TechSpot

Virus disables mcafee, malwarebites, and avira

Solved
By mgetlik
Jan 30, 2011
  1. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    some more

    2011/01/29 09:48:02 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
    [2011/01/29 09:48:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
    [2011/01/29 09:48:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
    [2011/01/29 09:48:01 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
    [2011/01/29 09:48:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
    [2011/01/29 09:48:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
    [2011/01/29 09:48:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
    [2011/01/29 09:48:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
    [2011/01/29 09:48:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
    [2011/01/29 09:48:00 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
    [2011/01/29 09:48:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
    [2011/01/29 09:48:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
    [2011/01/29 09:48:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
    [2011/01/29 09:48:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
    [2011/01/29 09:48:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
    [2011/01/29 09:48:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
    [2011/01/29 09:48:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
    [2011/01/29 09:48:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
    [2011/01/29 09:48:00 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
    [2011/01/29 09:47:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
    [2011/01/29 09:47:59 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
    [2011/01/29 09:47:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
    [2011/01/29 09:47:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
    [2011/01/29 09:47:55 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
    [2011/01/29 09:47:54 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
    [2011/01/29 09:47:54 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
    [2011/01/29 09:47:54 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
    [2011/01/29 09:47:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
    [2011/01/29 09:47:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
    [2011/01/29 09:47:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
    [2011/01/29 09:47:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
    [2011/01/29 09:47:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
    [2011/01/29 09:47:50 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
    [2011/01/29 09:47:50 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
    [2011/01/29 09:47:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
    [2011/01/29 09:47:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
    [2011/01/29 09:47:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
    [2011/01/29 09:47:48 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
    [2011/01/29 09:47:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
    [2011/01/29 09:47:47 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
    [2011/01/29 09:47:47 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
    [2011/01/29 09:47:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
    [2011/01/29 09:47:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
    [2011/01/29 09:47:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
    [2011/01/29 09:47:46 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
    [2011/01/29 09:47:46 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
    [2011/01/29 09:47:45 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
    [2011/01/29 09:47:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
    [2011/01/29 09:47:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
    [2011/01/29 09:47:45 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
    [2011/01/29 09:47:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
    [2011/01/29 09:47:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
    [2011/01/29 09:47:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
    [2011/01/29 09:47:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
    [2011/01/29 09:47:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
    [2011/01/29 09:47:38 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
    [2011/01/29 09:47:37 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
    [2011/01/29 09:47:34 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
    [2011/01/29 09:47:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
    [2011/01/29 09:47:27 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
    [2011/01/29 09:47:27 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
    [2011/01/29 09:47:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
    [2011/01/29 09:47:27 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
    [2011/01/29 09:47:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
    [2011/01/29 09:47:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
    [2011/01/29 09:47:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
    [2011/01/29 09:47:25 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
    [2011/01/29 09:47:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
    [2011/01/29 09:47:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
    [2011/01/29 09:47:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
    [2011/01/29 09:47:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
    [2011/01/29 09:47:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
    [2011/01/29 09:47:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
    [2011/01/29 09:47:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
    [2011/01/29 09:47:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
    [2011/01/29 09:47:21 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
    [2011/01/29 09:47:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
    [2011/01/29 09:47:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
    [2011/01/29 09:47:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
    [2011/01/29 09:47:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
    [2011/01/29 09:47:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
    [2011/01/29 09:47:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
    [2011/01/29 09:47:20 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
    [2011/01/29 09:47:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
    [2011/01/29 09:47:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
    [2011/01/29 09:47:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
    [2011/01/29 09:47:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
    [2011/01/29 09:47:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
    [2011/01/29 09:47:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
    [2011/01/29 09:47:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
    [2011/01/29 09:47:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
    [2011/01/29 09:47:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
    [2011/01/29 09:47:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
    [2011/01/29 09:47:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
    [2011/01/29 09:47:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
    [2011/01/29 09:47:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
    [2011/01/29 09:47:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
    [2011/01/29 09:47:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
    [2011/01/29 09:47:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
    [2011/01/29 09:47:17 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
    [2011/01/29 09:47:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
    [2011/01/29 09:47:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
    [2011/01/29 09:47:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
    [2011/01/29 09:47:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
    [2011/01/29 09:47:15 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
    [2011/01/29 09:47:15 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
    [2011/01/29 09:47:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
    [2011/01/29 09:47:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
    [2011/01/29 09:47:14 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
    [2011/01/29 09:47:14 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
    [2011/01/29 09:47:14 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
    [2011/01/29 09:47:14 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
    [2011/01/29 09:47:14 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
    [2011/01/29 09:47:14 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
    [2011/01/29 09:47:13 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
    [2011/01/29 09:47:13 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
    [2011/01/29 09:47:13 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
    [2011/01/29 09:47:13 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
    [2011/01/29 09:47:13 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
    [2011/01/29 09:47:13 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
    [2011/01/29 09:47:12 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
    [2011/01/29 09:47:12 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
    [2011/01/29 09:47:12 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
    [2011/01/29 09:47:12 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
    [2011/01/29 09:47:12 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
    [2011/01/29 09:47:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
    [2011/01/29 09:47:11 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
    [2011/01/29 09:47:11 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
    [2011/01/29 09:47:11 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
    [2011/01/29 09:47:11 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
    [2011/01/29 09:47:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
    [2011/01/29 09:47:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
    [2011/01/29 09:47:11 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
    [2011/01/29 09:47:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
    [2011/01/29 09:47:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
    [2011/01/29 09:47:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
    [2011/01/29 09:47:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
    [2011/01/29 09:47:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
    [2011/01/29 09:47:06 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
    [2011/01/29 09:46:58 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
    [2011/01/29 09:46:58 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
    [2011/01/29 09:46:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
    [2011/01/29 09:46:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
    [2011/01/29 09:46:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
    [2011/01/29 09:46:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
    [2011/01/29 09:46:56 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
    [2011/01/29 09:46:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
    [2011/01/29 09:46:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
    [2011/01/29 09:46:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
    [2011/01/29 09:46:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
    [2011/01/29 09:46:53 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
    [2011/01/29 09:46:53 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
    [2011/01/29 09:46:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
    [2011/01/29 09:46:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
    [2011/01/29 09:46:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
    [2011/01/29 09:46:52 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
    [2011/01/29 09:46:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
    [2011/01/29 09:46:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
    [2011/01/29 09:46:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
    [2011/01/29 09:46:51 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
    [2011/01/29 09:46:51 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
    [2011/01/29 09:46:51 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
    [2011/01/29 09:46:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
    [2011/01/29 09:46:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
    [2011/01/29 09:46:45 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
    [2011/01/29 09:46:43 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
    [2011/01/29 09:46:43 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
    [2011/01/29 09:46:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
    [2011/01/29 09:46:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
    [2011/01/29 09:46:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
    [2011/01/29 09:46:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
    [2011/01/29 09:46:41 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
    [2011/01/29 09:46:41 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
    [2011/01/29 09:46:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
    [2011/01/29 09:46:40 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
    [2011/01/29 09:46:40 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
    [2011/01/29 09:46:40 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
    [2011/01/29 09:46:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
    [2011/01/29 09:46:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
    [2011/01/29 09:46:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
    [2011/01/29 09:46:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
    [2011/01/29 09:46:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
    [2011/01/29 09:46:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
    [2011/01/29 09:46:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
    [2011/01/29 09:46:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
    [2011/01/29 09:46:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
    [2011/01/29 09:46:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
    [2011/01/29 09:46:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
    [2011/01/29 09:46:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
    [2011/01/29 09:46:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
    [2011/01/29 09:46:27 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
    [2011/01/29 09:46:27 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
    [2011/01/29 09:46:27 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
    [2011/01/29 09:46:27 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
    [2011/01/29 09:46:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
    [2011/01/29 09:46:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
    [2011/01/29 09:46:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
    [2011/01/29 09:46:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
    [2011/01/29 09:46:24 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
    [2011/01/29 09:46:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
    [2011/01/29 09:46:23 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
    [2011/01/29 09:46:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
    [2011/01/29 09:46:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
    [2011/01/29 09:46:20 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
    [2011/01/29 09:46:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
    [2011/01/29 09:46:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
    [2011/01/29 09:46:19 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
    [2011/01/29 09:46:19 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
    [2011/01/29 09:46:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
    [2011/01/29 09:46:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
    [2011/01/29 09:46:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
    [2011/01/29 09:46:14 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
    [2011/01/29 09:46:14 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
    [2011/01/29 09:46:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
    [2011/01/29 09:46:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
    [2011/01/29 09:46:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
    [2011/01/29 09:46:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
    [2011/01/29 09:46:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
    [2011/01/29 09:46:13 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
    [2011/01/29 09:46:13 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
    [2011/01/29 09:46:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
    [2011/01/29 09:46:13 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
    [2011/01/29 09:46:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
    [2011/01/29 09:46:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
    [2011/01/29 09:46:12 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
    [2011/01/29 09:46:12 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
    [2011/01/29 09:46:12 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
    [2011/01/29 09:46:12 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
    [2011/01/29 09:46:12 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
    [2011/01/29 09:46:11 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
    [2011/01/29 09:46:11 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
    [2011/01/29 09:46:11 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
    [2011/01/29 09:46:11 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
    [2011/01/29 09:46:11 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
    [2011/01/29 09:46:11 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
    [2011/01/29 09:46:11 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
    [2011/01/29 09:46:10 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
    [2011/01/29 09:46:10 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
    [2011/01/29 09:46:10 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
    [2011/01/29 09:46:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
    [2011/01/29 09:46:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
    [2011/01/29 09:46:09 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
    [2011/01/29 09:46:09 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
    [2011/01/29 09:46:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
    [2011/01/29 09:46:09 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
    [2011/01/29 09:46:09 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
    [2011/01/29 09:46:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
    [2011/01/29 09:46:08 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
    [2011/01/29 09:46:07 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
    [2011/01/29 09:41:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
    [2011/01/29 09:20:49 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
    [2011/01/29 09:20:49 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
    [2011/01/29 09:20:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
    [2011/01/29 09:20:49 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
    [2011/01/29 07:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R. Victor Trense II\Desktop\Emster
    [2011/01/27 19:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R. Victor Trense II\Application Data\FixCleaner
    [2011/01/27 19:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
    [2011/01/27 19:14:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
    [2011/01/27 19:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
    [2011/01/27 19:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
    [2011/01/27 19:12:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
    [2011/01/26 19:55:17 | 000,297,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\mscoree.dll
    [2011/01/25 19:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Optimizer
    [2011/01/25 18:50:33 | 000,000,000 | ---D | C] -- C:\0download
    [2011/01/25 18:48:04 | 000,000,000 | ---D | C] -- C:\wuagent
    [2011/01/25 08:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2011/01/25 06:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R. Victor Trense II\My Documents\My Received Files
    [2011/01/24 23:52:19 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
    [2011/01/24 23:51:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
    [2011/01/24 19:22:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
    [2011/01/24 19:00:41 | 000,000,000 | -HSD | C] -- C:\WINDOWS\system32\config\systemprofile\IETldCache
    [2005/05/11 22:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/02/01 00:40:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/02/01 00:39:56 | 000,037,187 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
    [2011/02/01 00:37:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A3FAEAAC-F742-4EA3-8CA1-7542DC46B238}.job
    [2011/02/01 00:26:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/02/01 00:14:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/02/01 00:14:32 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/02/01 00:14:13 | 2137,149,440 | -HS- | M] () -- C:\hiberfil.sys
    [2011/02/01 00:01:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\hwkdkn.sys
    [2011/01/31 23:52:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\dlefzmsx.sys
    [2011/01/31 23:31:02 | 000,077,912 | ---- | M] (Kaspersky Lab, SLA) -- C:\WINDOWS\System32\drivers\klmdb.sys
    [2011/01/31 23:16:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
    [2011/01/30 07:35:01 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\R. Victor Trense II\Desktop\Microsoft Outlook 2010.lnk
    [2011/01/29 22:19:37 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2011/01/29 21:43:50 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\R. Victor Trense II\Desktop\sdsetup_aff[1].exe
    [2011/01/29 15:05:04 | 000,570,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/01/29 15:05:04 | 000,122,050 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011/01/29 14:48:03 | 010,325,408 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\R. Victor Trense II\My Documents\SUPERAntiSpyware.exe
    [2011/01/29 14:25:30 | 000,002,469 | ---- | M] () -- C:\Documents and Settings\R. Victor Trense II\Desktop\Microsoft PowerPoint 2010.lnk
    [2011/01/29 13:31:24 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/01/29 12:00:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\FixCleaner
     
  2. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    the rest

    Scan.job
    [2011/01/29 12:00:00 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_Home.Job
    [2011/01/29 10:49:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/01/29 10:28:16 | 000,068,556 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
    [2011/01/29 10:21:11 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\R. Victor Trense II\Desktop\Microsoft Excel 2010.lnk
    [2011/01/29 10:19:03 | 000,000,946 | ---- | M] () -- C:\WINDOWS\disney.ini
    [2011/01/29 09:54:26 | 000,000,263 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
    [2011/01/29 09:45:01 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
    [2011/01/29 09:44:59 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
    [2011/01/29 09:44:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
    [2011/01/29 09:44:30 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
    [2011/01/29 09:41:39 | 000,034,380 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2011/01/29 09:41:16 | 000,000,945 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
    [2011/01/29 09:39:42 | 000,000,209 | -HS- | M] () -- C:\boot.ini
    [2011/01/29 09:24:46 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
    [2011/01/28 20:41:43 | 000,617,999 | ---- | M] () -- C:\WINDOWS\setupapi.old
    [2011/01/27 21:08:32 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/01/27 19:28:09 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011/01/26 19:55:18 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\mscoree.dll
    [2011/01/26 18:05:48 | 000,815,201 | ---- | M] () -- C:\lxcjUNST.csv
    [2011/01/26 18:04:03 | 000,348,602 | ---- | M] () -- C:\lxcjUNST.000
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/02/01 00:01:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\hwkdkn.sys
    [2011/02/01 00:01:14 | 000,000,050 | ---- | C] () -- C:\Program Files\azhmnfsk.txt
    [2011/01/31 23:52:22 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\dlefzmsx.sys
    [2011/01/31 23:47:43 | 2137,149,440 | -HS- | C] () -- C:\hiberfil.sys
    [2011/01/29 21:43:51 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Desktop\sdsetup_aff[1].exe
    [2011/01/29 09:47:47 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
    [2011/01/29 09:47:23 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
    [2011/01/29 09:47:14 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
    [2011/01/29 09:47:13 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
    [2011/01/29 09:47:11 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
    [2011/01/29 09:47:01 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
    [2011/01/29 09:46:56 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
    [2011/01/29 09:46:53 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
    [2011/01/29 09:46:41 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
    [2011/01/29 09:46:21 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
    [2011/01/29 09:21:03 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2011/01/29 09:20:40 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
    [2011/01/29 09:20:40 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
    [2011/01/29 09:20:40 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
    [2011/01/29 09:20:40 | 000,130,715 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
    [2011/01/29 09:20:40 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
    [2011/01/29 09:20:40 | 000,077,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
    [2011/01/29 09:20:40 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
    [2011/01/29 09:20:40 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
    [2011/01/29 09:20:40 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
    [2011/01/29 09:20:40 | 000,017,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
    [2011/01/29 09:20:40 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
    [2011/01/29 09:20:40 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
    [2011/01/29 09:20:40 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
    [2011/01/29 09:20:40 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
    [2011/01/29 09:20:40 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
    [2011/01/29 09:20:40 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
    [2011/01/29 09:20:40 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
    [2011/01/29 09:20:39 | 002,008,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
    [2011/01/29 09:20:39 | 000,505,647 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
    [2011/01/29 09:20:39 | 000,106,147 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
    [2011/01/27 21:08:32 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
    [2011/01/27 19:51:16 | 000,000,466 | ---- | C] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
    [2011/01/26 19:21:31 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2011/01/26 19:21:30 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2011/01/26 18:04:01 | 000,815,201 | ---- | C] () -- C:\lxcjUNST.csv
    [2011/01/26 18:04:01 | 000,348,602 | ---- | C] () -- C:\lxcjUNST.000
    [2011/01/25 19:08:46 | 000,000,360 | ---- | C] () -- C:\WINDOWS\tasks\PerfectOptimizer_Home.Job
    [2010/11/19 23:39:31 | 000,000,039 | ---- | C] () -- C:\WINDOWS\WININIT.INI
    [2010/11/05 23:50:47 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/10/22 17:17:52 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2010/09/16 12:05:00 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Local Settings\Application Data\fusioncache.dat
    [2010/09/15 21:53:33 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/15 20:10:16 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
    [2010/08/26 19:59:36 | 000,002,631 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
    [2010/08/26 19:59:36 | 000,000,228 | ---- | C] () -- C:\WINDOWS\HP_ISRegionListUpdatelog_HPSU.ini
    [2010/08/26 19:58:50 | 000,005,772 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\HPCOM_48BitScanUpdate.log
    [2010/08/02 18:24:39 | 000,005,253 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\PatchUpdate_InstantShareJPG.log
    [2010/08/02 18:24:39 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
    [2010/08/02 18:23:24 | 000,005,353 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\PatchUpdate_IZClosingDiscError.log
    [2010/08/02 18:23:24 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
    [2010/08/01 15:02:57 | 000,062,454 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
    [2010/08/01 15:02:57 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
    [2010/08/01 15:02:35 | 000,002,250 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\HPSU_48BitScanUpdate.log
    [2010/08/01 15:02:35 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
    [2010/07/31 21:11:56 | 000,084,602 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\Update_HP_RedboxHprblog_HPSU.log
    [2010/07/31 21:11:56 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
    [2010/07/27 03:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
    [2010/07/27 03:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
    [2010/06/01 10:10:28 | 000,000,012 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\czyiwa.dat
    [2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
    [2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
    [2009/05/08 18:19:08 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
    [2009/02/17 21:11:20 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2009/02/17 21:11:20 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2008/02/29 19:54:58 | 000,000,208 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
    [2007/12/29 13:20:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
    [2007/12/28 14:45:40 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\PTTreeIcons.dll
    [2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
    [2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
    [2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
    [2007/09/05 20:34:10 | 000,000,435 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2007/07/16 14:23:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
    [2007/07/16 14:18:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Mavis Beacon Teaches Typing.INI
    [2007/01/02 09:14:29 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
    [2006/12/28 10:04:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\ka.ini
    [2006/10/15 18:14:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\hookdllX.dll
    [2006/10/15 18:14:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
    [2006/08/29 17:36:27 | 000,060,744 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\g2mdlhlpx.exe
    [2006/02/23 21:38:40 | 000,019,911 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\PFT-2006-first-put.pdf
    [2006/02/20 14:56:16 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
    [2006/02/20 14:56:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
    [2006/01/28 10:20:11 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
    [2006/01/28 10:20:10 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
    [2006/01/28 10:20:10 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
    [2006/01/28 10:16:42 | 000,000,946 | ---- | C] () -- C:\WINDOWS\disney.ini
    [2006/01/28 10:16:30 | 000,000,198 | ---- | C] () -- C:\WINDOWS\disneysy.ini
    [2006/01/26 17:20:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
    [2006/01/22 08:42:53 | 000,000,381 | ---- | C] () -- C:\WINDOWS\hegames.ini
    [2006/01/20 00:37:31 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\R. Victor Trense II\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
    [2006/01/18 17:02:46 | 000,003,350 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
    [2006/01/18 17:02:46 | 000,000,056 | -HS- | C] () -- C:\WINDOWS\System32\16635F9B12.sys
    [2006/01/17 23:27:27 | 000,000,456 | ---- | C] () -- C:\WINDOWS\dellstat.ini
    [2005/12/06 11:32:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005/12/06 11:13:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2005/12/06 10:50:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
    [2005/12/06 10:49:18 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2005/08/16 21:52:01 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
    [2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2005/08/16 05:37:15 | 000,196,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpdr.sys
    [2005/08/16 05:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2005/08/16 05:18:42 | 000,735,680 | ---- | C] () -- C:\WINDOWS\System32\msmesvpw.dll
    [2005/08/16 05:18:33 | 001,287,680 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
    [2005/08/16 05:18:29 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbma841d.sys
    [2004/08/10 06:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
    [2004/08/09 23:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2002/09/29 06:24:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
    [2002/09/29 06:23:16 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
    [2002/09/29 06:23:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
    [2002/09/29 06:23:07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
    [2001/07/06 14:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

    ========== LOP Check ==========

    [2010/12/28 21:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\alot
    [2010/12/25 23:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
    [2005/10/23 15:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\SACore
    [2008/08/15 22:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\alot
    [2010/11/01 22:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Bccthis
    [2007/07/16 20:54:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Broderbund
    [2010/01/19 21:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010/04/02 08:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Elluminate
    [2011/01/29 10:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\FixCleaner
    [2010/07/06 18:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Hotbar
    [2010/07/06 18:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Hotbar_Icons
    [2006/01/18 17:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Leadertech
    [2010/01/11 12:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\licenses
    [2008/05/17 22:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\NewSoft
    [2010/01/11 12:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\PCMM2009
    [2010/11/13 14:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\PriceGong
    [2010/10/22 16:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\RegistryKeys
    [2010/11/20 19:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\ShoppingReport
    [2010/10/10 17:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Skinux
    [2010/11/20 19:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Smart-Shopper2
    [2010/01/02 14:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Toolbar4
    [2007/02/13 16:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint
    [2010/06/01 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\webex
    [2010/04/18 13:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Windows Desktop Search
    [2010/04/18 16:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Windows Search
    [2011/01/29 12:00:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\Tasks\FixCleaner Scan.job
    [2010/07/15 00:46:47 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
    [2010/07/13 20:57:36 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
    [2011/01/29 12:00:00 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_Home.Job
    [2011/02/01 00:37:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A3FAEAAC-F742-4EA3-8CA1-7542DC46B238}.job

    ========== Purity Check ==========



    ========== Custom Scans ==========



    < MD5 for: VBMA841D.SYS >
    [2009/02/09 07:10:48 | 000,037,888 | ---- | M] () MD5=68EEC1992B4628C29341E73009E31EB5 -- C:\WINDOWS\system32\drivers\vbma841d.sys

    ========== Files - Unicode (All) ==========
    [2011/01/29 15:23:15 | 000,000,000 | ---D | M](C:\Documents and Settings\R. Victor Trense II\Desktop\Sarah ?) -- C:\Documents and Settings\R. Victor Trense II\Desktop\Sarah ♥
    [2011/01/29 15:23:14 | 000,000,000 | ---D | C](C:\Documents and Settings\R. Victor Trense II\Desktop\Sarah ?) -- C:\Documents and Settings\R. Victor Trense II\Desktop\Sarah ♥
    < End of report >
     
  3. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    Do this on the computer you are posting from:
    Copy the text in the codebox below:


    Code:
    :OTL
    IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
    IE - HKU\R._Victor_Trense_II_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
    IE - HKU\R._Victor_Trense_II_ON_C\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
    IE - HKU\R._Victor_Trense_II_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
    IE - HKU\R._Victor_Trense_II_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - Reg Error: Key error. File not found
    IE - HKU\R._Victor_Trense_II_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    O3 - HKU\R._Victor_Trense_II_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
    O3 - HKU\R._Victor_Trense_II_ON_C\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
    O4 - HKU\R._Victor_Trense_II_ON_C..\Run: [SUPERAntiSpyware] File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2011/02/01 00:01:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\hwkdkn.sys
    [2011/01/31 23:52:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\dlefzmsx.sys
    [2006/01/18 17:02:46 | 000,000,056 | -HS- | C] () -- C:\WINDOWS\System32\16635F9B12.sys
    [2010/11/13 14:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\PriceGong
    [2007/02/13 16:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint
    DRV - [2009/02/09 07:10:48 | 000,037,888 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\vbma841d.sys -- (vbma841d)
    [2005/08/16 05:18:29 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbma841d.sys
    
    
    :Commands
    [purity]
    [emptytemp]
    
    Open Notepad and paste it.
    Save the document as Fix.txt on to a USB flash drive


    On the infected computer the following...

    Run OTLPE

    • Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
      • (The content of Fix.txt should appear in the box)
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post the log produced (you'll need to transfer it with USB stick)
    • Attempt to reboot normally into Windows.

    See, if you can Combofix now (delete your Combofix file and download fresh copy, first).
     
  4. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    fix.log

    ========== OTL ==========
    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
    Registry value HKEY_USERS\R._Victor_Trense_II_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{361ac05d-0e0d-11da-9aa9-806d6172696f}\ not found.
    File E:\setup.exe not found.
    C:\WINDOWS\System32\ConduitEngine.tmp deleted successfully.
    C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\System32\SET1E8.tmp deleted successfully.
    C:\WINDOWS\System32\SET1EB.tmp deleted successfully.
    C:\WINDOWS\003134_.tmp deleted successfully.
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    C:\WINDOWS\SET114.tmp deleted successfully.
    C:\WINDOWS\SET115.tmp deleted successfully.
    C:\WINDOWS\SET116.tmp deleted successfully.
    C:\WINDOWS\SET117.tmp deleted successfully.
    C:\WINDOWS\SETC2.tmp deleted successfully.
    C:\WINDOWS\SETC3.tmp deleted successfully.
    C:\WINDOWS\SETC5.tmp deleted successfully.
    C:\WINDOWS\SETC6.tmp deleted successfully.
    C:\WINDOWS\SETD1.tmp deleted successfully.
    C:\WINDOWS\SETD2.tmp deleted successfully.
    C:\WINDOWS\system32\drivers\hwkdkn.sys moved successfully.
    C:\WINDOWS\system32\drivers\dlefzmsx.sys moved successfully.
    C:\WINDOWS\system32\16635F9B12.sys moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\PriceGong\Data folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\PriceGong folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
    C:\Documents and Settings\R. Victor Trense II\Application Data\Viewpoint folder moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vbma841d deleted successfully.
    C:\WINDOWS\system32\drivers\vbma841d.sys moved successfully.
    File C:\WINDOWS\System32\drivers\vbma841d.sys not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 41027 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->Flash cache emptied: 1492 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 41661 bytes

    User: LocalService
    ->Temp folder emptied: 3740 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 348 bytes

    User: NetworkService
    ->Temp folder emptied: 3740 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: R. Victor Trense II
    ->Temp folder emptied: 1948655696 bytes
    ->Temporary Internet Files folder emptied: 17880607 bytes
    ->Java cache emptied: 41100168 bytes
    ->Google Chrome cache emptied: 34559477 bytes
    ->Apple Safari cache emptied: 27500544 bytes
    ->Flash cache emptied: 58234 bytes

    User: R1730~1~VIC

    User: ShoppingReport

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 20788 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78229336 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 5030955 bytes

    Total Files Cleaned = 2,053.00 mb

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

    OTLPE by OldTimer - Version 3.1.44.2 log created on 02012011_190456
     
  5. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    combofix did not complete

    no log... :(
     
  6. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    What does exactly happen, when you try to run Combofix?
    Did you download fresh file, rename it and run it from safe mode?

    What are the current computer's issues?
     
  7. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    no safe mode...will do that next

    I ran superantispyeare and it found something right away and I paused it. threat description: trojan.dropper /svchost-Fake. runnung combofix in safe mode next.
     
  8. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    OK........
     
  9. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    safe mode did not work

    There is a 1/2 install of McAfee that I'm trying to remove...hoping that will help
     
  10. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    ...and how exactly are you doing it?
    McAfee shouldn't bother you in safe mode.
     
  11. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    McAfee

    There is no entry in add/remove programs. I tried using CCleaner and that is what uninstalled it 1/2 way. It's gotta get it removed sometime soon.
     
     
  12. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    Leave it alone for now.
    Don't do two things at the same time.
    It's not a priority at this moment.
     
  13. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    what next?

    tried running rkill and combofix..no luck
     
  14. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    One more time...
    What does exactly happen, when you try to run Combofix?
    What are current computer issues?
     
  15. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    combofix in safe mode

    runs for about 30 seconds and stops. I looked in C:\ for log and it was not there.
     
  16. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    Does it mean, it freezes?
     
  17. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    combofix stops running

    the mini window appears for about 20 seconds and disapears, no log in C:\
     
  18. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    Please download Rootkit Unhooker from one of the following links and save it to your desktop.
    In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

    • Double-click on RKUnhookerLE.exe to start the program.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • Click the Report tab, then click Scan.
    • Check Drivers, Stealth, and uncheck the rest.
    • Click OK.
    • Wait until it's finished and then go to File > Save Report.
    • Save the report to your Desktop.
    • Copy and paste the contents of the report into your next reply.
    -- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".
     
  19. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    reort.txt

    RkU Version: 3.8.388.590, Type LE (SR2)
    ==============================================
    OS Name: Windows XP
    Version 5.1.2600 (Service Pack 2)
    Number of processors #1
    ==============================================
    >Drivers
    ==============================================
    0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2063744 bytes (Microsoft Corporation, NT Kernel & System)
    0x804D7000 PnpManager 2063744 bytes
    0x804D7000 RAW 2063744 bytes
    0x804D7000 WMIxWDM 2063744 bytes
    0xBF800000 Win32k 1851392 bytes
    0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
    0xB9051000 C:\WINDOWS\system32\DRIVERS\IntelC51.sys 1208320 bytes (Intel Corporation, Modem DSP Driver)
    0xB91F8000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 1052672 bytes (Intel Corporation, Intel Graphics Miniport Driver)
    0xA8D2F000 C:\WINDOWS\system32\drivers\sthda.sys 991232 bytes (SigmaTel, Inc., NDRC)
    0xBF075000 C:\WINDOWS\System32\ialmdd5.DLL 925696 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
    0xB8FBC000 C:\WINDOWS\system32\DRIVERS\IntelC52.sys 610304 bytes (Intel Corporation, Modem CP Driver)
    0xB9E36000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
    0xA8B09000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 454656 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
    0xA8C58000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 360448 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
    0xA7FB5000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
    0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
    0xA805C000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
    0xBF041000 C:\WINDOWS\System32\ialmdev5.DLL 212992 bytes (Intel Corporation, Component GHAL Driver)
    0xB8F09000 C:\WINDOWS\system32\DRIVERS\update.sys 212992 bytes (Microsoft Corporation, Update Driver)
    0xA8AD6000 C:\WINDOWS\system32\drivers\mfehidk.sys 208896 bytes (McAfee, Inc., Host Intrusion Detection Link Driver)
    0xB8F3D000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 200704 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
    0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
    0xA8255000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
    0xB9E09000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
    0xA8B78000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 180224 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
    0xA8C09000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
    0xA8C31000 C:\WINDOWS\System32\Drivers\Mpfp.sys 159744 bytes (McAfee, Inc., McAfee Personal Firewall Plus Driver)
    0xB9F23000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
    0xB8F96000 C:\WINDOWS\system32\DRIVERS\e100b325.sys 155648 bytes (Intel Corporation, Intel(R) PRO/100 Adapter NDIS 5.1 driver)
    0xB91BE000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 155648 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0)
    0xA8D0B000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
    0xA7720000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 143360 bytes (Microsoft Corporation, Fast FAT File System Driver)
    0xB9178000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
    0xB919B000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 143360 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
    0xA8BE7000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
    0xA8BC5000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
    0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 135168 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
    0x806CF000 ACPI_HAL 131968 bytes
    0x806CF000 C:\WINDOWS\system32\hal.dll 131968 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
    0xB9EEC000 fltmgr.sys 126976 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
    0xB9F49000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
    0xB9DEE000 Mup.sys 110592 bytes (Microsoft Corporation, Multiple UNC Provider driver)
    0xB9F0B000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
    0xA8A96000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
    0xB9EC3000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
    0xB8F7F000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
    0xA8671000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
    0xB91E4000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
    0xA8CB0000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
    0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
    0xB9EDA000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
    0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
    0xB8F6E000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
    0xBA108000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
    0xBA318000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
    0xBA1B8000 C:\WINDOWS\system32\DRIVERS\IntelC53.sys 61440 bytes (Intel Corporation, Modem AFE Driver)
    0xBA1E8000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
    0xBA278000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
    0xB9553000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
    0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
    0xBA1D8000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 53248 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
    0xBA0E8000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
    0xBA1F8000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
    0xBA0C8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
    0xA8A3E000 C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 49152 bytes (Microsoft Corporation, Family Safety Filter Driver (TDI))
    0xBA218000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
    0xBA1C8000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
    0xBA0B8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
    0xBA208000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
    0xBA2E8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
    0xBA2D8000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
    0xBA198000 C:\WINDOWS\System32\Drivers\vbma7524.SYS 40960 bytes
    0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
    0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
    0xB94F3000 C:\WINDOWS\System32\Drivers\Fips.SYS 36864 bytes (Microsoft Corporation, FIPS Crypto Driver)
    0xB94C3000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
    0xBA1A8000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
    0xB9533000 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 36864 bytes (Microsoft Corporation, IP FILTER DRIVER)
    0xBA0A8000 isapnp.sys 36864 bytes (Microsoft Corporation, PNP ISA Bus Driver)
    0xBA228000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
    0xB9523000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
    0xA849A000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
    0xB9503000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
    !!!!!!!!!!!Hidden driver: 0xBA378000 3125801780 32768 bytes
    !!!!!!!!!!!Hidden driver: 0xBA368000 3125801780 32768 bytes
    0xBA488000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
    0xBA3D8000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
    !!!!!!!!!!!Hidden driver: 0xBA380000 3125801780 28672 bytes
    0xBA490000 C:\WINDOWS\system32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
    0xBA3C0000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
    0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
    0xBA478000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 28672 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
    0xBA418000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
    0xBA498000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
    0xBA398000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
    0xBA480000 C:\WINDOWS\system32\DRIVERS\mohfilt.sys 24576 bytes (Intel Corporation, Filter Driver to Support Modem-on-Hold)
    0xBA3A0000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
    0xBA3E0000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
    0xBA3C8000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
    0xBA3B0000 C:\WINDOWS\system32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
    0xBA3A8000 C:\WINDOWS\system32\Drivers\LVPr2Mon.sys 20480 bytes (-, -)
    0xBA3D0000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
    0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
    0xBA358000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
    0xBA338000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
    0xBA360000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
    0xBA4A0000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
    0xBA470000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20480 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
    0xBA428000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
    0xB8F01000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
    0xBA5A4000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
    0xBA574000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
    0xA896E000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
    0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
    0xB9DB1000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
    0xB8F05000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
    0xB8EED000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
    0xB9344000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
    0xB9D95000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
    0xB9330000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
    0xBA624000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
    0xBA5AE000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
    0xBA5DA000 C:\WINDOWS\system32\DRIVERS\dsunidrv.sys 8192 bytes (Gteko Ltd., GUniDriver)
    0xBA640000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
    0xBA622000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
    0xBA620000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 8192 bytes (Microsoft Corporation, I2O Utility Filter)
    0xBA5AC000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
    0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
    0xBA626000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
    0xBA628000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
    0xBA612000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
    0xBA61E000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
    0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
    0xBA7F2000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
    0xBA71C000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
    0xBA7E0000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
    0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
    0x89C23109 unknown_irp_handler 3831 bytes
    0xBA24D134 unknown_irp_handler 3788 bytes
    ==============================================
    >Stealth
    ==============================================
    WARNING: Virus alike driver modification [Hdaudio.sys]
    WARNING: Virus alike driver modification [iqvw32.sys]
    WARNING: Virus alike driver modification [rdpdr.sys]
    0xBA36B9B0 Unknown thread object [ ETHREAD 0x8A214340 ] TID: 140, 600 bytes
    0xBA37BD68 Unknown thread object [ ETHREAD 0x8A144DA8 ] TID: 144, 600 bytes
    0xBA24DCEA Unknown thread object [ ETHREAD 0x8A1CD610 ] TID: 164, 600 bytes
    WARNING: File locked for read access [C:\WINDOWS\system32\drivers\vbma7524.sys]
     
  20. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • IMPORTANT! UN-check Remove found threats
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
     
  21. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    mt internet access went down.

    cannot obtain an ip. that viryual PC session killed my connection, I think. let me get that going and accewssnthat online scanner.
     
  22. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    What virtual PC session?
     
  23. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    real to go xp

    after I ran ba fewnthing from your direction there, I lost my internet connection. Wizards are not fixing it
     
  24. Broni

    Broni Malware Annihilator Posts: 47,975   +271

    You ran what?
     
  25. mgetlik

    mgetlik TS Rookie Topic Starter Posts: 68

    I ran

    that fix.txt file you sent. using otlpe.exe lost connectivity after that.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.