in to see this link.] (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.10.96.44 217.10.96.65
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\WINDOWS\system32\ntdevice.exe) - C:\WINDOWS\system32\ntdevice.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-11-14 17:29:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009-05-18 21:57:29 | 000,000,106 | RHS- | M] () - N:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{620b171a-c4c6-11de-bba5-0018f3cde07a}\Shell - "" = AutoRun
O33 - MountPoints2\{fd55e772-8495-11dc-b974-0018f3cde07a}\Shell - "" = AutoRun
O33 - MountPoints2\{fd55e772-8495-11dc-b974-0018f3cde07a}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setup.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\SETUP.EXE -- File not found
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-09-03 16:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010-09-03 09:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010-09-03 09:23:40 | 004,601,888 | ---- | C] (Auslogics Software Pty Ltd ) -- C:\Documents and Settings\Tutt\Desktop\registry-cleaner-setup.exe
[2010-09-03 09:23:40 | 002,248,136 | ---- | C] (WiseCleaner.com ) -- C:\Documents and Settings\Tutt\Desktop\WRCPro.exe
[2010-09-02 22:17:25 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2010-08-30 23:09:53 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simptcp.dll
[2010-08-30 22:49:24 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-08-30 22:49:24 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-08-30 22:49:23 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-08-30 22:49:22 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-08-30 22:49:22 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-08-30 22:49:21 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-08-30 22:49:21 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-08-30 22:48:43 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010-08-30 22:48:41 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-08-30 21:14:03 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2010-08-30 21:14:03 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2010-08-30 21:14:03 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2010-08-30 21:13:36 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-08-30 21:13:29 | 000,217,032 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-08-30 21:13:29 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-08-30 21:13:15 | 000,070,408 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2010-08-30 21:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010-08-30 21:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-08-30 21:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Application Data\PC Tools
[2010-08-30 21:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010-08-30 20:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010-08-29 16:42:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010-08-29 16:31:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-08-28 18:14:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAnprpphosti
[2010-08-28 16:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-08-28 16:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-08-27 16:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Application Data\Malwarebytes
[2010-08-27 16:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-08-27 16:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-08-27 15:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Application Data\drbqohjpu
[2010-08-27 15:57:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Local Settings\Application Data\drbqohjpu
[2010-08-27 15:51:09 | 000,200,704 | ---- | C] (ApexDC++ Development Team) -- C:\WINDOWS\Hlilyb.exe
[2010-08-27 13:50:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010-08-27 08:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010-08-27 08:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010-08-27 07:58:25 | 000,200,704 | ---- | C] (ApexDC++ Development Team) -- C:\WINDOWS\Hlilya.exe
[2010-08-27 07:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Local Settings\Application Data\wqgmxhwuf
[2010-08-27 07:58:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Local Settings\Application Data\aekmxpjdr
[2010-08-27 07:58:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Application Data\aekmxpjdr
[2010-08-27 07:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Local Settings\Application Data\lqjnxfvsb
[2010-08-27 07:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Local Settings\Application Data\Windows Server
[2010-08-27 07:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tutt\Application Data\176170D6E4280D8CD04407F5B2F36A2F
[2007-04-09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-09-03 17:44:41 | 000,013,312 | -HS- | M] () -- C:\Documents and Settings\Tutt\pizda_ntload.dll
[2010-09-03 17:43:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-09-03 17:43:25 | 2615,726,080 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-03 16:30:10 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\Tutt\ntuser.dat
[2010-09-03 16:25:51 | 001,530,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-09-03 09:23:55 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Eusing Free Registry Cleaner.lnk
[2010-09-03 09:23:20 | 007,784,054 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\EFRCSetup.rar
[2010-09-02 22:59:11 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-00511102}.rfx
[2010-09-02 22:59:11 | 000,030,120 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-00511102}.rfx
[2010-09-02 22:59:11 | 000,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-00511102}.rfx
[2010-09-02 22:59:11 | 000,027,408 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-00511102}.rfx
[2010-09-02 22:59:11 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-00511102}.rfx
[2010-09-02 21:50:39 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Tutt\ntuser.ini
[2010-09-02 21:46:56 | 000,000,221 | -HS- | M] () -- C:\boot.ini
[2010-09-02 20:44:04 | 004,601,888 | ---- | M] (Auslogics Software Pty Ltd ) -- C:\Documents and Settings\Tutt\Desktop\registry-cleaner-setup.exe
[2010-09-02 20:42:36 | 002,248,136 | ---- | M] (WiseCleaner.com ) -- C:\Documents and Settings\Tutt\Desktop\WRCPro.exe
[2010-09-02 20:40:50 | 000,963,852 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\EFRCSetup.exe
[2010-09-02 20:40:10 | 000,054,856 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\ErrorNukerInstaller.exe
[2010-08-31 17:01:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\pywpy.sys
[2010-08-31 12:28:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-31 12:23:23 | 000,000,897 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-08-31 12:23:23 | 000,000,469 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-08-30 23:10:18 | 000,523,098 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-30 23:10:18 | 000,442,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-30 23:10:18 | 000,071,868 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-30 23:08:35 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010-08-30 22:49:24 | 000,001,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010-08-30 22:49:22 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-08-30 21:27:24 | 000,001,641 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010-08-30 21:18:31 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Tutt\sh_wi.bak
[2010-08-30 21:18:06 | 000,035,848 | ---- | M] () -- C:\WINDOWS\System32\kr2RrqT.com
[2010-08-30 21:07:23 | 000,157,696 | ---- | M] () -- C:\Documents and Settings\Tutt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-30 20:35:40 | 000,000,727 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-08-30 20:33:38 | 000,000,265 | ---- | M] () -- C:\spyhunter.fix
[2010-08-29 16:47:09 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{ED6F8FF9-C1D4-4541-A52D-DCF048812A4F}.job
[2010-08-29 16:44:11 | 000,001,004 | RHS- | M] () -- C:\Documents and Settings\Tutt\ntuser.pol
[2010-08-29 16:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010-08-29 16:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At89.job
[2010-08-29 16:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At65.job
[2010-08-29 16:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At521.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At497.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At473.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At449.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At425.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At401.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At377.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At353.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At329.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At305.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At281.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At257.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At233.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At209.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At185.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At161.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At137.job
[2010-08-29 16:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At113.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At528.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At527.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At526.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At525.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At524.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At523.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At522.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At520.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At519.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At518.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At517.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At516.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At515.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At514.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At513.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At512.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At511.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At510.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At509.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At508.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At507.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At506.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At505.job
[2010-08-29 15:23:37 | 000,072,706 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\i3x1Qx4f.exe
[2010-08-29 15:23:37 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ln3HK3T.dat
[2010-08-29 15:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At88.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At64.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At496.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At472.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At448.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At424.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At400.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At376.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At304.job
[2010-08-29 15:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At280.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At352.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At328.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At256.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At232.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At208.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At184.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At160.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At136.job
[2010-08-29 15:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At112.job
[2010-08-29 14:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At87.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At63.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At495.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At471.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At447.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At423.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At399.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At375.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At351.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At327.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At303.job
[2010-08-29 14:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At231.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At279.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At255.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At207.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At183.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At159.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At135.job
[2010-08-29 14:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At111.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At504.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At503.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At502.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At501.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At500.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At499.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At498.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At494.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At493.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At492.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At491.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At490.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At489.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At488.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At487.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At486.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At485.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At484.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At483.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At482.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At481.job
[2010-08-29 13:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010-08-29 13:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At398.job
[2010-08-29 13:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At326.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At86.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At62.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At470.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At446.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At422.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At374.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At350.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At302.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At278.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At254.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At230.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At206.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At182.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At158.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At134.job
[2010-08-29 13:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At110.job
[2010-08-29 12:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At85.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At61.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At469.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At445.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At421.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At397.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At373.job
[2010-08-29 12:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At349.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At325.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At301.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At277.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At253.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At229.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At205.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At181.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At157.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At133.job
[2010-08-29 12:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At109.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At480.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At479.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At478.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At477.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At476.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At475.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At474.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At468.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At467.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At466.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At465.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At464.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At463.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At462.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At461.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At460.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At459.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At458.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At457.job
[2010-08-29 11:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At84.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At60.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At444.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At420.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At396.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At372.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At324.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At300.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At276.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At228.job
[2010-08-29 11:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At204.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At348.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At252.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At180.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At156.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At132.job
[2010-08-29 11:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At108.job
[2010-08-29 10:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At83.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At59.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At443.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At419.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At395.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At371.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At347.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At323.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At299.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At275.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At251.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At227.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At203.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At179.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At155.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At131.job
[2010-08-29 10:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At107.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At456.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At455.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At454.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At453.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At452.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At451.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At450.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At442.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At441.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At440.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At439.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At438.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At437.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At436.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At435.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At434.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At433.job
[2010-08-29 09:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At82.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At58.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At418.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At394.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At370.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At346.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At322.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At298.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At274.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At250.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At226.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At202.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At178.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At154.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At130.job
[2010-08-29 09:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At106.job
[2010-08-29 08:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At9.job

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sun 05 Sep 2010, 2:48 am

[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At81.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At57.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At417.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At393.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At369.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At345.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At321.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At297.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At273.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At249.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At225.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At201.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At177.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At153.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At129.job
[2010-08-29 08:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At105.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At432.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At431.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At430.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At429.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At428.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At427.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At426.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At416.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At415.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At414.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At413.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At412.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At411.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At410.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At409.job
[2010-08-29 07:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At80.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At56.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At392.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At368.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At344.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At320.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At296.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At272.job
[2010-08-29 07:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At248.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At224.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At200.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At176.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At152.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At128.job
[2010-08-29 07:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At104.job
[2010-08-29 06:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At79.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At55.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At391.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At367.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At343.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At319.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At295.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At271.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At247.job
[2010-08-29 06:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At223.job
[2010-08-29 06:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At199.job
[2010-08-29 06:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At175.job
[2010-08-29 06:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At151.job
[2010-08-29 06:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At127.job
[2010-08-29 06:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At103.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At408.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At407.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At406.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At405.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At404.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At403.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At402.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At390.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At389.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At388.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At387.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At386.job
[2010-08-29 05:21:15 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At385.job
[2010-08-29 05:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010-08-29 05:05:03 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At78.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At54.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At366.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At342.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At318.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At294.job
[2010-08-29 05:05:02 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At270.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At246.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At222.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At198.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At174.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At150.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At126.job
[2010-08-29 05:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At102.job
[2010-08-29 04:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At77.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At53.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At365.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At341.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At317.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At293.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At269.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At245.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At221.job
[2010-08-29 04:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At197.job
[2010-08-29 04:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At173.job
[2010-08-29 04:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At149.job
[2010-08-29 04:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At125.job
[2010-08-29 04:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At101.job
[2010-08-29 04:00:44 | 000,001,605 | ---- | M] () -- C:\Documents and Settings\Tutt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At384.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At383.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At382.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At381.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At380.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At379.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At378.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At364.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At363.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At362.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At361.job
[2010-08-29 03:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At76.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At52.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At340.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At316.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At292.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At268.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At244.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At220.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At196.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At172.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At148.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At124.job
[2010-08-29 03:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At100.job
[2010-08-29 02:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At99.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At75.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At51.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At339.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At315.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At291.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At267.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At243.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At219.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At195.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At171.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At147.job
[2010-08-29 02:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At123.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At360.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At359.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At358.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At357.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At356.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At355.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At354.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At338.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At337.job
[2010-08-29 01:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At98.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At74.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At50.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At314.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At290.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At266.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At242.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At218.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At194.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At170.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At146.job
[2010-08-29 01:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At122.job
[2010-08-29 01:02:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At217.job
[2010-08-29 00:48:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At121.job
[2010-08-29 00:42:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At289.job
[2010-08-29 00:39:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At169.job
[2010-08-29 00:27:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At193.job
[2010-08-29 00:26:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At313.job
[2010-08-29 00:22:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At73.job
[2010-08-29 00:22:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010-08-29 00:19:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At241.job
[2010-08-29 00:17:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At265.job
[2010-08-29 00:16:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At145.job
[2010-08-29 00:15:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At49.job
[2010-08-29 00:14:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At97.job
[2010-08-29 00:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At336.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At335.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At334.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At333.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At332.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At331.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At330.job
[2010-08-28 23:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At96.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At72.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At312.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At288.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At264.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At240.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At216.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At192.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At168.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At144.job
[2010-08-28 23:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At120.job
[2010-08-28 22:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At95.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At71.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At311.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At287.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At263.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At239.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At215.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At191.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At167.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At143.job
[2010-08-28 22:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At119.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At310.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At309.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At308.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At307.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At306.job
[2010-08-28 21:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At94.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At70.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At286.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At262.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At238.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At214.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At190.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At166.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At142.job
[2010-08-28 21:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At118.job
[2010-08-28 20:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010-08-28 20:05:01 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At93.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At69.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At285.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At261.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At237.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At213.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At189.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At165.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At141.job
[2010-08-28 20:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At117.job
[2010-08-28 19:17:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-28 19:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At92.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At68.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At284.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At260.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At236.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At212.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At188.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At164.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At140.job
[2010-08-28 19:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At116.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At283.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At282.job
[2010-08-28 18:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At91.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At67.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At259.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At235.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At211.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At187.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At163.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At139.job
[2010-08-28 18:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At115.job
[2010-08-28 17:06:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At90.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At66.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At258.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At234.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At210.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At186.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At162.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At138.job
[2010-08-28 17:05:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At114.job
[2010-08-27 08:00:20 | 000,211,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2010-08-27 08:00:20 | 000,211,072 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2010-08-27 07:58:42 | 000,200,704 | ---- | M] (ApexDC++ Development Team) -- C:\WINDOWS\Hlilyb.exe
[2010-08-27 07:58:17 | 000,081,920 | RHS- | M] () -- C:\WINDOWS\cfdrive32 .exe
[2010-08-27 07:58:12 | 000,200,704 | ---- | M] (ApexDC++ Development Team) -- C:\WINDOWS\Hlilya.exe
[2010-08-22 15:27:58 | 000,052,616 | ---- | M] () -- C:\Documents and Settings\Tutt\My Documents\something gloomy.gp5
[2010-08-18 20:21:34 | 053,468,362 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Baskagge PIKKADOLLS.psd
[2010-08-18 19:15:18 | 000,006,287 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Emmes.aspx
[2010-08-14 16:47:10 | 000,000,146 | ---- | M] () -- C:\Documents and Settings\Tutt\webct_upload_applet.properties
[2010-08-11 20:26:02 | 000,000,520 | ---- | M] () -- C:\hpfr3420.xml
[2010-08-09 21:56:55 | 005,459,822 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls.rar
[2010-08-09 21:54:31 | 001,887,601 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa2 kopiera.jpg
[2010-08-09 21:54:12 | 013,162,940 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa2.psd
[2010-08-09 12:28:44 | 009,243,220 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa.psd
[2010-08-09 12:28:44 | 000,574,338 | ---- | M] () -- C:\Documents and Settings\Tutt\Desktop\framsida2.jpg
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-09-03 16:25:25 | 2615,726,080 | -HS- | C] () -- C:\hiberfil.sys
[2010-09-03 09:23:55 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Eusing Free Registry Cleaner.lnk
[2010-09-03 09:23:40 | 000,054,856 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\ErrorNukerInstaller.exe
[2010-09-03 09:23:39 | 000,963,852 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\EFRCSetup.exe
[2010-09-03 09:23:15 | 007,784,054 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\EFRCSetup.rar
[2010-08-30 22:55:34 | 000,677,376 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\keyfinder.exe
[2010-08-30 22:55:34 | 000,022,118 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\keyfinder.cfg
[2010-08-30 22:49:24 | 000,001,706 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010-08-30 21:27:48 | 000,035,848 | ---- | C] () -- C:\WINDOWS\System32\kr2RrqT.com
[2010-08-30 21:27:24 | 000,001,641 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk
[2010-08-30 21:27:08 | 000,035,848 | ---- | C] () -- C:\WINDOWS\Fonts\kr2RrqT.com
[2010-08-30 21:18:31 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Tutt\sh_wi.bak
[2010-08-30 21:14:03 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010-08-30 21:14:03 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2010-08-30 21:14:03 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010-08-30 21:14:03 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010-08-30 21:14:03 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010-08-30 21:13:36 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-08-30 21:13:29 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-08-30 21:13:29 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-08-30 21:13:15 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplsg.cat
[2010-08-30 20:33:38 | 000,000,265 | ---- | C] () -- C:\spyhunter.fix
[2010-08-29 16:43:37 | 000,001,004 | RHS- | C] () -- C:\Documents and Settings\Tutt\ntuser.pol
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At528.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At527.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At526.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At525.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At524.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At523.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At522.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At521.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At520.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At519.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At518.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At517.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At516.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At515.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At514.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At513.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At512.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At511.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At510.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At509.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At508.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At507.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At506.job
[2010-08-29 15:23:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At505.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At504.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At503.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At502.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At501.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At500.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At499.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At498.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At497.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At496.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At495.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At494.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At493.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At492.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At491.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At490.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At489.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At488.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At487.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At486.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At485.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At484.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At483.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At482.job
[2010-08-29 13:23:02 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At481.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At480.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At479.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At478.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At477.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At476.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At475.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At474.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At473.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At472.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At471.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At470.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At469.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At468.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At467.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At466.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At465.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At464.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At463.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At462.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At461.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At460.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At459.job
[2010-08-29 11:22:28 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At458.job
[2010-08-29 11:22:27 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At457.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At456.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At455.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At454.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At453.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At452.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At451.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At450.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At449.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At448.job
[2010-08-29 09:21:53 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At447.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At446.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At445.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At444.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At443.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At442.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At441.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At440.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At439.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At438.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At437.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At436.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At435.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At434.job
[2010-08-29 09:21:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At433.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At432.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At431.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At430.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At429.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At428.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At427.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At426.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At425.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At424.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At423.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At422.job

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sun 05 Sep 2010, 2:48 am

[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At421.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At420.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At419.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At418.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At417.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At416.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At415.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At414.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At413.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At412.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At411.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At410.job
[2010-08-29 07:21:19 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At409.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At408.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At407.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At406.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At405.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At404.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At403.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At402.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At401.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At400.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At399.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At398.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At397.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At396.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At395.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At394.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At393.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At392.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At391.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At390.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At389.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At388.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At387.job
[2010-08-29 05:20:50 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At386.job
[2010-08-29 05:20:49 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At385.job
[2010-08-29 04:00:44 | 000,001,605 | ---- | C] () -- C:\Documents and Settings\Tutt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At384.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At383.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At382.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At381.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At380.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At379.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At378.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At377.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At376.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At375.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At374.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At373.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At372.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At371.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At370.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At369.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At368.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At367.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At366.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At365.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At364.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At363.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At362.job
[2010-08-29 03:20:07 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At361.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At360.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At359.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At358.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At357.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At356.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At355.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At354.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At353.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At352.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At351.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At350.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At349.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At348.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At347.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At346.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At345.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At344.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At343.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At342.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At341.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At340.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At339.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At338.job
[2010-08-29 01:19:33 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At337.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At336.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At335.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At334.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At333.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At332.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At331.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At330.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At329.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At328.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At327.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At326.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At325.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At324.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At323.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At322.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At321.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At320.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At319.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At318.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At317.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At316.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At315.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At314.job
[2010-08-28 23:18:58 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At313.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At312.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At311.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At310.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At309.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At308.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At307.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At306.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At305.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At304.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At303.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At302.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At301.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At300.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At299.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At298.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At297.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At296.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At295.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At294.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At293.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At292.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At291.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At290.job
[2010-08-28 21:18:24 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At289.job
[2010-08-28 19:17:31 | 000,013,312 | -HS- | C] () -- C:\Documents and Settings\Tutt\pizda_ntload.dll
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At288.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At287.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At286.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At285.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At284.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At283.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At282.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At281.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At280.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At279.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At278.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At277.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At276.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At275.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At274.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At273.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At272.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At271.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At270.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At269.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At268.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At267.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At266.job
[2010-08-28 18:30:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At265.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At264.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At263.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At262.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At261.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At260.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At259.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At258.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At257.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At256.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At255.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At254.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At253.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At252.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At251.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At250.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At249.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At248.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At247.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At246.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At245.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At244.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At243.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At242.job
[2010-08-28 16:03:30 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At241.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At240.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At239.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At238.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At237.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At236.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At235.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At234.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At233.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At232.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At231.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At230.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At229.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At228.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At227.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At226.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At225.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At224.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At223.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At222.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At221.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At220.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At219.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At218.job
[2010-08-28 06:03:48 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At217.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At216.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At215.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At214.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At213.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At212.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At211.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At210.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At209.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At208.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At207.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At206.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At205.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At204.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At203.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At202.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At201.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At200.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At199.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At198.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At197.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At196.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At195.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At194.job
[2010-08-28 04:03:14 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At193.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At192.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At191.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At190.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At189.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At188.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At187.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At186.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At185.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At184.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At183.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At182.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At181.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At180.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At179.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At178.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At177.job
[2010-08-28 02:02:39 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At176.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At175.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At174.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At173.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At172.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At171.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At170.job
[2010-08-28 02:02:38 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At169.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At168.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At167.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At166.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At165.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At164.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At163.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At162.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At161.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At160.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At159.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At158.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At157.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At156.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At155.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At154.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At153.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At152.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At151.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At150.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At149.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At148.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At147.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At146.job
[2010-08-28 00:01:52 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At145.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At144.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At143.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At142.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At141.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At140.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At139.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At138.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At137.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At136.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At135.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At134.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At133.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At132.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At131.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At130.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At129.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At128.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At127.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At126.job
[2010-08-27 22:00:46 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At125.job
[2010-08-27 22:00:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At124.job
[2010-08-27 22:00:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At123.job
[2010-08-27 22:00:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At122.job
[2010-08-27 22:00:45 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At121.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At99.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At98.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At97.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At120.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At119.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At118.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At117.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At116.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At115.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At114.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At113.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At112.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At111.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At110.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At109.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At108.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At107.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At106.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At105.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At104.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At103.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At102.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At101.job
[2010-08-27 19:59:56 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At100.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At96.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At95.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At94.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At93.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At92.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At91.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At90.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At89.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At88.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At87.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At86.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At85.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At84.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At83.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At82.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At81.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At80.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At79.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At78.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At77.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At76.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At75.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At74.job
[2010-08-27 17:57:00 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At73.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At72.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At71.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At70.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At69.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At68.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At67.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At66.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At65.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At64.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At63.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At62.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At61.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At60.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At59.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At58.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At57.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At56.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At55.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At54.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At53.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At52.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At51.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At50.job
[2010-08-27 14:07:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At49.job
[2010-08-27 11:22:11 | 000,072,706 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\i3x1Qx4f.exe
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010-08-27 11:22:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010-08-27 11:22:09 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ln3HK3T.dat
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010-08-27 11:21:21 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010-08-27 07:58:29 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\cfdrive32 .exe
[2010-08-27 07:58:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\pywpy.sys
[2010-08-22 15:27:58 | 000,052,616 | ---- | C] () -- C:\Documents and Settings\Tutt\My Documents\something gloomy.gp5
[2010-08-18 20:21:29 | 053,468,362 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Baskagge PIKKADOLLS.psd
[2010-08-18 19:15:16 | 000,006,287 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Emmes.aspx
[2010-08-09 21:56:48 | 005,459,822 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls.rar
[2010-08-09 21:54:25 | 001,887,601 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa2 kopiera.jpg
[2010-08-09 21:50:57 | 013,162,940 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa2.psd
[2010-08-09 21:29:55 | 009,243,220 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\Pikkadolls cd baksidaa.psd
[2010-08-09 21:29:55 | 000,574,338 | ---- | C] () -- C:\Documents and Settings\Tutt\Desktop\framsida2.jpg
[2010-07-13 22:00:59 | 000,002,554 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2009-09-14 22:25:23 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2009-09-14 17:17:33 | 000,000,256 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009-08-01 11:58:32 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\bwmedia.dll
[2009-08-01 11:57:07 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysmwwod.dll
[2009-05-22 19:46:54 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2009-05-03 19:11:15 | 000,211,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2009-03-04 00:14:25 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Tutt\Application Data\$_hpcst$.hpc
[2008-12-12 00:50:05 | 000,002,698 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008-12-11 00:21:26 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008-11-16 16:50:45 | 002,891,463 | ---- | C] () -- C:\Program Files\Guitar Pro 4.rar
[2007-12-22 17:57:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007-04-12 08:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007-04-09 12:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007-04-09 12:55:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007-04-09 12:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007-03-11 16:54:46 | 000,000,363 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007-02-11 17:27:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007-01-15 19:19:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-01-15 18:46:22 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2007-01-15 18:44:39 | 000,643,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007-01-15 18:44:39 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd5773.sys
[2007-01-01 23:01:05 | 000,157,696 | ---- | C] () -- C:\Documents and Settings\Tutt\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-30 01:07:30 | 000,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006-12-26 18:40:59 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Tutt\Local Settings\Application Data\fusioncache.dat
[2006-11-14 19:06:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-11-14 19:05:30 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-11-14 19:05:30 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-11-14 19:05:30 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-11-14 19:05:29 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-11-14 19:03:02 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2006-11-14 18:29:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-11-14 18:29:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-11-14 18:29:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-11-14 18:29:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-11-14 18:29:19 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-11-14 18:29:19 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-11-14 18:28:03 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006-11-14 17:33:33 | 000,000,828 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-10-22 13:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-10-22 13:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-02 09:25:18 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2005-12-21 12:36:46 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005-11-05 18:46:26 | 000,000,537 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2005-08-05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005-06-16 10:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2003-03-09 22:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2002-08-08 17:38:34 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\atsdrve.dll
[2002-01-18 21:56:54 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\mp3enc.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >

Couldn´t post the entire log in one post, sorry

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by Belahzur on Sun 05 Sep 2010, 3:42 am

Hello.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Sun 05 Sep 2010, 7:29 am

The same second i try to launch combo-fix.exe I get BSoD as follows:
A problem has been detected and windows has been shut down to prevent damage "..."
Technical information:
*** STOP 0x0000008E (0xC0000005, 0x006B0072, 0XB8277CF0, 0x00000000)

EDIT: The bar fills up when i launch combo-fix.exe, and its when it´s full I get BSoD, not on the second i click the program

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by Belahzur on Sun 05 Sep 2010, 10:14 am

Hello.
Please try Combofix from Safe Mode.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Mon 06 Sep 2010, 1:27 am

ComboFix 10-09-03.02 - Tutt 2010-09-05 14:48:30.1.2 - x86
Körs från: D:\Combo-Fix.exe

VARNINIG -ÅTERSTÄLLNINGSKONSOLEN (THE RECOVERY CONSOLE) ÄR INTE INSTALLERAD PÅ DEN HÄR DATORN !!
.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\pizda_ntload.dll
c:\documents and settings\Administrator\userinit.exe
c:\documents and settings\All Users\Application Data\i3x1Qx4f.exe
c:\documents and settings\NetworkService\pizda_ntload.dll
c:\documents and settings\NetworkService\userinit.exe
c:\documents and settings\Tutt\Application Data\176170D6E4280D8CD04407F5B2F36A2F
c:\documents and settings\Tutt\Application Data\176170D6E4280D8CD04407F5B2F36A2F\enemies-names.txt
c:\documents and settings\Tutt\Application Data\176170D6E4280D8CD04407F5B2F36A2F\local.ini
c:\documents and settings\Tutt\Local Settings\Application Data\aekmxpjdr
c:\documents and settings\Tutt\Local Settings\Application Data\aekmxpjdr\obiyahpshdw.exe
c:\documents and settings\Tutt\Local Settings\Application Data\drbqohjpu
c:\documents and settings\Tutt\Local Settings\Application Data\drbqohjpu\kbhdeoashdw.exe
c:\documents and settings\Tutt\Local Settings\Application Data\Windows Server
c:\documents and settings\Tutt\Local Settings\Application Data\Windows Server\server.dat
c:\documents and settings\Tutt\pizda_ntload.dll
c:\documents and settings\Tutt\userinit .exe
c:\documents and settings\Tutt\userinit.exe
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
c:\program files\blinkx Remote Toolbar\thE_blinkx_bho.dll
c:\program files\blinkx Remote Toolbar\the_blinkx_toolbar.exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
c:\program files\iTunes\iTunesHelper.exe
c:\program files\Messenger\msmsgs.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\program files\Microsoft IntelliPoint\ipoint.exe
c:\program files\Spyware Doctor\pctsTray.exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr .exe
c:\program files\Windows Live\Messenger\msnmsgr.exe
c:\windows\Fonts\kr2RrqT.com
c:\windows\PRAGMAnprpphosti
c:\windows\PRAGMAnprpphosti\pragmabbr.dll
c:\windows\PRAGMAnprpphosti\PRAGMAc.dll
c:\windows\PRAGMAnprpphosti\PRAGMAcfg.ini
c:\windows\PRAGMAnprpphosti\PRAGMAd.sys
c:\windows\PRAGMAnprpphosti\pragmaserf.dll
c:\windows\PRAGMAnprpphosti\PRAGMAsrcr.dat
c:\windows\system32\driVERs\pywpy.sys
c:\windows\system32\gdi32.dll.orig
c:\windows\system32\mssrv32.exe
c:\windows\system32\PRAGMAerrors.log
c:\windows\Tasks\At1.job
c:\windows\Tasks\At100.job
c:\windows\Tasks\At102.job
c:\windows\Tasks\At105.job
N:\.MS32DLL.dll.vbs
N:\Autorun.inf

Code:
 <pre>
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe ---^> c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
c:\program files\blinkx Remote Toolbar\the_blinkx_toolbar .exe ---^> c:\program files\blinkx Remote Toolbar\the_blinkx_toolbar.exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM .exe ---^> c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier .exe ---^> c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
c:\program files\iTunes\iTunesHelper .exe ---^> c:\program files\iTunes\iTunesHelper.exe
c:\program files\Messenger\msmsgs .exe ---^> c:\program files\Messenger\msmsgs.exe
c:\program files\Microsoft ActiveSync\wcescomm .exe ---^> c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\program files\Microsoft IntelliPoint\ipoint .exe ---^> c:\program files\Microsoft IntelliPoint\ipoint.exe
c:\program files\Spyware Doctor\pctsTray .exe ---^> c:\program files\Spyware Doctor\pctsTray.exe
c:\program files\Windows Live\Messenger\msnmsgr            .exe ---^> c:\program files\Windows Live\Messenger\msnmsgr.exe
</pre>
.
c:\windows\system32\drivers\pywpy.sys . . . är infekterad!! . . . Failed to find a valid replacement.
c:\windows\explorer.exe . . . är infekterad!! . . .Failed to restore. Attempting to replace on reboot

c:\windows\system32\winlogon.exe . . . är infekterad!! . . .Failed to restore. Attempting to replace on reboot

Infekterad kopia av c:\windows\explorer.exe hittades och desinficerades.
Återställd kopia från - c:\system volume information\_restore{A22E53E9-8FE5-4927-93A7-ADACAA959211}\RP3\A0032012.exe
Infekterad kopia av c:\windows\system32\winlogon.exe hittades och desinficerades.
Återställd kopia från - c:\system volume information\_restore{A22E53E9-8FE5-4927-93A7-ADACAA959211}\RP3\A0032014.exe
.
((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_PRAGMANPRPPHOSTI
-------\Legacy_SSHNAS
-------\Legacy_SYSSRV
-------\Service_PRAGMAnprpphosti
-------\Legacy_pywpy
-------\Service_pywpy


(((((((((((((((((((((((( Filer Skapade från 2010-08-05 till 2010-09-05 ))))))))))))))))))))))))))))))
.

2010-09-03 14:20 . 2010-09-03 14:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\AusLogics
2010-09-03 14:19 . 2010-09-03 14:19 -------- d-----w- c:\program files\Auslogics
2010-09-03 07:23 . 2010-09-03 07:23 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2010-09-02 20:17 . 2010-09-02 20:17 -------- d-----w- C:\PerfLogs
2010-08-30 21:09 . 2004-08-10 12:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2010-08-30 20:49 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-30 20:49 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-30 20:49 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-30 20:49 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-30 20:49 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-30 20:49 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-30 20:49 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-30 20:48 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-30 20:48 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-30 19:27 . 2010-08-30 19:18 35848 ----a-w- c:\windows\system32\kr2RrqT.com
2010-08-30 19:14 . 2010-01-22 07:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-08-30 19:14 . 2010-01-22 07:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-08-30 19:14 . 2010-01-22 07:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-08-30 19:14 . 2010-01-22 07:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-08-30 19:14 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip
2010-08-30 19:14 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip
2010-08-30 19:13 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-08-30 19:13 . 2010-03-10 09:36 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-08-30 19:13 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-08-30 19:13 . 2010-02-05 07:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-08-30 19:13 . 2010-09-05 13:11 -------- d-----w- c:\program files\Spyware Doctor
2010-08-30 19:13 . 2010-08-30 19:14 -------- d-----w- c:\program files\Common Files\PC Tools
2010-08-30 19:13 . 2010-08-30 19:13 -------- d-----w- c:\documents and settings\Tutt\Application Data\PC Tools
2010-08-30 19:13 . 2010-08-30 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-08-30 18:33 . 2010-08-30 18:33 -------- d-----w- c:\program files\Enigma Software Group
2010-08-29 16:14 . 2010-08-29 16:14 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-08-29 14:42 . 2010-08-29 14:42 -------- d--h--w- c:\windows\system32\GroupPolicy
2010-08-28 14:21 . 2010-08-30 20:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-28 14:21 . 2010-08-28 14:21 -------- d-----w- c:\program files\Alwil Software
2010-08-27 14:06 . 2010-08-27 14:06 -------- d-----w- c:\documents and settings\Tutt\Application Data\Malwarebytes
2010-08-27 14:06 . 2010-08-27 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-27 14:06 . 2010-09-03 14:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-27 13:57 . 2010-08-28 13:37 -------- d-----w- c:\documents and settings\Tutt\Application Data\drbqohjpu
2010-08-27 13:51 . 2010-08-27 05:58 200704 ----a-w- c:\windows\Hlilyb.exe
2010-08-27 09:23 . 2010-08-27 09:23 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-08-27 05:58 . 2010-08-27 05:58 81920 --sha-r- c:\windows\cfdrive32 .exe
2010-08-27 05:58 . 2010-08-27 05:58 200704 ----a-w- c:\windows\Hlilya.exe
2010-08-27 05:58 . 2010-08-28 13:37 -------- d-----w- c:\documents and settings\Tutt\Local Settings\Application Data\wqgmxhwuf
2010-08-27 05:58 . 2010-08-28 13:37 -------- d-----w- c:\documents and settings\Tutt\Application Data\aekmxpjdr
2010-08-27 05:58 . 2010-08-28 13:37 -------- d-----w- c:\documents and settings\Tutt\Local Settings\Application Data\lqjnxfvsb

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-05 13:11 . 2007-09-15 23:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-05 13:11 . 2009-09-10 15:26 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-09-05 13:11 . 2007-12-22 15:56 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-09-05 13:11 . 2010-06-24 17:23 -------- d-----w- c:\program files\iTunes
2010-09-05 13:11 . 2010-07-21 18:01 -------- d-----w- c:\program files\blinkx Remote Toolbar
2010-08-31 10:14 . 2010-06-16 07:01 -------- d-----w- c:\program files\QuickTime
2010-08-30 19:58 . 2007-01-06 23:15 -------- d-----w- c:\program files\nordicbetMPP
2010-08-29 13:23 . 2010-08-27 09:22 112 ----a-w- c:\documents and settings\All Users\Application Data\ln3HK3T.dat
2010-08-28 13:37 . 2007-01-15 16:46 -------- d-----w- c:\program files\DAEMON Tools
2010-08-27 13:26 . 2009-02-10 11:07 -------- d-----w- c:\documents and settings\Tutt\Application Data\Spotify
2010-08-27 06:00 . 2009-05-03 17:11 211072 ----a-w- c:\windows\system32\drivers\ndis.sys
2010-08-27 05:57 . 2010-08-27 13:57 265216 ----a-w- c:\documents and settings\Tutt\Application Data\drbqohjpu\kbhdeoashdw .exe
2010-08-27 05:57 . 2010-08-27 05:58 265216 ----a-w- c:\documents and settings\Tutt\Application Data\aekmxpjdr\obiyahpshdw .exe
2010-08-23 15:41 . 2009-11-30 17:01 -------- d-----w- c:\program files\Windows Live Safety Center
2010-08-12 15:53 . 2009-03-28 14:59 -------- d-----w- c:\documents and settings\Tutt\Application Data\DC++
2010-07-20 16:52 . 2006-11-14 16:52 64256 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-15 08:55 . 2010-06-19 10:47 35744 ---ha-w- c:\windows\system32\mlfcache.dat
2010-07-15 08:55 . 2007-11-10 22:31 -------- d-----w- c:\documents and settings\Tutt\Application Data\Apple Computer
2010-07-07 20:27 . 2010-07-07 14:51 -------- d-----w- c:\documents and settings\Tutt\Application Data\Steinberg
2010-07-07 20:25 . 2010-07-07 20:25 -------- d-----w- c:\program files\Common Files\VST3
2010-07-07 20:22 . 2010-07-07 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\VST3 Presets
2010-07-07 20:12 . 2010-07-07 20:12 -------- d-----w- c:\program files\Common Files\Steinberg
2010-07-07 20:11 . 2010-07-07 20:10 -------- d-----w- c:\program files\Steinberg
2010-07-07 20:09 . 2010-07-07 20:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Steinberg
2010-07-07 17:37 . 2009-09-12 21:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-07 14:48 . 2007-09-15 23:11 -------- d-----w- c:\program files\Vstplugins
2010-07-07 14:33 . 2010-07-07 14:33 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D9E82392-C1A3-4250-AA4C-A71D58A17E10}
2010-07-07 14:32 . 2010-07-07 14:32 -------- d-----w- c:\program files\Lexicon
2010-06-24 17:18 . 2010-06-24 17:18 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-24 17:18 . 2010-06-24 17:18 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2008-11-16 14:50 . 2008-11-16 14:50 2891463 ----a-w- c:\program files\Guitar Pro 4.rar
2009-03-21 13:54 . 2009-05-03 17:11 26112 --sha-w- c:\windows\system32\ntdevice.exe
.
Code:
<pre>
c:\program files\Enigma Software Group\SpyHunter\SpyHunter3  .exe
c:\program files\Malwarebytes' Anti-Malware\mbam .exe
c:\program files\QuickTime\qttask                                            .exe
c:\program files\QuickTime\qttask                                          .exe
c:\program files\QuickTime\qttask                                          .exe
c:\program files\QuickTime\qttask                                        .exe
c:\program files\QuickTime\qttask                                        .exe
c:\program files\QuickTime\qttask                                      .exe
c:\program files\QuickTime\qttask                                      .exe
c:\program files\QuickTime\qttask                                    .exe
c:\program files\QuickTime\qttask                                    .exe
c:\program files\QuickTime\qttask                                  .exe
c:\program files\QuickTime\qttask                                  .exe
c:\program files\QuickTime\qttask                                .exe
c:\program files\QuickTime\qttask                                .exe
c:\program files\QuickTime\qttask                              .exe
c:\program files\QuickTime\qttask                              .exe
c:\program files\QuickTime\qttask                            .exe
c:\program files\QuickTime\qttask                            .exe
c:\program files\QuickTime\qttask                        .exe
c:\program files\QuickTime\qttask                        .exe
c:\program files\QuickTime\qttask                      .exe
c:\program files\QuickTime\qttask                      .exe
c:\program files\QuickTime\qttask                    .exe
c:\program files\QuickTime\qttask                    .exe
c:\program files\QuickTime\qttask                  .exe
c:\program files\QuickTime\qttask                  .exe
c:\program files\QuickTime\qttask                .exe
c:\program files\QuickTime\qttask                .exe
c:\program files\QuickTime\qttask              .exe
c:\program files\QuickTime\qttask              .exe
c:\program files\QuickTime\qttask            .exe
c:\program files\QuickTime\qttask            .exe
c:\program files\QuickTime\qttask          .exe
c:\program files\QuickTime\qttask          .exe
c:\program files\QuickTime\qttask        .exe
c:\program files\QuickTime\qttask        .exe
c:\program files\QuickTime\qttask      .exe
c:\program files\QuickTime\qttask      .exe
c:\program files\QuickTime\qttask    .exe
c:\program files\QuickTime\qttask    .exe
c:\program files\QuickTime\qttask  .exe
c:\program files\QuickTime\qttask  .exe
c:\program files\QuickTime\qttask .exe
c:\windows\cfdrive32 .exe
</pre>

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\kbdclass.sys
[-] 2004-08-10 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[-] 2004-08-10 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2010-08-27 06:00 . !HASH: COULD NOT OPEN FILE !!!!! . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys
[-] 2010-08-27 06:00 . !HASH: COULD NOT OPEN FILE !!!!! . 211072 . . [------] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-13 19:20 . !HASH: COULD NOT OPEN FILE !!!!! . 182656 . . [------] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ndis.sys
[-] 2004-08-10 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 182912 . . [------] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
[-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\i386\NTFS.SYS

[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB889527$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\browser.dll
[-] 2004-08-10 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
[-] 2004-08-10 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2004-08-10 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\lsass.exe
[-] 2004-08-10 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2004-08-10 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2004-08-10 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\dllcache\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-10 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\qmgr.dll
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2004-08-10 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2004-08-10 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB902400$\rpcss.dll

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe
[-] 2008-11-23 . 1F5781A58EDA2A55582D8B155CF096B1 . 112128 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\services.exe
[-] 2004-08-10 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe

[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2004-08-10 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\winlogon.exe
[-] 2004-08-25 . B4592FCE66AB5CEFCAFB9FA0D8A04D24 . 502784 . . [5.1.2600.2508] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2004-08-25 . 445DE3A0EC4FCADFFE24F19A2E2B2A92 . 502784 . . [5.1.2600.2508] . . c:\windows\system32\winlogon.exe
[-] 2004-08-10 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB883529$\winlogon.exe

[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2005-04-07 . 4FA5EF9FC22F219D155D4AEF812371F1 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-10 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB884883$\comctl32.dll
[-] 2004-08-10 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\i386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\cryptsvc.dll
[-] 2004-08-10 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2004-08-10 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-10 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-10 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\imm32.dll
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2004-08-10 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
[-] 2006-09-07 . 16F21882C96EE0136A92E867DA94215C . 985600 . . [5.1.2600.2991] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB924867$\kernel32.dll
[-] 2004-08-10 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2004-08-10 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\lpk.dll
[-] 2004-08-10 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
[-] 2004-08-10 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2004-08-10 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll

[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\system32\mshtml.dll
[-] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[-] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\mshtml.dll
[-] 2009-07-18 . 7467941BE64DFC5F8E9F3DC1DE920806 . 3069440 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3GDR\mshtml.dll
[-] 2009-07-18 . F3EE47F296295D08A97CB50EF57244D9 . 3069952 . . [6.00.2900.5848] . . c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
[-] 2009-04-29 . ABD8093E43E53AEA5898D2214B92E9BA . 3068928 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\mshtml.dll
[-] 2009-04-29 . 7BB862F4CBB8361551C34674291BA5EC . 3068928 . . [6.00.2900.3562] . . c:\windows\ie8\mshtml.dll
[-] 2009-04-29 . 06CF679E3D24C3DF270556456A0F1EDA . 3069440 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[-] 2009-02-20 . 03D98EB3F7BBD1FA14C650597F1989BC . 3067904 . . [6.00.2900.3527] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2009-02-20 . 03D98EB3F7BBD1FA14C650597F1989BC . 3067904 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\mshtml.dll
[-] 2009-02-20 . 2F70F2F74C40397D031016FA162981C2 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\mshtml.dll
[-] 2009-02-20 . 1618A4A2C5DD8164B8295190C8EA6544 . 3068416 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\mshtml.dll
[-] 2008-12-12 . 6D1D493622EA050DBAABD0C4C1DFADB5 . 3067392 . . [6.00.2900.3492] . . c:\windows\$NtUninstallKB963027_0$\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-12-12 . C828AA1C5469E72251F3D367005E589F . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
[-] 2008-12-12 . C828AA1C5469E72251F3D367005E589F . 3067904 . . [6.00.2900.5726] . . c:\windows\$NtUninstallKB963027$\mshtml.dll
[-] 2008-10-16 . C99D8B48FC245D98E1A2BAB6594458C9 . 3067392 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB960714_0$\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-10-16 . B846C2DE341CF32B42AD297437233742 . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
[-] 2008-10-16 . B846C2DE341CF32B42AD297437233742 . 3067904 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB960714$\mshtml.dll
[-] 2008-08-20 . 20D44D1A5A406CD8E129D3D4F0B5717C . 3067392 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215_0$\mshtml.dll
[-] 2008-08-20 . 507BDA42F7DB8209C0F0B3556A043491 . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
[-] 2008-08-20 . 507BDA42F7DB8209C0F0B3556A043491 . 3067904 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\mshtml.dll
[-] 2008-08-20 . BD45470B132A0F98596277323D9F2E5A . 3067904 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
[-] 2008-06-25 . 04EEC0FF4DD3C7041628973CA6832C33 . 3067904 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
[-] 2008-06-23 . 1FC693A4EE1D9D9CD78DDA6C87232F6F . 3067392 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390_0$\mshtml.dll
[-] 2008-06-23 . F433136C23D13B120412B300D1324A7E . 3067392 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
[-] 2008-06-23 . F433136C23D13B120412B300D1324A7E . 3067392 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\mshtml.dll
[-] 2008-04-21 . 083B967E6B0B2BB539CE6B08D45D631F . 3066880 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\mshtml.dll
[-] 2008-04-21 . FE406DE0651C9E8201DCB0460609D739 . 3066880 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\mshtml.dll
[-] 2008-04-21 . FE406DE0651C9E8201DCB0460609D739 . 3066880 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\mshtml.dll
[-] 2008-04-21 . 46A61BA430110F00DD990D058AA3D054 . 3067392 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\mshtml.dll
[-] 2008-02-16 . 701A6798DDF875CAA3A5099EE75FD57F . 3066880 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759_0$\mshtml.dll
[-] 2007-12-07 . 8A4DD074DEC1B0C063C8493ABF654CBC . 3066368 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\mshtml.dll
[-] 2007-10-30 . 79314A0A6B0DA78AFE491FF2D8B117BA . 3065856 . . [6.00.2900.3243] . . c:\windows\$NtUninstallKB944533$\mshtml.dll
[-] 2007-08-22 . 885E3BF99EA4B2213901EBC35B34CF12 . 3064832 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\mshtml.dll
[-] 2007-06-15 . 53F3FD772C010622346C39284C4A863B . 3064320 . . [6.00.2900.3157] . . c:\windows\$NtUninstallKB939653$\mshtml.dll
[-] 2007-05-04 . 00ADCB32832A10ED9419493BCEA97526 . 3064320 . . [6.00.2900.3132] . . c:\windows\$NtUninstallKB937143$\mshtml.dll
[-] 2007-02-19 . 2991727809C7AC3A33E4178CC73244D8 . 3063296 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\mshtml.dll
[-] 2007-01-04 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\mshtml.dll
[-] 2006-07-28 . D251679BD9EF0250201FB899EC40FD32 . 3058176 . . [6.00.2900.2963] . . c:\windows\$hf_mig$\KB918899\SP2QFE\mshtml.dll
[-] 2006-07-28 . C7074DA3D8F8C0F6C03874BA0B05069C . 3054080 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2004-08-10 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB918899$\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\msvcrt.dll
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-10 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\i386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2004-08-10 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\i386\WIN9XUPG\MSVCRT.DLL
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-10 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\mswsock.dll
[-] 2004-08-10 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB975467$\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\netlogon.dll
[-] 2004-08-10 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
[-] 2004-08-10 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389$\netlogon.dll

[-] 2009-08-04 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8DF112C341425F29DB4566B8D2A96A7F . 2185984 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-08-04 . 8DF112C341425F29DB4566B8D2A96A7F . 2185984 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-08-04 . C0900759CBDA8FBACC2470EF0E8EB31B . 2142720 . . [5.1.2600.3610] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 19A791C5DFE59AA9BB1461C4957004F6 . 2142720 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-06 . 19A791C5DFE59AA9BB1461C4957004F6 . 2142720 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-11-23 . 81572B403B38AD3BE2D67D55F514D755 . 2148864 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . EEAF32F8E15A24F62BECB1BD403BB5C5 . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-08-14 . 60794EA12961B7341AD54C731B50AE15 . 2142720 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntoskrnl.exe
[-] 2007-02-28 . E6679C3023B17D8B78946BC5DF53FA20 . 2137600 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
[-] 2006-12-19 . 57B9D140E1EB8B0EA06DF927B63B0EEE . 2137600 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-09-29 . 25C36DBC46E8EFF2A811769A60715AC5 . 2136064 . . [5.1.2600.2765] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2005-03-02 . 48B3E89AF7074CEE0314A3E0C7FAFFDB . 2135552 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB896256$\ntoskrnl.exe
[-] 2004-08-10 . 626309040459C3915997EF98EC1C8D40 . 2148352 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\powrprof.dll
[-] 2004-08-10 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2004-08-10 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2004-08-10 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\scecli.dll
[-] 2004-08-10 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
[-] 2004-08-10 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2004-08-10 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\sfc.dll
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2004-08-10 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\svchost.exe
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2004-08-10 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2004-08-10 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-10 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\userinit.exe
[-] 2004-08-10 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2004-08-10 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2004-08-10 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe

[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\system32\wininet.dll
[-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\wininet.dll
[-] 2009-06-26 . 70FFEA4793D7139A447B169CB0E500BC . 666624 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3GDR\wininet.dll
[-] 2009-06-26 . 8553E6D4EC1563277323E6B2D6FBB954 . 668160 . . [6.00.2900.5835] . . c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[-] 2009-04-29 . 6002073519FA478BF89977369CDFD156 . 666624 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[-] 2009-04-29 . 9E36A148748C5DE4EA1F47B9B625F412 . 668160 . . [6.00.2900.3562] . . c:\windows\ie8\wininet.dll
[-] 2009-04-29 . 04BCB4F87B35502568F6CF33433543A5 . 668160 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2009-02-20 . 1EA0E6DD74199209D60991FD46CE8643 . 668160 . . [6.00.2900.3527] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2009-02-20 . 1EA0E6DD74199209D60991FD46CE8643 . 668160 . . [6.00.2900.3527] . . c:\windows\$NtUninstallKB969897$\wininet.dll
[-] 2009-02-20 . 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E . 666112 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll
[-] 2009-02-20 . 711FEABED387B29FF7ED61BC6806A06C . 667648 . . [6.00.2900.5764] . . c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[-] 2008-10-16 . 93C9D0A216498EE14EB9B26119BB95EE . 667648 . . [6.00.2900.3462] . . c:\windows\$NtUninstallKB963027_0$\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-10-16 . 1576318BF08D28CC61D1278114AD8D5B . 666112 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[-] 2008-10-16 . 1576318BF08D28CC61D1278114AD8D5B . 666112 . . [6.00.2900.5694] . . c:\windows\$NtUninstallKB963027$\wininet.dll
[-] 2008-08-20 . C91E3A6EF094202F6B5CA8960DFCF243 . 667648 . . [6.00.2900.3429] . . c:\windows\$NtUninstallKB958215_0$\wininet.dll
[-] 2008-08-20 . 9AF5F25124FBDC36E2B510729CBA2674 . 666112 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
[-] 2008-08-20 . 9AF5F25124FBDC36E2B510729CBA2674 . 666112 . . [6.00.2900.5659] . . c:\windows\$NtUninstallKB958215$\wininet.dll
[-] 2008-08-20 . 94418F53D2612C26DBADC04DAFBC197C . 666624 . . [6.00.2900.5659] . . c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
[-] 2008-06-23 . 611ACE3F4201E9610AF8452F7C268995 . 667136 . . [6.00.2900.3395] . . c:\windows\$NtUninstallKB956390_0$\wininet.dll
[-] 2008-06-23 . F12FBB673DE9CC802C5DC518FE99AA2F . 666112 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
[-] 2008-06-23 . F12FBB673DE9CC802C5DC518FE99AA2F . 666112 . . [6.00.2900.5626] . . c:\windows\$NtUninstallKB956390$\wininet.dll
[-] 2008-06-23 . 972299B7241EC325D8C7E5638C884925 . 666624 . . [6.00.2900.5626] . . c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
[-] 2008-04-21 . 2E7DE1BF9418B071799EB53DE8CC22F5 . 666624 . . [6.00.2900.3354] . . c:\windows\$NtUninstallKB953838_0$\wininet.dll
[-] 2008-04-21 . 2B0C24AA747A93A28987B6D65A4A74BC . 666112 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3GDR\wininet.dll
[-] 2008-04-21 . 2B0C24AA747A93A28987B6D65A4A74BC . 666112 . . [6.00.2900.5583] . . c:\windows\$NtUninstallKB953838$\wininet.dll
[-] 2008-04-21 . 26F240C250E5B4B395CB4B178BA75437 . 666624 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\wininet.dll

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Mon 06 Sep 2010, 1:27 am

[-] 2008-02-16 . BB1EACD6AB47E78EBCA02EB781550D55 . 666112 . . [6.00.2900.3314] . . c:\windows\$NtUninstallKB950759_0$\wininet.dll
[-] 2007-12-07 . 085A7C37F9C6EDE1BA870B7DBEC06399 . 666112 . . [6.00.2900.3268] . . c:\windows\$NtUninstallKB947864$\wininet.dll
[-] 2007-10-11 . 80D660A49E0D118144423099B2A9F5DA . 666112 . . [6.00.2900.3231] . . c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2007-08-22 . A1BC17EB3758D73C3938B2318820F5B4 . 665600 . . [6.00.2900.3199] . . c:\windows\$NtUninstallKB942615$\wininet.dll
[-] 2007-06-26 . E1A3DD68B5380B360A7310A64D9BB188 . 665600 . . [6.00.2900.3164] . . c:\windows\$NtUninstallKB939653$\wininet.dll
[-] 2007-04-18 . 4261BA03AFD659DE04F0A17DFBDD454D . 665600 . . [6.00.2900.3121] . . c:\windows\$NtUninstallKB937143$\wininet.dll
[-] 2007-02-20 . B258C922D22DEEC880B60720531D7627 . 665600 . . [6.00.2900.3086] . . c:\windows\$NtUninstallKB933566$\wininet.dll
[-] 2007-01-04 . 3FFA1573FC274E5AA7467D03941C45EE . 665088 . . [6.00.2900.3059] . . c:\windows\$NtUninstallKB931768$\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB928090$\wininet.dll
[-] 2006-06-23 . 64CE26DB72810B30F7855EA51E1DF836 . 664576 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll
[-] 2006-06-23 . 2B4DB890936430C71419037039502752 . 658944 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2004-08-10 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB918899$\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ws2_32.dll
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ws2help.dll
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[-] 2004-08-10 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\explorer.exe
[-] 2007-06-13 . BD222A44FF38F8303E2511D47A191A47 . 1033216 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2005-04-07 . 45757077A47C68A603A79B03A1A836AB . 1032192 . . [6.00.2900.2649] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2004-08-10 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB884883$\explorer.exe

[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll
[-] 2005-07-25 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2004-08-10 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB902400$\ole32.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\srsvc.dll
[-] 2004-11-17 . 902CF9595F640E53F33C0F1637F464F9 . 171008 . . [5.1.2600.2567] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[-] 2004-11-17 . 902CF9595F640E53F33C0F1637F464F9 . 171008 . . [5.1.2600.2567] . . c:\windows\system32\srsvc.dll
[-] 2004-11-17 . 902CF9595F640E53F33C0F1637F464F9 . 171008 . . [5.1.2600.2567] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2004-08-10 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB888402$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\wscntfy.exe
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-10 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\xmlprov.dll
[-] 2004-08-10 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
[-] 2004-08-10 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-10 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\eventlog.dll
[-] 2004-08-10 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
[-] 2004-08-10 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2004-08-10 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\sfcfiles.dll
[-] 2004-08-10 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2004-08-10 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-10 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ctfmon.exe
[-] 2004-08-10 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2004-08-10 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-10 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-10 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\regsvc.dll
[-] 2004-08-10 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
[-] 2004-08-10 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2004-08-10 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\schedsvc.dll
[-] 2004-08-10 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2004-08-10 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-10 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ssdpsrv.dll
[-] 2004-08-10 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
[-] 2004-08-10 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-10 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\termsrv.dll
[-] 2005-03-10 . C29A5286E64D97385178452D5F307B98 . 295424 . . [5.1.2600.2627] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2005-03-10 . C29A5286E64D97385178452D5F307B98 . 295424 . . [5.1.2600.2627] . . c:\windows\system32\termsrv.dll
[-] 2005-03-10 . C29A5286E64D97385178452D5F307B98 . 295424 . . [5.1.2600.2627] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2004-08-10 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB895961$\termsrv.dll

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\appmgmts.dll
[-] 2004-08-10 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
[-] 2004-08-10 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-10 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll

[-] 2004-08-10 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2004-08-10 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\msgsvc.dll
[-] 2004-08-10 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2004-08-10 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-10 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-10 12:00 . 6EAA72FD9EF993EC1FA9A06DE65105DA . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 97E912E94CCED4064F5DEEE5C25A9278 . 2062976 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-08-04 . 4301C4619526334E13C00210E0CC372B . 2020864 . . [5.1.2600.3610] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-08-04 . 97E912E94CCED4064F5DEEE5C25A9278 . 2062976 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 243223E3FB74B68DFFBB41989F33DFB3 . 2020864 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2009-02-06 . 243223E3FB74B68DFFBB41989F33DFB3 . 2020864 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2008-11-23 . 1A3D9FAAA68CBE945132878AF2F8C127 . 2028032 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 4AC58F03EB94A72809949D757FC39D80 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-08-14 . 501FDE895F35DF1DAE49FD54BBF9D396 . 2020864 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntkrnlpa.exe
[-] 2007-02-28 . 2DFB215E291E3D9B1CF9A6739B3BF16C . 2017280 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe
[-] 2006-12-19 . FA64F313F5237C53A909906113ACAE7D . 2017280 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2005-09-28 . 48472D224E1703882B4DE0E28E205E9B . 2015744 . . [5.1.2600.2765] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe
[-] 2005-03-02 . 3CD941E472DDF3534E53038535719771 . 2015232 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB896256$\ntkrnlpa.exe
[-] 2005-03-01 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2004-08-10 . FB142B7007CA2EEA76966C6C5CC12150 . 2015232 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntmssvc.dll
[-] 2004-08-10 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
[-] 2004-08-10 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-10 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2004-08-10 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\dsound.dll
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[-] 2004-08-10 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\d3d9.dll
[-] 2004-08-10 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
[-] 2004-08-10 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[-] 2004-08-10 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ddraw.dll
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[-] 2004-08-10 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\olepro32.dll
[-] 2004-08-10 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
[-] 2004-08-10 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[-] 2004-08-10 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\perfctrs.dll
[-] 2004-08-10 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
[-] 2004-08-10 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-10 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll

c:\windows\System32\svchost.exe ... saknas !!
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* Tomma poster & legitima standardposter visas inte.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr .exe" [N/A]
"rundll32"="c:\documents and settings\Tutt\userinit.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk
backup=c:\windows\pss\BankID säkerhetsprogram.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\program files\QuickTime\qttask .exe -atboottime [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]
2010-06-28 20:57 2837864 ----a-w- c:\progra~1\ALWILS~1\Avast5\AvastUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
c:\program files\BitTorrent\bittorrent.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\blinkx_toolbar]
2009-09-16 13:27 196608 ----a-w- c:\program files\blinkx Remote Toolbar\the_blinkx_toolbar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamWizard]
2005-05-13 12:42 184320 ----a-w- c:\program files\Common Files\Logitech\QCDRV\BIN\CamWizrd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-10 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2007-04-09 10:32 19456 ----a-w- c:\windows\system32\CtHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2007-04-09 10:32 19968 ----a-w- c:\windows\system32\Ctxfihlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2005-12-10 14:57 133016 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-kort]
2008-12-11 11:14 377856 ----a-w- c:\progra~1\ekort\ekort.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 12:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:41 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-01-07 19:46 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2010-03-09 07:40 1286608 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-04-20 12:52 28672 ------w- c:\program files\Creative\SBAudigy\Program\ADGJDet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2005-06-08 14:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2005-06-08 14:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2005-07-19 16:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (rootkit-scan)]
c:\program files\Malwarebytes' Anti-Malware\mbam.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-11-23 16:24 1698816 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-08-17 01:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-08-17 01:03 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-08-12 21:40 1657376 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rundll32]
c:\documents and settings\Tutt\userinit.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 17:04 2879488 ----a-r- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program\Steam\Steam.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-07-31 13:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-09-16 12:38 185632 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-10 23:00 90112 ----a-w- c:\windows\Updreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearch]
c:\program files\WhenUSearch\Search.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE]
c:\program files\WhenUSearch\whse.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-05-14 22:22 35328 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinProfile]
sndcfg16.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xmronewcas.tmp]
c:\docume~1\Tutt\LOCALS~1\Temp\xmronewcas.tmp [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xswcnmeroa.tmp]
c:\docume~1\Tutt\LOCALS~1\Temp\xswcnmeroa.tmp [N/A]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\UltraVNC\\vncviewer.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program1\\DC++\\DCPlusPlus.exe"=
"c:\\Program1\\Steam\\steamapps\\par_zandler@hotmail.com\\counter-strike\\hl.exe"=
"c:\\Program Files\\Ventrilo\\server\\ventrilo_srv\\ventrilo_srv.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program1\\Steam\\steamapps\\common\\osmos\\osmos.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 ffgyv;ffgyv; [x]
R0 mopnnm;mopnnm; [x]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2007-01-15 643072]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-10 217032]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]


--- Övriga tjänster/drivrutiner i minnet ---

*Deregistered* - PCTSDInjDriver32
.
Innehållet i mappen 'Schemalagda aktiviteter':

2009-02-14 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1100 series272A572217594EBCF1CEE215E352B92AD073FDE4228951475.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 16:56]

2010-08-29 c:\windows\Tasks\User_Feed_Synchronization-{ED6F8FF9-C1D4-4541-A52D-DCF048812A4F}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Extra genomsökning -------
.
uStart Page =
uInternet Settings,ProxyServer = http=127.0.0.1:6522
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{E6073F93-9541-4be4-9800-109D378EB99B} - c:\program files\nordicbetMPP\MPPoker.exe
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: youtube.com\www
FF - ProfilePath - c:\documents and settings\Tutt\Application Data\Mozilla\Firefox\Profiles\ebufj7uh.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\ekort\components\SlimOrbAddonEkort.dll
FF - plugin: c:\program files\Personal\bin\np_prsnl.dll
FF - plugin: c:\program1\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program1\Mozilla Firefox\plugins\np_blinkx_plugin.dll
FF - plugin: c:\program1\Mozilla Firefox\plugins\npbittorrent.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICY ----
c:\program1\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program1\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program1\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
c:\program1\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

AddRemove-Steam App 6530 - c:\program\Steam\steam.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-09-05 15:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe >>UNKNOWN [0x8AB740E0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcfc3
\Driver\ACPI -> ACPI.sys @ 0xb7f7fcb8
\Driver\atapi -> atapi.sys @ 0xb7ef17b4
\Driver\iaStor -> iaStor.sys @ 0xb7e3cf78
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582544
ParseProcedure -> ntkrnlpa.exe @ 0x80581684
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582544
ParseProcedure -> ntkrnlpa.exe @ 0x80581684
NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0x8ab5cbc3
PacketIndicateHandler -> NDIS.sys @ 0x8ab4aa0b
SendHandler -> NDIS.sys @ 0x8ab5eb31
user & kernel MBR OK

**************************************************************************
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a0,26,1c,1d,11,49,a3,40,b4,d2,06,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a0,26,1c,1d,11,49,a3,40,b4,d2,06,\
.
--------------------- DLLer som "laddats" under processer som körs ---------------------

- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(724)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(1876)
c:\windows\system32\WININET.dll
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Andra processer som körs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\MsPMSPSv.exe
.
**************************************************************************
.
Sluttid: 2010-09-05 15:35:51 - datorn startades om.
ComboFix-quarantined-files.txt 2010-09-05 13:35

Före genomsökningen: 160 591 970 304 bytes free
Efter genomsökningen: 161 217 642 496 byte ledigt

- - End Of File - - CDA4D5A6B72C81EC70E48B2477DBEE19

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by tuttankanon on Mon 06 Sep 2010, 1:29 am

it finished and no problems occured. I couldn´t download recovery console though, since I have no internet connection

tuttankanon

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2010-09-04
Operating System : windows xp sp2

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by Belahzur on Mon 06 Sep 2010, 8:05 am

Hello.
Bad news I'm afraid, your machine is pretty much trashed, it can't be saved.

Your computer has multiple infections, including a backdoor. A backdoor gives intruders complete control of your computer, logs your keystrokes, steal personal information, etc.

You are strongly advised to do the following:

  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).
Do NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its backdoor functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and reinstallation of the operating system (OS).

To help you understand more, please take some time to read the following articles:

What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
When should I do a reformat and reinstallation of my OS


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Antimalwaredoctor Aftermath problems

Post by Sponsored content Today at 5:55 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum