Computer Hope
Software => Computer viruses and spyware => Topic started by: goodie2010 on June 24, 2010, 06:05:59 AM
-
Good day, 2 days ago I noticed my start menu was gone, taskbar, no sound, can't copy, paste, can't do a system restore, can't run malwarebytes, can't use my internet download manager, can't play videos, etc.... When I try to run malwarebytes I get runtime error 372.
I also noticed in task manager something asd.exe, I ran spybot, hijackthis, SAS. and ATF Cleaner. This is horrible, there's so much I can't do and my computer right now.
I tried running setupsp6 since i did a search and some said that's needed, but when i tried to run it say stops and said couldn't complete setup.
It wont let me do a system restore
here's my SAS log and thanks for your help!
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 06/23/2010 at 08:12 PM
Application Version : 4.39.1002
Core Rules Database Version : 4935
Trace Rules Database Version: 2747
Scan type : Complete Scan
Total Scan Time : 01:41:55
Memory items scanned : 332
Memory threats detected : 0
Registry items scanned : 7572
Registry threats detected : 0
File items scanned : 26623
File threats detected : 473
Adware.Tracking Cookie
convoad.technoratimedia.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
core.insightexpressai.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
crackle.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
media.scanscout.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
media1.break.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
objects.tremormedia.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\URXKQ36H ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.stopzilla.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www3.smartadserver.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.chitika.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads2.ontecnia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.qsstats.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.qsstats.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserving.cpxinteractive.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserving.cpxinteractive.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.oasn04.247realmedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserving.cpxinteractive.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.bridgetrack.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.bridgetrack.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.bridgetrack.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
Trojan.Agent/Gen-HackPatch
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3191AC.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3191E1.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3191EF.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3191F1.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319205.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31921A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31923A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319241.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31924A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319255.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319264.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31926E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319291.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319292.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192A4.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192A5.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192AD.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192AF.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192D6.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192DA.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192E2.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192EA.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3192FE.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31931C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31932E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31932F.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319350.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31935A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31935C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319363.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319364.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319365.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31936F.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319386.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31938A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193A6.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193BF.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193D2.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193DA.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193DD.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193E5.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193E9.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3193ED.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31941B.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319426.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319431.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319435.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319437.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31943C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319440.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31946B.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31947E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319484.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31948A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319491.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3194DA.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B3194E9.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319519.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319530.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319533.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B31953E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319540.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319E7D.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F15.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F1A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F25.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F2F.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F39.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F44.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F47.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F48.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F53.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B319F54.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40353E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40357E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403599.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40359B.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40359D.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40359F.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035A0.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035B5.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035C0.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035C3.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035DA.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035DB.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035FC.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4035FD.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403608.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40360A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403621.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403627.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40362A.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403638.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40363E.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403641.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403642.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403652.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403663.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40366B.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403676.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40367D.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403691.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40369C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4036D2.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4036D5.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B4036E6.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40371C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403720.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403721.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403726.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403736.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403741.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403756.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40375C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403768.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40376B.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B40376C.TMP
C:\_OTM\MOVEDFILES\05152010_133750\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SYMANTEC ANTIVIRUS CORPORATE EDITION\7.5\XFER\4B403782.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ150D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ150E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ151D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ151F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1534.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1535.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ153D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ154B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ157D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ157E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1581.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ158A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ158C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1598.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15A4.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15AA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15C4.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15C6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15CE.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15CF.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15DC.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ15E0.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ180E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ181C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1902.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1923.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1949.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1964.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1967.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1972.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ197D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1985.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ198F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ19C6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ19DD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ19DE.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A00.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A0C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A0F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A11.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A16.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A17.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A20.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A37.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A4B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A4D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A57.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A72.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A8C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A95.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1A9D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1AA1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1AA7.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1ABC.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1AC5.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1ACD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1AE6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1AFD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B16.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B18.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B24.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B2E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B2F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B3E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B44.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B46.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B48.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B50.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B54.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B5F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B71.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B90.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B97.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B9B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1B9E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1BB9.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1BBA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1BC0.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1BD1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1BEF.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C0B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C0E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C15.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C1C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C23.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C2B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C2D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C44.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C46.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C52.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C72.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1C7E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1CC5.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1CCA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1CE1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1CEA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D02.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D09.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D0B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D15.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D2C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D41.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D44.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D5E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D68.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D74.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D98.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D99.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1D9C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DA2.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DA3.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DA9.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DAE.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DB1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1DD1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E00.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E02.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E03.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E18.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E21.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E24.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E32.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E36.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E3A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E3F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E5C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E73.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E8D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1E99.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1EB2.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1EBD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1ECF.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1EED.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1EF3.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F16.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F22.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F45.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F4A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F76.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F83.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F86.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1F98.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FA5.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FAC.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FB2.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FBA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FBC.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FD0.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FD1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FDB.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ1FEA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2000.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2020.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2052.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ20E1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ20F7.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2101.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ210A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2113.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2121.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2122.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ21BD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2391.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ23FC.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ23FD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2434.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ243A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2D87.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DB3.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DB6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DD3.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DDB.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DE9.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DED.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2DF7.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E03.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E16.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E1F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E21.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E35.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E40.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E42.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E49.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E62.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E6B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2E6C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2EC1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2ED0.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2EDA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2EDD.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2EF6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F05.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F10.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F1E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F23.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F4B.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F59.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F61.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F80.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F8A.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F94.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2F98.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FA9.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FB0.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FC1.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FC2.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FC6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FC7.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FCA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FD7.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FF4.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ2FFA.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3005.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3012.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3018.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3021.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3027.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ302F.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3035.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3045.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3054.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3056.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3067.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ306D.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3074.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ307C.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ307E.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3082.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3084.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30AE.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30B4.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30DB.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30E2.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30E6.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30E9.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30EB.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ30EF.TMP
C:\_OTM\MOVEDFILES\05152010_134900\C_DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SYMANTEC\SRTSP\QUARANTINE\APQ3108.T
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
Rkill.exe (http://download.bleepingcomputer.com/grinler/rkill.exe)
Rkill.com (http://download.bleepingcomputer.com/grinler/rkill.com)
Rkill.scr (http://download.bleepingcomputer.com/grinler/rkill.scr)
Rkill.pif (http://download.bleepingcomputer.com/grinler/rkill.pif)
Once you've gotten one of them to run then try to immediately run the following.
Now download and Run exeHelper.
Please download exeHelper from Raktor (http://www.raktor.net/exeHelper/exeHelper.com) to your desktop.- Double-click on exeHelper.com to run the fix. A black window should pop up, press any key to close once the fix is completed. A log file named log.txt will be created in the directory where you ran exeHelper.com Attach the log.txt file to your next message.
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
=============================
(http://img233.imageshack.us/img233/7729/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from here (http://www.malwarebytes.org/mbam/program/mbam-setup.exe).
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
-
Thanks for your help superdave! I followed your instructions, unfortunately as previously reported I can't run mbam :'( it keeps saying runtime error 372 )
thanks, here's the rkill log
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Administrator on 06/24/2010 at 19:36:43.
Processes terminated by Rkill or while it was running:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\rkill (1).com
Rkill completed on 06/24/2010 at 19:36:45.
-
Please download: HiJackThis (http://go.trendmicro.com/free-tools/hijackthis/HijackThisInstaller.exe) to your Desktop.
- Double Click the HijackThis icon, located on your Desktop.
- By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
- Accept the license agreement.
- Click the Open the Misc Tools section button.
- Place a checkmark beside Calculate MD5 of files if possible. Then, click Back.
- Click Do a System Scan and Save a Logfile. Or, if you see a white screen, click Scan.
- Please post the log in your next reply.
===================================
Please download ComboFix (http://img7.imageshack.us/img7/4930/combofix.gif) from BleepingComputer.com (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Alternate link: GeeksToGo.com (http://www.geekstogo.com/forum/downloads.html&req=download&code=confirm_download&id=197)
Alternate link: Forospyware.com (http://www.forospyware.com/sUBs/ComboFix.exe)
Rename ComboFix.exe to commy.exe before you save it to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. A guide to do this can be found here (http://www.bleepingcomputer.com/forums/topic114351.html)
- Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console
(http://img.photobucket.com/albums/v666/sUBs/Query_RC.gif)
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://img.photobucket.com/albums/v666/sUBs/RC_successful.gif)
- Click on Yes, to continue scanning for malware.
- When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
-
thanks so much superdave, it took combofix forever to finish, its never taken so long.
here's hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:48:04 PM, on 6/25/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\fsproflt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Seagate\SeagateManager\ManagerApp\stxmanager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Seagate\SeagateManager\Backup\MaxBackServiceInt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (filesize 153008 bytes, MD5 702EC8BBF84204BAEE28DF38ED04275D)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (filesize 882416 bytes, MD5 6A2E0E49A4F2A9DF3E6293E37E7486BD)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (filesize 75128 bytes, MD5 5CF6190CD875DA6B35256FEE573E7908)
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (filesize 110592 bytes, MD5 5F04E79AB3C0016ED1F6B5E35CDDBCC6)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (filesize 73728 bytes, MD5 37EDBCC7E5E0B89E59941FF79A2F9746)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (filesize 882416 bytes, MD5 6A2E0E49A4F2A9DF3E6293E37E7486BD)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (filesize 33280 bytes, MD5 037B1E7798960E0420003D05BB577EE6)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXEC:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exeC:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe (filesize 303104 bytes, MD5 3036F85E07FBC8E4994657A1EE593B46)
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\M-AudioTaskBarIcon.exeC:\WINDOWS\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (filesize 437584 bytes, MD5 5F0388038E7355982FE50B039D10315C)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (filesize 687560 bytes, MD5 2AC015CD0D8AA59E4AAD8EFFE29798EF)
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (filesize 1004544 bytes, MD5 D1EA7694103F5D5CF11148F9B3864C45)
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (filesize 136176 bytes, MD5 F02A533F517EB38333CB12A9E8963773)
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2025429265-1292428093-1801674531-500\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-2025429265-1292428093-1801674531-500\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?')
O4 - HKUS\S-1-5-21-2025429265-1292428093-1801674531-500\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-2025429265-1292428093-1801674531-500\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?')
O4 - HKUS\S-1-5-21-2025429265-1292428093-1801674531-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm (filesize 283 bytes, MD5 648E7B2602158D2FF9197D664F59B28B)
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm (filesize 278 bytes, MD5 0474B49F5F2AD77C0A191C570818CB4D)
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm (filesize 1453 bytes, MD5 F14293E34FE33B40D71843AE513548D1)
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm (filesize 277 bytes, MD5 7EE0CC294B365F8FC4FAB2F06E01AC95)
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL (filesize 449536 bytes, MD5 2063F5DE2B28B68FF9A153A8DEFA1F69)
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL (filesize 449536 bytes, MD5 2063F5DE2B28B68FF9A153A8DEFA1F69)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236394652509
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dllC:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exeC:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exeC:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exeC:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exeC:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: E-MU Audio Service (emaudsv) - E-MU Systems - C:\WINDOWS\system32\emaudsv.exeC:\WINDOWS\system32\emaudsv.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exeC:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\WINDOWS\system32\fsproflt.exeC:\WINDOWS\system32\fsproflt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeC:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exeC:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exeC:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exeC:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exeC:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exeC:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exeC:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exeC:\WINDOWS\system32\STacSV.exe
--
End of file - 13672 bytes
ComboFix 10-06-23.05 - Administrator 06/25/2010 14:50:47.11.2 - x86
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
F:\Autorun.inf
c:\windows\system32\userinit.exe . . . is infected!!
.
((((((((((((((((((((((((( Files Created from 2010-05-25 to 2010-06-25 )))))))))))))))))))))))))))))))
.
2010-06-24 01:22 . 2010-06-24 01:22 -------- dc----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Corporation
2010-06-23 22:02 . 2010-04-29 19:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 22:02 . 2010-04-29 19:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\Setup
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\VSS
2010-06-23 19:22 . 2010-06-23 19:23 -------- dc----w- C:\VB98
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Shared
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\MSDesign
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Common
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\os
2010-06-23 12:19 . 2010-06-23 12:19 132608 -csha-r- c:\windows\system32\systemi.dll
2010-06-14 06:18 . 2010-06-14 06:21 -------- dc----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\documents and settings\Administrator\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\program files\Ulead Systems
2010-06-14 06:17 . 1999-10-15 16:50 1056768 -c--a-w- c:\windows\system32\ROBOEX32.DLL
2010-06-14 06:17 . 1999-01-28 19:44 49152 -c--a-w- c:\windows\system32\INETWH32.dll
2010-06-14 06:17 . 2010-06-14 06:17 -------- dc----w- c:\windows\Noslip
2010-06-12 21:44 . 2008-05-02 03:05 26112 -c--a-w- c:\windows\system32\stu2.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-24 23:31 . 2009-12-09 00:38 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-24 18:16 . 2009-03-15 20:43 -------- dc----w- c:\program files\Sonique
2010-06-23 22:03 . 2009-03-16 04:30 -------- dc----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-06-23 20:13 . 2009-08-28 04:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-23 20:03 . 2008-05-02 03:05 25080 -c--a-w- c:\windows\system32\userinit.exe
2010-06-23 12:50 . 2009-05-30 11:47 -------- dc----w- c:\documents and settings\Administrator\Application Data\Tracktion 3
2010-06-23 12:50 . 2009-05-11 23:41 -------- dc----w- c:\documents and settings\All Users\Application Data\Tracktion 3
2010-06-21 09:57 . 2004-01-06 09:32 -------- dc----w- c:\program files\SUPERAntiSpyware
2010-06-15 00:46 . 2009-03-07 04:53 29336 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-14 06:17 . 2009-03-07 02:21 -------- dc-h--w- c:\program files\InstallShield Installation Information
2010-05-03 21:48 . 2010-05-03 21:48 0 -c-ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-05-03 21:47 . 2010-05-03 21:47 0 -c-ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-03 13:39 . 2010-05-03 13:39 581192 -c--a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-05-03 13:39 . 2010-05-03 13:39 1112288 -c--a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-04-23 01:12 . 2010-01-24 11:01 16 -c--a-w- c:\windows\msocreg32.dat
2010-04-22 10:51 . 2010-04-22 10:51 2892 -c--a-w- c:\windows\system32\audcon.sys
2010-04-18 22:35 . 2010-04-18 22:35 69632 -c--a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-04-18 22:35 . 2010-01-08 03:46 69632 -c--a-w- c:\windows\system32\FxShared.dll
.
------- Sigcheck -------
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-05-02 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tcpip.sys
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\rpcss.dll
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\services.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\comctl32.dll
[-] 2008-05-02 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\es.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kernel32.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
[-] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\mshtml.dll
[-] 2009-07-19 . F6098CC1B1C3858D53F20F3CB5774F3B . 3600384 . . [7.00.6000.21089] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\system32\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-17 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie7\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msvcrt.dll
[-] 2008-05-02 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mswsock.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . F6F8245B3A2E9CA834DD318E7AE0C6D0 . 2145280 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-05-02 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntoskrnl.exe
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2010-06-23 20:03 . 4A592C61CEC6C6D841CDA9EA65E8B21F . 25080 . . [] . . c:\windows\system32\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2009-06-29 . 4C6B4138165A4C53FE8A5B1D809526C3 . 828928 . . [7.00.6000.21073] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\wininet.dll
[-] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\system32\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ie7\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-05-02 03:05 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 8206B5F94A6A9450E934029420C1693F . 2023936 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-05-02 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntkrnlpa.exe
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ERDNT\cache\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ERDNT\cache\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\d3d9.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ddraw.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\olepro32.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-06-24_14.51.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-25 16:28 . 2010-06-25 16:28 16384 c:\windows\temp\Perflib_Perfdata_6ac.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-06-21 2403568]
"Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-05-23 136176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-31 77824]
"SigmatelSysTrayApp"="sttray.exe" [2006-11-02 303104]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\explorer.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 -c--a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 -c--a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 21:10 35696 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2009-02-03 13:22 1004544 -c--a-w- c:\program files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conime]
2008-05-02 03:05 27648 -c--a-w- c:\windows\system32\conime.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-05-02 03:05 15360 -c----w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 -c--a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E-MU USB Audio Control Panel]
2007-11-26 19:03 274432 -c----w- c:\program files\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
2009-08-03 14:33 1626112 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 -c--a-w- c:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2008-12-05 01:23 2745776 -c--a-w- c:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 20:06 1840424 -c--a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-02-29
-
P2P - I see you have P2P software installed on your machine. (Ares) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
============================
Please go to Jotti's malware scan (http://virusscan.jotti.org/)
(If more than one file needs scanned they must be done separately and links posted for each one)
* Copy the file path in the below Code box:
c:\windows\system32\stu2.exe
* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
=================================
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
-
thanks again for your help and yes i'll be making some serious changes once this issue is solved, thanks
http://virusscan.jotti.org/en/scanresult/2a2b525f016
ae60a92fb794c6e6c2cb004a60a43/da5fe18ee2f67cea
2dcdfea0e3ab635b719a694d
Results of screen317's Security Check version 0.99.4
Windows XP Service Pack 3
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 16
Out of date Java installed!
Adobe Flash Player 10.0.22.87
Adobe Reader 9.1
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.4)
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
-
I'm still working on your ComboFix log. In the meantime, here's something you can do, please. The Security check reported this. Windows Security Center service is not running! Could you please activate it?
Click on Start, then Run, type in "services.msc" without the quotes. When the page comes up, on the far right scroll down the list and doubleclick on Security Center. Where it says Startup, set from Disabled to Automatic. Just below that you will see the word "Start". click on that and then click OK. Restart your computer and your Service Center will be active.
Update Your Java (JRE)
Old versions of Java have vulnerabilities that malware can use to infect your system.
First Verify your Java Version (http://www.java.com/en/download/installed.jsp)
If there are any other version(s) installed then update now.
Get the new version (if needed)
If your version is out of date install the newest version of the Sun Java Runtime Environment (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html).
Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Be sure to close ALL open web browsers before starting the installation.
Remove any old versions
1. Download JavaRa (http://raproducts.org/click/click.php?id=1) and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.
4. Run CCleaner.
Additional Note: The Java Quick Starter (JQS.exe) (http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
============================
Please download the newest version of Adobe Acrobat Reader from Adobe.com (http://www.adobe.com/products/acrobat/readstep2.html)
Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.
Once old versions are gone, please install the newest version.
-
thanks for your response, when i tried to uninstall java 6 and adobe reader it says "windows installer could not be accessed....could be running in safe mode or not properly installed"
error 1068 could not start security system on local computer, but its already on automatic.
-
thanks for your response, when i tried to uninstall java 6 and adobe reader it says "windows installer could not be accessed....could be running in safe mode or not properly installed"
error 1068 could not start security system on local computer, but its already on automatic.
Ok. We'll deal with these later. If I forget, please remind me. There's one file we'll have to fix first.
Re-running ComboFix to remove infections:
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
KillAll::
FCopy::
c:\windows\ERDNT\cache\userinit.exe | c:\windows\system32\userinit.exe
- Save this as CFScript.txt, in the same location as ComboFix.exe
(http://img19.imageshack.us/img19/5660/cfscriptb4.gif)
- Referring to the picture above, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
- Please post the contents of the log in your next reply.
-
I can't drag/drop or copy paste ???
-
ComboFix 10-06-25.01 - Administrator 06/26/2010 16:04:13.15.2 - x86
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\My Documents\Downloads\CFScript.txt,.txt
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
F:\Autorun.inf
.
--------------- FCopy ---------------
c:\windows\ERDNT\cache\userinit.exe --> c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((( Files Created from 2010-05-26 to 2010-06-26 )))))))))))))))))))))))))))))))
.
2010-06-26 16:55 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-06-26 16:53 . 2001-08-17 17:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-06-26 16:52 . 2001-08-17 17:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2010-06-26 16:51 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-06-26 16:50 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2010-06-26 16:49 . 2001-08-17 17:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2010-06-26 16:48 . 2001-08-17 16:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-06-26 16:47 . 2001-08-17 16:10 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2010-06-26 16:46 . 2001-08-17 18:56 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2010-06-26 16:45 . 2001-08-17 17:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2010-06-26 16:44 . 2001-08-18 02:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-06-26 16:43 . 2001-08-17 17:28 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-06-26 16:42 . 2008-04-14 09:40 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll
2010-06-26 16:41 . 2001-08-17 18:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-06-26 16:40 . 2001-08-17 16:11 65278 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2010-06-26 16:39 . 2008-04-14 04:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-06-26 16:39 . 2008-04-14 04:16 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2010-06-26 16:39 . 2001-08-17 17:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-06-26 16:39 . 2001-08-17 18:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-06-26 16:39 . 2008-04-14 04:24 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2010-06-26 00:54 . 2010-06-26 00:54 -------- dc----w- c:\documents and settings\Administrator\Local Settings\Application Data\Help
2010-06-25 20:17 . 2010-06-26 20:01 -------- dc----w- c:\windows\system32\CatRoot2
2010-06-24 01:22 . 2010-06-24 01:22 -------- dc----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Corporation
2010-06-23 22:02 . 2010-04-29 19:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 22:02 . 2010-04-29 19:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\Setup
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\VSS
2010-06-23 19:22 . 2010-06-23 19:23 -------- dc----w- C:\VB98
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Shared
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\MSDesign
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Common
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\os
2010-06-23 12:19 . 2010-06-23 12:19 132608 -csha-r- c:\windows\system32\systemi.dll
2010-06-14 06:18 . 2010-06-14 06:21 -------- dc----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\documents and settings\Administrator\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\program files\Ulead Systems
2010-06-14 06:17 . 1999-10-15 16:50 1056768 -c--a-w- c:\windows\system32\ROBOEX32.DLL
2010-06-14 06:17 . 1999-01-28 19:44 49152 -c--a-w- c:\windows\system32\INETWH32.dll
2010-06-14 06:17 . 2010-06-14 06:17 -------- dc----w- c:\windows\Noslip
2010-06-12 21:44 . 2008-05-02 03:05 26112 -c--a-w- c:\windows\system32\stu2.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 00:54 . 2009-03-29 04:02 -------- dc----w- c:\program files\IrfanView3.99
2010-06-24 23:31 . 2009-12-09 00:38 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-24 18:16 . 2009-03-15 20:43 -------- dc----w- c:\program files\Sonique
2010-06-23 22:03 . 2009-03-16 04:30 -------- dc----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-06-23 20:13 . 2009-08-28 04:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-23 12:50 . 2009-05-30 11:47 -------- dc----w- c:\documents and settings\Administrator\Application Data\Tracktion 3
2010-06-23 12:50 . 2009-05-11 23:41 -------- dc----w- c:\documents and settings\All Users\Application Data\Tracktion 3
2010-06-21 09:57 . 2004-01-06 09:32 -------- dc----w- c:\program files\SUPERAntiSpyware
2010-06-15 00:46 . 2009-03-07 04:53 29336 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-14 06:17 . 2009-03-07 02:21 -------- dc-h--w- c:\program files\InstallShield Installation Information
2010-05-03 21:48 . 2010-05-03 21:48 0 -c-ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-05-03 21:47 . 2010-05-03 21:47 0 -c-ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-03 13:39 . 2010-05-03 13:39 581192 -c--a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-05-03 13:39 . 2010-05-03 13:39 1112288 -c--a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-04-23 01:12 . 2010-01-24 11:01 16 -c--a-w- c:\windows\msocreg32.dat
2010-04-22 10:51 . 2010-04-22 10:51 2892 -c--a-w- c:\windows\system32\audcon.sys
2010-04-18 22:35 . 2010-04-18 22:35 69632 -c--a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-04-18 22:35 . 2010-01-08 03:46 69632 -c--a-w- c:\windows\system32\FxShared.dll
.
------- Sigcheck -------
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-05-02 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tcpip.sys
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\rpcss.dll
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\services.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\comctl32.dll
[-] 2008-05-02 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\es.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kernel32.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\mshtml.dll
[-] 2009-07-19 . F6098CC1B1C3858D53F20F3CB5774F3B . 3600384 . . [7.00.6000.21089] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\system32\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-17 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie7\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msvcrt.dll
[-] 2008-05-02 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mswsock.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . F6F8245B3A2E9CA834DD318E7AE0C6D0 . 2145280 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-05-02 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntoskrnl.exe
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2009-06-29 . 4C6B4138165A4C53FE8A5B1D809526C3 . 828928 . . [7.00.6000.21073] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\wininet.dll
[-] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\system32\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ie7\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\explorer.exe
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-05-02 03:05 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 8206B5F94A6A9450E934029420C1693F . 2023936 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-05-02 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntkrnlpa.exe
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ERDNT\cache\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ERDNT\cache\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\d3d9.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ddraw.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\olepro32.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
((((((((((((((((((((((((((((( SnapShot_2010-06-26_17.15.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-26 20:11 . 2010-06-26 20:11 16384 c:\windows\temp\Perflib_Perfdata_6a4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-06-21 2403568]
"Google Update"="c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-05-23 136176]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-02 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-31 77824]
"SigmatelSysTrayApp"="sttray.exe" [2006-11-02 303104]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 -c--a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 -c--a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 21:10 35696 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2009-02-03 13:22 1004544 -c--a-w- c:\program files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conime]
2008-05-02 03:05 27648 -c--a-w- c:\windows\system32\conime.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-05-02 03:05 15360 -c----w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 -c--a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E-MU USB Audio Control Panel]
2007-11-26 19:03 274432 -c----w- c:\program files\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
2009-08-03 14:33 1626112 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 -c--a-w- c:\program files\Google\Google Talk\googletalk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2008-12-05 01:23 2745776 -c--a-w- c:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 20:06 1840424 -c--a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-02-29 08:12 76304 -c--a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 19:39 437584 -c--a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-05-01 19:35 185640 -c--a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-03-18 22:50 4363504 -c--a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx]
2009-03-05 04:44 1074352 -c--a-w- c:\program files\My Lockbox\mylbx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 13:31 2221352 -c--a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 13:53 570664 -c--a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 19:01 13529088 -c--a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 19:01 86016 -c--a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 19:01 1630208 -c--a-w- c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2007-08-16 12:56 236016 -c--a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoniqueQuickStart]
2009-03-15 20:43 44832 -c--a-w- c:\program files\Sonique\SQStart.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Tracktion 3\\Tracktion.exe"=
R2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe [2007-11-26 20992]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\ekdiscovery.exe [2009-08-05 284016]
R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\DRIVERS\emusba10.sys [2007-11-26 163352]
R3 SliceDisk5;SliceDisk5;c:\docume~1\ADMINI~1\LOCALS~1\Temp\slicedisk.sys
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-01-08 721904]
S0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2006-12-09 16384]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2008-06-05 43792]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2009-08-04 40560]
S1 NetBurn;Paragon NetBurning Driver;c:\windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-06-21 67656]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [2009-04-03 1680704]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-05-01 181544]
S2 fsproflt;FSPro Filter Service;c:\windows\system32\fsproflt.exe [2008-10-23 73344]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NetBurnerService;Net Burner iSCSI Service;c:\program files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe [2008-06-07 223248]
S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-10 33792]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 RDID1009;EDIROL UM-1;c:\windows\system32\Drivers\rdwm1009.sys [2005-06-03 65794]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-10-28 127496]
.
Contents of the 'Scheduled Tasks' folder
2010-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1292428093-1801674531-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-23 19:19]
2010-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1292428093-1801674531-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-23 19:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.att.net/
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l8r50sm9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l8r50sm9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l8r50sm9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-26 16:13
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(832)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
.
**************************************************************************
.
Completion time: 2010-06-26 16:25:09 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-26 20:25
ComboFix2.txt 2010-06-26 19:56
ComboFix3.txt 2010-06-26 17:21
ComboFix4.txt 2010-06-25 21:12
ComboFix5.txt 2010-06-26 20:02
Pre-Run: 111,560,761,344 bytes free
Post-Run: 111,601,106,944 bytes free
- - End Of File - - E207D48FA665EFD0477C1E33C0DCD026
-
I can't drag/drop or copy paste
Not to worry. It worked.
I'd like us to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
•Click the (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
- Double click on the (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png) icon on your desktop.
•Check (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png)
•Click the (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png) button.
•Accept any security warnings from your browser.
•Check (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png)
•Push (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png) button.
•Push (http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
-
i'm running scan now, is my computer almost clean? Are you gonna be online for a while? The scan is 13% done, if I recall correctly last time I ran this scan it took well over an hour........will this finally fix my problems? sorry for the questions, I really appreciate your help, just very frustrated, i've spent the better part of the past 4 days on this computer issue. I still can't copy, paste, can't run mbam, no sound, etc.... Thanks Super Dave!
-
i'm running scan now, is my computer almost clean? Are you gonna be online for a while? The scan is 13% done, if I recall correctly last time I ran this scan it took well over an hour........will this finally fix my problems? sorry for the questions, I really appreciate your help, just very frustrated, i've spent the better part of the past 4 days on this computer issue. I still can't copy, paste, can't run mbam, no sound, etc.... Thanks Super Dave!
I will know more once the scan is completed. The copy and paste and the no sound problems look like another different problem. As for MBAM, go to Program Files/ malwarebytes anti-malware folder and change the name of mbam.exe to somethingelse.exe. Now try to see if it will run. I won't be on-line very much longer this evening. Back tomorrow afternoon.
-
48 minutes and this thing is still only at 13%, yeah i remembered correctly, i think the last time i used this particular scan it took hours, i think i ended up stopping it.
so far its found 3 win32 trojan downloader/unruy bt.trojan, there are 3 files so far that say the same thing. thanks
-
Give it another couple of hours. If it doesn't complete by then, closed it and I'll send you another. BTW, how were you able to copy and paste all these logs in your thread?
-
its tricky, i can copy in Google Chrome Browser. I never really used Chrome, i've always used Firefox, I can't copy paste in firefox or ie. I only went to chrome because i had like 15 tabs i didn't want to wait to load in firefox. I'm actually sort of liking chrome. I can't copy/paste in folders or files on computer, i can't drag or drop anything. I considered reinstalling windows, but realized I couldn't copy folders, and files to back them up.
-
Have you tried ALt. + A to copy and Alt + V to paste?
Place the OS CD in your CD ROM drive and follow the instructions below:
•Click on Start > Run and type sfc /scannow then press Enter (note the space between scf and /scannow)
*Let this run undisturbed until the window with the blue progress bar goes away
SFC - Which stands for System File Checker, retrieves the correct version of the file from %Systemroot%\System32\Dllcache or the Windows installation source files, and then replaces the incorrect file.
-
i ran sfc and put it in combofix
- x86
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
F:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2010-05-26 to 2010-06-26 )))))))))))))))))))))))))))))))
.
2010-06-26 16:55 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-06-26 16:53 . 2001-08-17 17:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-06-26 16:52 . 2001-08-17 17:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2010-06-26 16:51 . 2001-08-18 02:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-06-26 16:50 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2010-06-26 16:49 . 2001-08-17 17:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2010-06-26 16:48 . 2001-08-17 16:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2010-06-26 16:47 . 2001-08-17 16:10 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2010-06-26 16:46 . 2001-08-17 18:56 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2010-06-26 16:45 . 2001-08-17 17:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2010-06-26 16:44 . 2001-08-18 02:36 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-06-26 16:43 . 2001-08-17 17:28 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-06-26 16:42 . 2008-04-14 09:40 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll
2010-06-26 16:41 . 2001-08-17 18:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-06-26 16:40 . 2001-08-17 16:11 65278 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2010-06-26 16:39 . 2008-04-14 04:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-06-26 16:39 . 2008-04-14 04:16 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2010-06-26 16:39 . 2001-08-17 17:48 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-06-26 16:39 . 2001-08-17 18:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-06-26 16:39 . 2008-04-14 04:24 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2010-06-26 16:39 . 2010-06-26 16:54 -------- dc----w- c:\windows\LastGood
2010-06-26 00:54 . 2010-06-26 00:54 -------- dc----w- c:\documents and settings\Administrator\Local Settings\Application Data\Help
2010-06-25 20:17 . 2010-06-26 17:03 -------- dc----w- c:\windows\system32\CatRoot2
2010-06-24 01:22 . 2010-06-24 01:22 -------- dc----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Corporation
2010-06-23 22:02 . 2010-04-29 19:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 22:02 . 2010-04-29 19:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\Setup
2010-06-23 19:23 . 2010-06-23 19:23 -------- dc----w- C:\VSS
2010-06-23 19:22 . 2010-06-23 19:23 -------- dc----w- C:\VB98
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Shared
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\MSDesign
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\Common
2010-06-23 19:22 . 2010-06-23 19:22 -------- dc----w- C:\os
2010-06-23 12:19 . 2010-06-23 12:19 132608 -csha-r- c:\windows\system32\systemi.dll
2010-06-21 02:35 . 2010-05-31 20:34 702120 -c--a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l8r50sm9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-06-21 02:35 . 2010-05-31 20:34 868456 -c--a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\l8r50sm9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-06-14 06:18 . 2010-06-14 06:21 -------- dc----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\documents and settings\Administrator\Application Data\Ulead Systems
2010-06-14 06:18 . 2010-06-14 06:18 -------- dc----w- c:\program files\Ulead Systems
2010-06-14 06:17 . 1999-10-15 16:50 1056768 -c--a-w- c:\windows\system32\ROBOEX32.DLL
2010-06-14 06:17 . 1999-01-28 19:44 49152 -c--a-w- c:\windows\system32\INETWH32.dll
2010-06-14 06:17 . 2010-06-14 06:17 -------- dc----w- c:\windows\Noslip
2010-06-12 21:44 . 2008-05-02 03:05 26112 -c--a-w- c:\windows\system32\stu2.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 00:54 . 2009-03-29 04:02 -------- dc----w- c:\program files\IrfanView3.99
2010-06-24 23:31 . 2009-12-09 00:38 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-24 18:16 . 2009-03-15 20:43 -------- dc----w- c:\program files\Sonique
2010-06-23 22:03 . 2009-03-16 04:30 -------- dc----w- c:\documents and settings\Administrator\Application Data\DMCache
2010-06-23 20:13 . 2009-08-28 04:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-23 12:50 . 2009-05-30 11:47 -------- dc----w- c:\documents and settings\Administrator\Application Data\Tracktion 3
2010-06-23 12:50 . 2009-05-11 23:41 -------- dc----w- c:\documents and settings\All Users\Application Data\Tracktion 3
2010-06-21 09:57 . 2004-01-06 09:32 -------- dc----w- c:\program files\SUPERAntiSpyware
2010-06-15 00:46 . 2009-03-07 04:53 29336 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-14 06:17 . 2009-03-07 02:21 -------- dc-h--w- c:\program files\InstallShield Installation Information
2010-05-03 21:48 . 2010-05-03 21:48 0 -c-ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-05-03 21:47 . 2010-05-03 21:47 0 -c-ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-05-03 13:39 . 2010-05-03 13:39 581192 -c--a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-05-03 13:39 . 2010-05-03 13:39 1112288 -c--a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-04-23 01:12 . 2010-01-24 11:01 16 -c--a-w- c:\windows\msocreg32.dat
2010-04-22 10:51 . 2010-04-22 10:51 2892 -c--a-w- c:\windows\system32\audcon.sys
2010-04-18 22:35 . 2010-04-18 22:35 69632 -c--a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-04-18 22:35 . 2010-01-08 03:46 69632 -c--a-w- c:\windows\system32\FxShared.dll
.
------- Sigcheck -------
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-05-02 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asyncmac.sys
[-] 2008-05-02 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2008-05-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-05-02 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-05-02 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntfs.sys
[-] 2008-05-02 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-05-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-05-02 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tcpip.sys
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\browser.dll
[-] 2008-05-02 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lsass.exe
[-] 2008-05-02 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-05-02 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-05-02 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-05-02 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\rpcss.dll
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-05-02 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\services.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-05-02 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\winlogon.exe
[-] 2008-05-02 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\comctl32.dll
[-] 2008-05-02 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-05-02 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\cryptsvc.dll
[-] 2008-05-02 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-05-02 03:05 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\es.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\imm32.dll
[-] 2008-05-02 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-05-02 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\kernel32.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\linkinfo.dll
[-] 2008-05-02 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\lpk.dll
[-] 2008-05-02 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\mshtml.dll
[-] 2009-07-19 . F6098CC1B1C3858D53F20F3CB5774F3B . 3600384 . . [7.00.6000.21089] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\system32\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-17 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[-] 2008-12-12 . B6DAA74E2ED36C71B502945589A683AE . 3067904 . . [6.00.2900.5726] . . c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
[-] 2008-10-16 . CC5A2205D37AE67CE23AB7FD3E1FDACA . 3067904 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie7\mshtml.dll
[-] 2008-05-02 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msvcrt.dll
[-] 2008-05-02 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2008-05-02 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-05-02 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mswsock.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-05-02 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntoskrnl.exe
[-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . F6F8245B3A2E9CA834DD318E7AE0C6D0 . 2145280 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-05-02 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntoskrnl.exe
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-05-02 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-05-02 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfc.dll
[-] 2008-05-02 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-05-02 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-05-02 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-05-02 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-05-02 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2009-06-29 . 4C6B4138165A4C53FE8A5B1D809526C3 . 828928 . . [7.00.6000.21073] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3qfe\wininet.dll
[-] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\SoftwareDistribution\Download\cfdf673d5f64980a67e3f1a551949306\sp3gdr\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\system32\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . E8FCE58A470999350F64C591557F9E42 . 667136 . . [6.00.2900.5694] . . c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ie7\wininet.dll
[-] 2008-05-02 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-05-02 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-05-02 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2008-05-02 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\explorer.exe
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-05-02 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-05-02 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-05-02 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\eventlog.dll
[-] 2008-05-02 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\sfcfiles.dll
[-] 2008-05-02 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ctfmon.exe
[-] 2008-05-02 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-05-02 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-05-02 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-05-02 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-05-02 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-05-02 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\appmgmts.dll
[-] 2008-05-02 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2008-05-02 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\aec.sys
[-] 2008-04-14 03:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ip6fw.sys
[-] 2008-05-02 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\mfc40u.dll
[-] 2008-05-02 03:05 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\msgsvc.dll
[-] 2008-05-02 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-05-02 03:05 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\LastGood\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\ntkrnlpa.exe
[-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 8206B5F94A6A9450E934029420C1693F . 2023936 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-05-02 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntkrnlpa.exe
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ERDNT\cache\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-05-02 03:05 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-05-02 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ERDNT\cache\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\dsound.dll
[-] 2008-05-02 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\d3d9.dll
[-] 2008-05-02 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\ddraw.dll
[-] 2008-05-02 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\olepro32.dll
[-] 2008-05-02 03:05 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-05-02 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-06-24_14.51.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-25 20:54 . 2010-06-25 20:54 16384 c:\windows\temp\Perflib_Perfdata_6a0.dat
+ 2008-05-02 03:05 . 2004-08-04 11:00 14848 c:\windows\system32\msidntld.dll
- 2008-05-02 03:05 . 2008-05-02 03:05 14848 c:\windows\system32\msidntld.dll
+ 2010-06-26 16:54 . 2001-08-18 02:36 23040 c:\windows\system32\dllcache\xrxwbtmp.dll
+ 2010-06-26 16:54 . 2008-04-14 09:42 18944 c:\windows\system32\dllcache\xrxscnui.dll
+ 2010-06-26 16:54 . 2001-08-18 02:37 27648 c:\windows\system32\dllcache\xrxftplt.exe
+ 2010-06-26 16:54 . 2001-08-18 02:37 99865 c:\windows\system32\dllcache\xlog.exe
+ 2010-06-26 16:54 . 2001-08-17 16:11 16970 c:\windows\system32\dllcache\xem336n5.sys
+ 2008-04-14 05:42 . 2008-05-02 03:05 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2010-06-26 16:54 . 2008-04-14 02:04 19455 c:\windows\system32\dllcache\wvchntxx.sys
+ 2010-06-26 16:54 . 2008-04-14 04:16 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2010-06-26 16:54 . 2008-04-14 02:04 12063 c:\windows\system32\dllcache\wsiintxx.sys
+ 2010-06-26 16:54 . 2001-08-17 16:12 34890 c:\windows\system32\dllcache\wlandrv2.sys
+ 2010-06-26 16:53 . 2001-08-18 02:36 53760 c:\windows\system32\dllcache\wiamsmud.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 31232 c:\windows\system32\dllcache\weitekp9.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 31232 c:\windows\system32\dllcache\weitekp9.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 41600 c:\windows\system32\dllcache\weitekp9.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 41600 c:\windows\system32\dllcache\weitekp9.dll
+ 2010-06-26 16:53 . 2008-04-14 02:04 23615 c:\windows\system32\dllcache\wch7xxnt.sys
+ 2010-06-26 16:53 . 2008-04-14 04:15 31744 c:\windows\system32\dllcache\wceusbsh.sys
+ 2010-06-26 16:53 . 2001-08-17 16:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 33599 c:\windows\system32\dllcache\watv04nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 19551 c:\windows\system32\dllcache\watv02nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 29311 c:\windows\system32\dllcache\watv01nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 11775 c:\windows\system32\dllcache\wadv05nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 12127 c:\windows\system32\dllcache\wadv02nt.sys
+ 2010-06-26 16:53 . 2008-04-14 02:04 12415 c:\windows\system32\dllcache\wadv01nt.sys
+ 2010-06-26 16:53 . 2008-04-14 04:13 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2010-06-26 16:53 . 2001-08-17 16:13 16925 c:\windows\system32\dllcache\w940nd.sys
+ 2010-06-26 16:53 . 2001-08-17 16:13 19016 c:\windows\system32\dllcache\w926nd.sys
+ 2010-06-26 16:53 . 2001-08-17 16:13 19528 c:\windows\system32\dllcache\w840nd.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 73728 c:\windows\system32\dllcache\w3ext.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 73728 c:\windows\system32\dllcache\w3ext.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 48256 c:\windows\system32\dllcache\w32.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 48256 c:\windows\system32\dllcache\w32.dll
+ 2010-06-26 16:53 . 2001-08-17 17:28 64605 c:\windows\system32\dllcache\vvoice.sys
+ 2010-06-26 16:52 . 2001-08-17 17:49 24576 c:\windows\system32\dllcache\viairda.sys
+ 2010-06-26 16:52 . 2008-04-14 04:06 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2010-06-26 16:52 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2010-06-26 16:52 . 2008-04-14 09:42 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2010-06-26 16:52 . 2008-04-14 04:15 26112 c:\windows\system32\dllcache\usbser.sys
+ 2010-06-26 16:52 . 2008-04-14 04:15 17152 c:\windows\system32\dllcache\usbohci.sys
+ 2010-06-26 16:52 . 2008-04-14 04:26 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2010-06-26 16:52 . 2008-04-14 02:05 32384 c:\windows\system32\dllcache\usb101et.sys
+ 2010-06-26 16:52 . 2001-08-18 02:36 94720 c:\windows\system32\dllcache\umaxud32.dll
+ 2010-06-26 16:51 . 2001-08-18 02:36 26624 c:\windows\system32\dllcache\umaxu22.dll
+ 2010-06-26 16:51 . 2001-08-18 02:36 69632 c:\windows\system32\dllcache\umaxu12.dll
+ 2010-06-26 16:51 . 2001-08-18 02:36 50688 c:\windows\system32\dllcache\umaxscan.dll
+ 2010-06-26 16:51 . 2001-08-17 17:58 22912 c:\windows\system32\dllcache\umaxpcls.sys
+ 2010-06-26 16:51 . 2001-08-18 02:36 50176 c:\windows\system32\dllcache\umaxp60.dll
+ 2010-06-26 16:51 . 2001-08-18 02:36 47616 c:\windows\system32\dllcache\umaxcam.dll
+ 2010-06-26 16:51 . 2001-08-17 17:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2010-06-26 16:51 . 2008-04-14 04:06 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2010-06-26 16:51 . 2001-08-17 17:48 11520 c:\windows\system32\dllcache\twotrack.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 14336 c:\windows\system32\dllcache\tsprof.exe
- 2009-03-07 02:00 . 2008-05-02 03:05 14336 c:\windows\system32\dllcache\tsprof.exe
+ 2010-06-26 16:50 . 2001-08-17 16:12 34375 c:\windows\system32\dllcache\tpro4.sys
+ 2010-06-26 16:50 . 2001-08-18 02:35 42496 c:\windows\system32\dllcache\tp4res.dll
+ 2010-06-26 16:50 . 2008-04-14 09:42 82944 c:\windows\system32\dllcache\tp4mon.exe
+ 2010-06-26 16:50 . 2001-08-18 02:36 31744 c:\windows\system32\dllcache\tp4.dll
+ 2010-06-26 16:50 . 2001-08-17 16:10 28232 c:\windows\system32\dllcache\tos4mo.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 44032 c:\windows\system32\dllcache\tintlphr.exe
+ 2009-03-07 02:00 . 2007-11-30 12:16 44032 c:\windows\system32\dllcache\tintlphr.exe
+ 2010-06-26 16:50 . 2001-08-17 18:56 81408 c:\windows\system32\dllcache\tgiul50.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 19464 c:\windows\system32\dllcache\tdspx.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 19464 c:\windows\system32\dllcache\tdspx.sys
+ 2010-06-26 16:50 . 2001-08-17 16:13 17129 c:\windows\system32\dllcache\tdkcd31.sys
+ 2010-06-26 16:50 . 2001-08-17 16:13 37961 c:\windows\system32\dllcache\tdk100b.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 21896 c:\windows\system32\dllcache\tdipx.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 21896 c:\windows\system32\dllcache\tdipx.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 13192 c:\windows\system32\dllcache\tdasync.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 13192 c:\windows\system32\dllcache\tdasync.sys
+ 2010-06-26 16:50 . 2001-08-17 17:49 30464 c:\windows\system32\dllcache\tbatm155.sys
+ 2010-06-26 16:49 . 2001-08-17 16:50 36640 c:\windows\system32\dllcache\t2r4mini.sys
+ 2010-06-26 16:49 . 2001-08-17 18:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2010-06-26 16:49 . 2001-08-17 18:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2010-06-26 16:49 . 2001-08-17 18:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2010-06-26 16:49 . 2001-08-17 18:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2010-06-26 16:49 . 2001-08-18 02:36 94293 c:\windows\system32\dllcache\sxports.dll
+ 2010-06-26 16:49 . 2001-08-18 02:36 10240 c:\windows\system32\dllcache\swpidflt.dll
+ 2010-06-26 16:49 . 2001-08-18 02:36 10240 c:\windows\system32\dllcache\swpdflt2.dll
+ 2010-06-26 16:49 . 2001-08-18 02:36 53760 c:\windows\system32\dllcache\sw_wheel.dll
+ 2010-06-26 16:49 . 2001-08-18 02:36 41472 c:\windows\system32\dllcache\sw_effct.dll
+ 2010-06-26 16:49 . 2008-04-14 04:16 15232 c:\windows\system32\dllcache\streamip.sys
+ 2010-06-26 16:49 . 2001-08-18 02:36 53248 c:\windows\system32\dllcache\stlncoin.dll
+ 2010-06-26 16:49 . 2001-08-17 17:51 16896 c:\windows\system32\dllcache\stcusb.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 16896 c:\windows\system32\dllcache\status.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 16896 c:\windows\system32\dllcache\status.dll
+ 2010-06-26 16:48 . 2001-08-18 02:36 99328 c:\windows\system32\dllcache\srusd.dll
+ 2010-06-26 16:48 . 2001-08-18 02:36 24660 c:\windows\system32\dllcache\spxupchk.dll
+ 2010-06-26 16:48 . 2001-08-17 17:51 61824 c:\windows\system32\dllcache\speed.sys
+ 2010-06-26 16:48 . 2001-08-17 18:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2010-06-26 16:48 . 2001-08-17 16:51 37040 c:\windows\system32\dllcache\sonypi.sys
+ 2010-06-26 16:48 . 2001-08-17 16:51 20752 c:\windows\system32\dllcache\sonync.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 10240 c:\windows\system32\dllcache\snmpstup.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 10240 c:\windows\system32\dllcache\snmpstup.dll
+ 2010-06-26 16:48 . 2001-08-17 16:51 58368 c:\windows\system32\dllcache\smiminib.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2010-06-26 16:48 . 2001-08-17 16:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys
+ 2010-06-26 16:47 . 2001-08-17 16:12 24576 c:\windows\system32\dllcache\smc8000n.sys
+ 2010-06-26 16:47 . 2008-04-14 04:06 16000 c:\windows\system32\dllcache\smbbatt.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 31744 c:\windows\system32\dllcache\smb6w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 31744 c:\windows\system32\dllcache\smb6w.dll
+ 2010-06-26 16:47 . 2001-08-18 02:36 45568 c:\windows\system32\dllcache\smb3w.dll
+ 2010-06-26 16:47 . 2001-08-18 02:36 33792 c:\windows\system32\dllcache\smb0w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 31744 c:\windows\system32\dllcache\sma3w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 31744 c:\windows\system32\dllcache\sma3w.dll
+ 2010-06-26 16:47 . 2001-08-18 02:36 28672 c:\windows\system32\dllcache\sma0w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 38912 c:\windows\system32\dllcache\sm9aw.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 38912 c:\windows\system32\dllcache\sm9aw.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26624 c:\windows\system32\dllcache\sm93w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26624 c:\windows\system32\dllcache\sm93w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26624 c:\windows\system32\dllcache\sm92w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26624 c:\windows\system32\dllcache\sm92w.dll
+ 2010-06-26 16:47 . 2001-08-18 02:36 28160 c:\windows\system32\dllcache\sm91w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26112 c:\windows\system32\dllcache\sm90w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26112 c:\windows\system32\dllcache\sm90w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26112 c:\windows\system32\dllcache\sm8dw.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26112 c:\windows\system32\dllcache\sm8dw.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 29184 c:\windows\system32\dllcache\sm8cw.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 29184 c:\windows\system32\dllcache\sm8cw.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26112 c:\windows\system32\dllcache\sm8aw.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26112 c:\windows\system32\dllcache\sm8aw.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 26112 c:\windows\system32\dllcache\sm89w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 26112 c:\windows\system32\dllcache\sm89w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 30208 c:\windows\system32\dllcache\sm87w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 30208 c:\windows\system32\dllcache\sm87w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 30208 c:\windows\system32\dllcache\sm81w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 30208 c:\windows\system32\dllcache\sm81w.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 25088 c:\windows\system32\dllcache\sm59w.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 25088 c:\windows\system32\dllcache\sm59w.dll
+ 2010-06-26 16:47 . 2008-04-14 03:53 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2010-06-26 16:47 . 2008-04-14 09:42 73796 c:\windows\system32\dllcache\slserv.exe
+ 2010-06-26 16:47 . 2008-04-14 09:42 32866 c:\windows\system32\dllcache\slrundll.exe
+ 2010-06-26 16:47 . 2008-04-14 03:53 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2010-06-26 16:47 . 2008-04-14 04:16 11136 c:\windows\system32\dllcache\slip.sys
+ 2010-06-26 16:47 . 2008-04-14 09:42 73832 c:\windows\system32\dllcache\slcoinst.dll
+ 2010-06-26 16:47 . 2008-04-14 02:05 63547 c:\windows\system32\dllcache\sla30nd5.sys
+ 2010-06-26 16:47 . 2001-08-17 16:12 91294 c:\windows\system32\dllcache\skfpwin.sys
+ 2010-06-26 16:47 . 2001-08-17 16:12 94698 c:\windows\system32\dllcache\sk98xwin.sys
+ 2010-06-26 16:47 . 2001-08-17 16:50 50432 c:\windows\system32\dllcache\sisv.sys
+ 2010-06-26 16:47 . 2008-04-14 02:05 32768 c:\windows\system32\dllcache\sisnic.sys
+ 2010-06-26 16:47 . 2008-04-14 04:06 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2010-06-26 16:47 . 2001-08-17 16:50 68608 c:\windows\system32\dllcache\sis6306p.sys
- 2009-03-07 02:00 . 2008-05-02 03:05 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2010-06-26 16:46 . 2001-07-21 18:29 18400 c:\windows\system32\dllcache\sgsmld.sys
+ 2010-06-26 16:46 . 2001-08-17 16:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys
+ 2010-06-26 16:46 . 2001-08-17 16:19 36480 c:\windows\system32\dllcache\sfmanm.sys
+ 2010-06-26 16:46 . 2001-08-17 17:48 17664 c:\windows\system32\dllcache\sermouse.sys
+ 2010-06-26 16:46 . 2008-04-14 04:15 11520 c:\windows\system32\dllcache\scsiscan.sys
+ 2010-06-26 16:46 . 2001-08-17 17:52 11648 c:\windows\system32\dllcache\scsiprnt.sys
+ 2010-06-26 16:46 . 2001-08-17 17:51 17280 c:\windows\system32\dllcache\scr111.sys
+ 2010-06-26 16:46 . 2001-08-17 17:51 16640 c:\windows\system32\dllcache\scmstcs.sys
+ 2010-06-26 16:46 . 2001-08-17 17:51 23936 c:\windows\system32\dllcache\sccmusbm.sys
+ 2010-06-26 16:45 . 2008-04-14 04:10 43904 c:\windows\system32\dllcache\sbp2port.sys
+ 2010-06-26 16:45 . 2001-08-17 16:50 75392 c:\windows\system32\dllcache\s3savmxm.sys
+ 2010-06-26 16:45 . 2001-08-17 16:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
+ 2010-06-26 16:45 . 2001-08-17 16:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
+ 2010-06-26 16:45 . 2001-08-18 02:36 62496 c:\windows\system32\dllcache\s3mtrio.dll
+ 2010-06-26 16:45 . 2001-08-17 16:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
+ 2010-06-26 16:45 . 2001-08-17 17:57 65664 c:\windows\system32\dllcache\s3legacy.sys
+ 2010-06-26 16:45 . 2001-08-18 02:36 82432 c:\windows\system32\dllcache\rwia450.dll
+ 2010-06-26 16:45 . 2001-08-18 02:36 79872 c:\windows\system32\dllcache\rwia430.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 79872 c:\windows\system32\dllcache\rwia330.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 79872 c:\windows\system32\dllcache\rwia330.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 79872 c:\windows\system32\dllcache\rwia001.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 79872 c:\windows\system32\dllcache\rwia001.dll
+ 2010-06-26 16:45 . 2008-04-14 09:42 29696 c:\windows\system32\dllcache\rw450ext.dll
+ 2010-06-26 16:45 . 2008-04-14 09:42 27648 c:\windows\system32\dllcache\rw430ext.dll
+ 2010-06-26 16:45 . 2008-04-14 02:05 20992 c:\windows\system32\dllcache\rtl8139.sys
+ 2010-06-26 16:45 . 2001-08-17 16:12 19017 c:\windows\system32\dllcache\rtl8029.sys
+ 2010-06-26 16:45 . 2001-08-17 16:19 30720 c:\windows\system32\dllcache\rthwcls.sys
+ 2010-06-26 16:44 . 2008-04-14 04:10 79104 c:\windows\system32\dllcache\rocket.sys
+ 2010-06-26 16:44 . 2008-04-14 04:26 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2010-06-26 16:44 . 2001-08-17 16:12 37563 c:\windows\system32\dllcache\rlnet5.sys
+ 2010-06-26 16:44 . 2008-04-14 04:16 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2010-06-26 16:44 . 2001-08-18 02:36 86097 c:\windows\system32\dllcache\reslog32.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 14848 c:\windows\system32\dllcache\register.exe
+ 2009-03-07 02:00 . 2004-08-04 11:00 14848 c:\windows\system32\dllcache\register.exe
+ 2010-06-26 16:44 . 2008-04-14 03:53 13776 c:\windows\system32\dllcache\recagent.sys
+ 2010-06-26 16:44 . 2001-08-17 17:51 19584 c:\windows\system32\dllcache\rasirda.sys
+ 2010-06-26 16:44 . 2001-08-18 02:36 41472 c:\windows\system32\dllcache\qvusd.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 16384 c:\windows\system32\dllcache\quser.exe
- 2009-03-07 02:00 . 2008-05-02 03:05 16384 c:\windows\system32\dllcache\quser.exe
+ 2010-06-26 16:44 . 2001-08-17 17:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2010-06-26 16:44 . 2001-08-17 17:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2010-06-26 16:44 . 2001-08-17 17:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2010-06-26 16:44 . 2001-08-17 17:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2010-06-26 16:44 . 2001-08-17 17:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2010-06-26 16:43 . 2001-08-18 02:36 35328 c:\windows\system32\dllcache\psisload.dll
+ 2010-06-26 16:43 . 2001-08-17 17:51 16128 c:\windows\system32\dllcache\pscr.sys
+ 2010-06-26 16:43 . 2008-04-14 04:11 17664 c:\windows\system32\dllcache\ppa3.sys
+ 2010-06-26 16:43 . 2001-08-17 17:53 17792 c:\windows\system32\dllcache\ppa.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 11264 c:\windows\system32\dllcache\pmxmcro.dll
+ 2008-04-14 05:42 . 2008-05-02 03:05 15360 c:\windows\system32\dllcache\pjlmon.dll
+ 2010-06-26 16:43 . 2001-08-17 18:07 19840 c:\windows\system32\dllcache\philtune.sys
+ 2010-06-26 16:43 . 2001-08-17 18:04 92416 c:\windows\system32\dllcache\phildec.sys
+ 2010-06-26 16:43 . 2001-08-17 18:04 75776 c:\windows\system32\dllcache\philcam1.sys
+ 2010-06-26 16:43 . 2001-08-18 02:36 16384 c:\windows\system32\dllcache\philcam1.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 20992 c:\windows\system32\dllcache\permchk.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 20992 c:\windows\system32\dllcache\permchk.dll
+ 2010-06-26 16:43 . 2008-04-14 04:14 28032 c:\windows\system32\dllcache\perm3.sys
+ 2010-06-26 16:42 . 2008-04-14 04:14 27904 c:\windows\system32\dllcache\perm2.sys
+ 2010-06-26 16:42 . 2001-08-17 18:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2010-06-26 16:42 . 2001-08-18 02:36 86016 c:\windows\system32\dllcache\pctspk.exe
+ 2010-06-26 16:42 . 2001-08-17 16:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
+ 2010-06-26 16:42 . 2001-08-17 16:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
+ 2010-06-26 16:42 . 2001-08-17 16:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
+ 2010-06-26 16:42 . 2001-08-17 16:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
+ 2010-06-26 16:42 . 2008-04-14 02:05 29502 c:\windows\system32\dllcache\pca200e.sys
+ 2010-06-26 16:42 . 2001-08-17 16:12 30495 c:\windows\system32\dllcache\pc100nds.sys
+ 2009-03-07 02:00 . 2004-08-04 11:00 31744 c:\windows\system32\dllcache\pagecnt.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 31744 c:\windows\system32\dllcache\pagecnt.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 14336 c:\windows\system32\dllcache\padrs412.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 14336 c:\windows\system32\dllcache\padrs412.dll
+ 2009-03-07 02:00 . 2004-08-04 11:00 36927 c:\windows\system32\dllcache\padrs411.dll
- 2009-03-07 02:00 . 2008-05-02 03:05 36927 c:\windows\system32\dllcache\padrs411.dll
+ 2010-06-26 16:42 . 2001-08-18 02:36 41984 c:\windows\system32\dllcache\ovui2rc.dll
+ 2010-06-26 16:42 . 2001-08-18 02:36 44544 c:\windows\system32\dllcache\ovui2.dll
+ 2010-06-26 16:42 . 2001-08-17 18:05 25216 c:\windows\system32\dllcache\ovsound2.sys
+ 2010-06-26 16:42 . 2001-08-18 02:36 39424 c:\windows\system32\dllcache\ovcoms.exe
+ 2010-06-26 16:42 . 2001-08-18 02:36 20480 c:\windows\system32\dllcache\ovcomc.dll
+ 2010-06-26 16:42 . 2001-08-17 18:05 31872 c:\windows\system32\dllcache\ovce.sys
+ 2010-06-26 16:42 . 2001-08-17 18:05 28032 c:\windows\system32\dllcache\ovcd.sys
+ 2010-06-26 16:41 . 2001-08-17 18:05 25088 c:\windows\system32\dllcache\ovca.sys
+ 2010-06-26 16:41 . 2001-08-17 17:28 54186 c:\windows\system32\dllcache\otcsercb.sys
+ 2010-06-26 16:41 . 2001-08-17 16:12 43689 c:\windows\system32\dllcache\otceth5.sys
+ 2010-06-26 16:41 . 2001-08-17 16:12 27209 c:\windows\system32\dllcache\otc06x5.sys
-
When I woke up the scan was on 99%, i waited for 2 hrs and just stopped it. When i stopped it, it had been running for over 12 hours.
here's what was found, also should i check where it says delete quarantined files or just leave them alone?
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\316e0f7b-3a1d1b30 a variant of Win32/TrojanDownloader.Unruy.BT trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\316e0f7b-42fba565 a variant of Win32/TrojanDownloader.Unruy.BT trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\316e0f7b-6d1cbaea a variant of Win32/TrojanDownloader.Unruy.BT trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\Aluzaa.exe.vir a variant of Win32/Kryptik.FDP trojan cleaned by deleting - quarantined
E:\compressed moved\Compressed\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
E:\compressed moved\Compressed\flstudio8_rc3\flstudio8_rc3.exe probably a variant of Win32/Delf trojan deleted - quarantined
E:\compressed moved\Compressed\Fruityloops.Studio.Producer.Edition.XXL.v8.0.0-NoPE\Fruityloops.Studio.Producer.Edition.XXL.v8.0.0-NoPE\setup\flstudio_8.0_install.exe probably a variant of Win32/Delf trojan deleted - quarantined
E:\Documents\Downloads\Compressed\DivXInstaller.exe probably a variant of Win32/Inject trojan deleted - quarantined
E:\Downloads from c\Compressed\Nero-8.3.6.0_eng_keygen_activation\Nero-8.3.6.0_eng+keygen+activation\Nero-8.3.6.0_eng_trial.exe Win32/Toolbar.AskSBar application deleted - quarantined
E:\keygen\Keygen.exe probably a variant of Win32/Agent trojan cleaned by deleting - quarantined
E:\My Documents\Downloads\Compressed\Nero.8.3.2.1.by.Dardann.CW\Nero.8.3.2.1.by.Dardann.CW\Nero-8.3.2.1_eng_trial_2.exe Win32/Toolbar.AskSBar application deleted - quarantined
E:\WINDOWS\system32\mtstocom.exe probably unknown STEALTH.POLY.CRYPT.TSR.DRIVER virus deleted - quarantined
F:\Seagate Backup\CS-B883B7E3273E\C\Program Files\Kingdia Software\Kingdia Video Converter\ave.exe a variant of Win32/Kryptik.CBG trojan cleaned by deleting - quarantined
-
How did the SFC go? Did it find any bad files?
here's what was found, also should i check where it says delete quarantined files or just leave them alone?
Just leave them. Let's try one more scan.
i ran sfc and put it in combofix
What does this mean?
Download Dr.Web CureIt to the desktop:
Dr WebCureIt (http://ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe)- Double-click the launch.exe or cureit.exe file and Allow to run the express scan
- This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
- Once the short scan has finished, just let it cure whatever it finds...
o Now, go to Settings >> Change Settings
o Go to Actions tab >> under Objects section, change the settings to below
Infected objects - Cure
Incurable objects - Report
Suspicious objects - Report
o Don't change any other settings
- Start the scan again. This time, choose Complete Scan
- Click the green arrow button at the right, and the scan will start.
- After the scan finished, click Select all
- Click on Cure and choose Report incurable (means take no actions.. Don't "move", or "rename" or "delete")
- When the scan has finished, in the menu, click File and choose Save report list
- Save the report to your Desktop. The report will be called DrWeb.csv
- Post DrWeb.csv in your next reply (Open it as Notepad).. Do NOT reboot the computer yet..
-
thanks Super Dave, i took well over 10 hours for the scan, i believe don't know it was still running when i went to sleep, and when i got off work.
When i clicked on report and said i'd have to upgrade for that option, after the scan was done, i clicked cure, it didn't give me the option to report. Anyways I saved the log, minimized the window and now its gone, its not in my task manager either. So I don't know if the problems were removed.
Are we almost there? I'm so frustrated i've contemplated reinstalling windows, but it says 3waredrv.sys not found.
srvany.exe;C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service;Program.SrvAny;;
5BF6AA07.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AA08.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AB5A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AB71.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AB78.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AB8A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AB91.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AB99.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AB9D.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AB9F.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ABAF.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ABB1.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ABC3.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6ABD3.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ABE6.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AC00.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AC05.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6AC11.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AC1B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AC38.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AC3E.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AC80.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ACB7.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AD2B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AD59.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AD83.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ADC4.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6ADDE.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE1B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE2B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE34.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE5E.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE63.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE7E.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AE88.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6AEA4.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B03F.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B11D.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B13C.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B188.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B1BA.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B26E.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B27F.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B2E0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B405.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B42A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B4DB.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B4E8.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B501.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B527.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B592.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B6AF.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B7C0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6B7D0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B93D.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B95A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B983.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6B9B0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6BA46.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6BA81.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6BBCB.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6BD58.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6BE07.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6BF56.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6C00D.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6C0B8.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6C0BB.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6C0CF.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5BF6C0D0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5BF6C0D3.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69932B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699361.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699383.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F6994D7.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F6994F8.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F699575.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F6995E8.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699603.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F6996DE.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69971B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699735.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699757.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699785.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F6998A6.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699965.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699981.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699A88.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699A9B.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699AE7.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F699B64.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F699C0A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699CB2.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699D4A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F699F4C.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69A1A9.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69A39E.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F69A4DF.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69AB24.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69AB74.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69B174.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69B2BB.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F69B3D4.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69B4F0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69B77A.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
5F69B8F0.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
5F69BA51.VBN;C:\_OTM\MovedFiles\05152010_133750\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0002.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0012.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0016.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC001C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC001F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0023.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC0026.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0030.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC0038.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC003B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0046.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC0051.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC005A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC006F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC007A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC007B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0088.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC008A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC008D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0095.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC009E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00AA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00B3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC00B7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00C1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00C4.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00C7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC00CC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC00CD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00D0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00D3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00D4.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00D8.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00D9.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00DC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00DD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00E1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00EA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
06FC00EC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00F3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00F5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC00FF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0105.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0106.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0107.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
06FC0115.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C98053A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C98053B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C98054E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C98054F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C980552.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
0C980553.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40118.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40119.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40172.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40173.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E402D4.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E402D5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40324.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40327.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40328.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40348.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E4035F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40360.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40502.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40503.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40598.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
13E405BE.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E405BF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E405C2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40611.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40612.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40630.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40647.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
13E40649.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD791.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD797.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD7B7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD7C9.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDD81C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD848.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD939.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD93E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD959.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD968.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDD982.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDA42.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDA4D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDA84.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDA88.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDA8C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDAA8.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB10.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB20.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB24.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB7C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB7F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB87.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDB8B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDBA4.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDBA8.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDBBA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDBCC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDBF0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDC66.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDC71.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDC87.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDC8A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDCCD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDCE0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDCF3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDD7E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDD85.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDE93.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEB1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEB3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEBB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4BFDDED0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDED5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDED7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEDA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEDB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEDE.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFDDEDF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1A8E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1A98.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1AC3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1AC6.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1ACA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4BFE1B09.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6322.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D632D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D632F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6338.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D633D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D6340.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6343.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6345.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D6382.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63CC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63D4.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63D8.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63EC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63F6.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63F8.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D63FD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6422.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6429.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D646D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6477.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6B36.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6B3E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6B43.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6B46.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6B95.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6BCA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D6C36.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6C88.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6CCF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6CE3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D6D3F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6D46.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D6D4D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6DB2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6EAB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6EC0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D6F06.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7115.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7188.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D71AE.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D71BF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7201.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7213.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7234.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D72A1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D72DA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7345.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7458.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7464.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7499.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D74D5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D74F5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7583.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D75BC.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D767C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D76D3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7745.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7907.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D79D7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7A39.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7AEA.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7BC2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D7C36.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7C59.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7C9D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7E34.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D7FE3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D80C2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D8145.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D81E6.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D821C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D8463.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D84FE.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D8647.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D885B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D88AD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D89B5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D89D1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D8A88.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D8B4F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D8C10.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D8C7D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D90D0.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9174.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D918F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9353.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9454.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D94A3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D952A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D95E6.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D98A7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D98BF.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9B89.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9C11.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3D9D24.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9D79.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9D8F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9E0C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9E4C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9EA1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9F35.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9F4A.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9F73.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3D9FA1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA0FD.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA144.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA1E2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3DA20F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA27E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA295.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA2E9.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA314.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA36B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA37F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA395.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA3AB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA4F6.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA713.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA784.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA7C7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA942.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3DA96C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DA9F2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAAAB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAC3D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAC55.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DACB2.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DACCB.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAD42.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAD6C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DAFA7.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB1A1.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB239.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB33B.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB414.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB47F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB4D5.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB568.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB57D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3DB5D3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB63E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB67C.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DB691.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DBBC3.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DBC2D.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DBC6E.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DBF41.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DBF81.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DC184.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.DownLoad.54095;;
4B3DC22F.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Ed;Trojan.Click.34193;;
4B3DC343.VBN;C:\_OTM\MovedFiles\05152010_134900\C_Documents and Settings\All Users\Application Da
-
What program produced this log?
but it says 3waredrv.sys not found.
Are you getting this message as soon as you try to re-install the OS or does it come later in the process?
Are we almost there?
I'm quite sure your computer is clean. I just want to have another on-line done on it. Let's try another one.
Please uninstall your copy of MBAM and download a new one to see if it will run.
(http://img233.imageshack.us/img233/7729/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from here (http://www.malwarebytes.org/mbam/program/mbam-setup.exe).
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
==========================================
Scan your computer with Panda ActiveScan (http://www.pandasoftware.com/products/activescan.htm)
* Once you are on the Panda site click the Scan your PC now button.
* A new window will open...click the Scan Now button.
* If it wants to install an ActiveX component allow it.
* It will start downloading the files it requires for the scan. (Note: It may take a couple of minutes)
* You may get a warning from Internet Explorer that Panda is ready to install, please allow it.
* The scan will begin. Please be patient as it can take an hour or more to complete.
* When the scan completes, if anything malicious is detected, click the Export to: button (looks like a little Notepad).
* Save the ActiveScan.txt to a convenient location like your desktop.
* Note: You do not need to select any of the Disinfect options. We will remove any threats manually.
* Post the contents of the ActiveScan report in your next reply.
-
Thx I'm. Typing this on my phone. Should be home i an hour. I'll try mbam again it hasn' been working but when I get in I'll. Try again. Error comes up soon as. I start windows repair. Pardon the grammar typing on phone. Thx
-
i uninstalled mbam, downloaded the link you provided and while installing i got the same error message initially reported in my original post "runtime 372 vbalgrid.ocx" I also put my xp cd in my old computer and it ran fine, but when i put it in this computer it gave me that missing driver error. thanks
-
That missing driver error could be caused by a defective CD or DVD drive. Were you able to run the Panda Scan?
-
there's no error with the xp, it works fine in my other computer, a friend also let me hold an xp sp3 cd, it gives me the same driver error 3 seconds after i click setup on boot from cd. I put both cds in my old computer and they run fine.
it says active x can't download, i've tried in firefox and ie.
-
It's not usually a problem with the OS disk. It's the CD-Rom drive that could be defective. I'm going to get some help with this problem. I'll be back.
-
ok, thanks, by the way, the cd rom drive has been playing everything smoothly, burning disk, etc..... thanks
-
thanks SuperDave, i went ahead and reinstalled windows xp sp3. thanks