Infected Computer, please help

Author	All Replies
archeng join:2011-12-08 2 edits	Infected Computer, please help Hi all, and thanks a lot for your great efforts and your help is greatly appreciated.. I believe my laptop is infected. What I am experiencing is: Kaspersky security sometimes fails and closes, MSN Messenger freezes like almost all the time, also firefox browser stops responding sometimes... ESET online scanner found some infections and cleaned it.. I followed all mandatory instructions, steps.. I also ran Norton and Bitdefender online scanners and they both found infections but didnt offer to clean them.. I then ran F-Secure online scanner and found 3 viruses but it could not remove them.. Malwarebytes did not find anything. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8327 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12/7/2011 9:05:35 PM mbam-log-2011-12-07 (21-05-34).txt Scan type: Full scan (C:\\|) Objects scanned: 491038 Time elapsed: 3 hour(s), 16 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I am attaching Malwarebytes log, OTL, and security check.. Scanning Report Thursday, December 8, 2011 11:38:50 - 14:01:51 Computer name: KHALID Scanning type: Scan system for malware, spyware and rootkits Target: C:\ F:\ 3 malware found Suspicious:W32/Malware!Gemini (virus) C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP995\A0264869.EXE (Not cleaned & Submitted) Suspicious:W32/Malware!Gemini (virus) C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP995\A0264856.EXE (Not cleaned & Submitted) Suspicious:W32/Malware!Gemini (virus) C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP995\A0264857.EXE (Not cleaned & Submitted) Statistics Scanned: Files: 152254 System: 6781 Not scanned: 55 Actions: Disinfected: 0 Renamed: 0 Deleted: 0 Not cleaned: 5 Submitted: 3 Files not scanned: C:\HIBERFIL.SYS C:\PAGEFILE.SYS C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\SAM C:\WINDOWS\SYSTEM32\CONFIG\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\SWG-3.0.1225.9868\SEARCHWITHGOOGLEUPDATE.EXE C:\DOCUMENTS AND SETTINGS\KHALID82\LOCAL SETTINGS\TEMP\HSPERFDATA_KHALID82\4788 C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE4\LIST PLUS SUMMARY.PWT C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE4\ACWEBPUBLISH_FRAME2.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE4\ACWEBPUBLISH_FRAME3.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE4\ACWEBPUBLISH_FRAME1.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE3\ACWEBPUBLISH_FRAME1.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE4\ACWEBPUBLISH_FRAME4.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE3\ACWEBPUBLISH_FRAME2.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE3\ACWEBPUBLISH_FRAME3.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE3\LIST OF DRAWINGS.PWT C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE2\ACWEBPUBLISH_FRAME1.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE2\ACWEBPUBLISH_FRAME2.HTM C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE2\ARRAY PLUS SUMMARY.PWT C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\TEMPLATE1\ARRAY OF THUMBNAILS.PWT C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_ARRAY_OF_THUMBNAILS.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_CONTENTS_TEXT.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_IMAGE_AND_IDROP.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_PAGE_DESCRIPTION.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_LIST_OF_DRAWINGS.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_PAGE_TITLE.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\ADSK_PTW_VALIDATE_VVIEW.JS C:\DOCUMENTS AND SETTINGS\FAMILY\LOCAL SETTINGS\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\TEMPLATE\PTWTEMPLATES\SUPPORT\XMSG_ADSK_PTW_ALL.JS C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\APPLE SAFARI.LNK C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\ITUNES.LNK C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\QUICKTIME PLAYER.LNK C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\WINDOWS LIVE MAIL.LNK C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}\ARPPRODUCTICON.EXE C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{A3875811-5A7F-42B8-94DB-C5ACAA5F7568}\INSTALLICON C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{A3875811-5A7F-42B8-94DB-C5ACAA5F7568}\LIVEUPDATEICON C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{A3875811-5A7F-42B8-94DB-C5ACAA5F7568}\PROKONICON C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{2BED518B-8B6C-42D4-BBEB-956DB143E55F}\ARPPRODUCTICON.EXE C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\MICROSOFT\INSTALLER\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}\ARPPRODUCTICON.EXE C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\SUPPORT\ACAD.PAT C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\SUPPORT\ACADISO.PAT C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\SUPPORT\MTEXTMAP.INI C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\SUPPORT\BIGFONT.INI C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\PLOTTERS\ADD-A-PLOTTER WIZARD.LNK C:\DOCUMENTS AND SETTINGS\FAMILY\APPLICATION DATA\AUTODESK\AUTOCAD 2007\R17.0\ENU\PLOT STYLES\ADD-A-PLOT STYLE TABLE WIZARD.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\03B9A9D6321B30783B70E61806989EC3_24ADF822-76F7-4481-B30B-FF1B40F8687F C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AD391678A806EC4D691E83AAA393B6F_24ADF822-76F7-4481-B30B-FF1B40F8687F C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\DSS\MACHINEKEYS\B2F2FB586FB7195F3EB44089B066F186_24ADF822-76F7-4481-B30B-FF1B40F8687F C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5091 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5096 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5097 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5102 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5100 C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\KASPERSKY LAB\AVP12\BASES\KLAVA\STRG5101 Options Scanning engines: Scanning options: Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR Use advanced heuristics
	to forum · permalink · 2011-12-08 06:49:09 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	OTL Let's get those opened for easier analysis OTL logfile created on: 12/7/2011 10:00:00 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\KHALID82\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.41 Gb Available Physical Memory \| 70.52% Memory free 3.84 Gb Paging File \| 3.12 Gb Available in Paging File \| 81.21% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 105.00 Gb Total Space \| 55.83 Gb Free Space \| 53.17% Space Free \| Partition Type: NTFS Drive F: \| 465.76 Gb Total Space \| 371.95 Gb Free Space \| 79.86% Space Free \| Partition Type: NTFS Computer Name: KHALID \| User Name: KHALID82 \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 360 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/12/04 21:42:21 \| 000,161,664 \| ---- \| M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2011/12/03 23:54:58 \| 000,584,192 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\KHALID82\Desktop\OTL.exe PRC - [2011/11/16 12:09:18 \| 002,996,784 \| ---- \| M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe PRC - [2011/08/12 03:38:07 \| 000,116,608 \| ---- \| M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011/04/24 23:15:02 \| 000,202,296 \| ---- \| M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2010/05/05 17:18:46 \| 000,148,280 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe PRC - [2010/05/05 17:18:43 \| 000,770,728 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe PRC - [2010/04/15 00:45:21 \| 000,598,696 \| ---- \| M] ( ) -- C:\WINDOWS\system32\lxeacoms.exe PRC - [2010/04/15 00:45:14 \| 000,193,192 \| ---- \| M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe PRC - [2010/03/18 11:19:26 \| 000,113,152 \| ---- \| M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/12/16 16:44:36 \| 003,750,400 \| ---- \| M] (SafeNet Inc.) -- C:\WINDOWS\system32\hasplms.exe PRC - [2009/09/23 13:38:18 \| 000,935,208 \| ---- \| M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009/09/08 17:25:52 \| 000,096,334 \| ---- \| M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2008/12/31 17:04:48 \| 000,942,960 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\system32\WGATray.exe PRC - [2008/07/11 21:24:44 \| 000,085,096 \| ---- \| M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe PRC - [2008/04/14 04:12:19 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006/09/29 12:48:06 \| 000,065,536 \| ---- \| M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe PRC - [2006/08/04 04:51:42 \| 001,032,192 \| ---- \| M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2005/04/27 14:59:24 \| 000,241,725 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/11/18 09:00:21 \| 003,313,752 \| ---- \| M] () -- c:\Program Files\Common Files\Akamai\netsession_win_d768ebc.dll MOD - [2011/10/14 08:47:06 \| 011,800,576 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll MOD - [2011/10/14 08:46:57 \| 000,771,584 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll MOD - [2011/10/14 08:46:46 \| 000,971,264 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll MOD - [2011/10/14 08:41:32 \| 000,025,600 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll MOD - [2011/10/14 06:14:51 \| 005,450,752 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll MOD - [2011/10/14 06:14:42 \| 012,430,848 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll MOD - [2011/10/14 06:14:28 \| 001,587,200 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll MOD - [2011/10/14 01:19:15 \| 007,950,848 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll MOD - [2011/10/14 01:19:07 \| 011,490,816 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll MOD - [2011/09/27 07:23:00 \| 000,087,912 \| ---- \| M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 07:22:40 \| 001,242,472 \| ---- \| M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/04/24 23:13:30 \| 007,008,656 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011/04/24 23:13:28 \| 000,192,912 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011/04/24 23:13:26 \| 001,270,160 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011/04/24 23:13:26 \| 000,758,160 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011/04/24 23:13:24 \| 002,118,032 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011/04/24 23:13:24 \| 002,089,360 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011/04/20 19:56:28 \| 000,025,088 \| ---- \| M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2011/02/04 17:48:30 \| 000,291,840 \| ---- \| M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2010/08/16 09:54:39 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010/08/16 09:54:38 \| 000,290,816 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3343.28200__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010/08/16 09:54:38 \| 000,204,800 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010/08/16 09:54:38 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3343.28213__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010/08/16 09:54:37 \| 001,728,512 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010/08/16 09:54:37 \| 000,364,544 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3343.28315__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2010/08/16 09:54:36 \| 000,692,224 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3343.28295__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2010/08/16 09:54:36 \| 000,077,824 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3343.28309__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010/08/16 09:54:36 \| 000,069,632 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3343.28281__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010/08/16 09:54:36 \| 000,036,864 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010/08/16 09:54:35 \| 000,491,520 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3343.28338__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010/08/16 09:54:34 \| 000,073,728 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3343.28213__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:33 \| 000,139,264 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3343.28339__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:33 \| 000,106,496 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3343.28229__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:33 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3343.28228__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2010/08/16 09:54:31 \| 000,364,544 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:31 \| 000,094,208 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3343.28289__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010/08/16 09:54:31 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3343.28288__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010/08/16 09:54:29 \| 000,172,032 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3343.28280__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:28 \| 000,049,152 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3343.28280__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll MOD - [2010/08/16 09:54:23 \| 000,405,504 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3343.28301__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010/08/16 09:54:22 \| 000,811,008 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3343.28265__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:22 \| 000,081,920 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010/08/16 09:54:21 \| 000,225,280 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:21 \| 000,126,976 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:20 \| 000,712,704 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3343.28215__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:20 \| 000,589,824 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3343.28230__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:20 \| 000,036,864 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3343.28278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010/08/16 09:54:19 \| 000,798,720 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3343.28310__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:19 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3343.28236__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010/08/16 09:54:18 \| 000,401,408 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3343.28280__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:18 \| 000,307,200 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3343.28237__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010/08/16 09:54:18 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3343.28279__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010/08/16 09:54:17 \| 000,065,536 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3343.28263__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010/08/16 09:54:16 \| 000,675,840 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3343.28282__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:16 \| 000,438,272 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010/08/16 09:54:15 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3343.28264__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010/08/16 09:54:14 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010/08/16 09:54:14 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010/08/16 09:54:14 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010/08/16 09:54:13 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010/08/16 09:54:13 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010/08/16 09:54:13 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010/08/16 09:54:13 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010/08/16 09:54:12 \| 000,007,168 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010/08/16 09:54:10 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010/08/16 09:54:10 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010/08/16 09:54:10 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2010/08/16 09:54:10 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010/08/16 09:54:10 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2010/08/16 09:54:10 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010/08/16 09:54:09 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010/08/16 09:54:09 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010/08/16 09:54:09 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010/08/16 09:54:08 \| 000,073,728 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010/08/16 09:54:08 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010/08/16 09:54:08 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010/08/16 09:54:08 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010/08/16 09:54:08 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010/08/16 09:54:07 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010/08/16 09:54:07 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010/08/16 09:54:07 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010/08/16 09:54:07 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010/08/16 09:54:06 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010/08/16 09:54:06 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2010/08/16 09:54:05 \| 000,053,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010/08/16 09:54:04 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.dll MOD - [2010/08/16 09:54:02 \| 000,053,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010/08/16 09:54:02 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010/08/16 09:54:01 \| 000,065,536 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010/08/16 09:54:01 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010/08/16 09:54:01 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010/08/16 09:54:01 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010/08/16 09:54:00 \| 000,049,152 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010/08/16 09:54:00 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010/08/16 09:54:00 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010/08/16 09:53:59 \| 000,053,248 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010/08/16 09:53:59 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010/08/16 09:53:59 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2010/08/16 09:53:58 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2010/08/16 09:53:58 \| 000,016,384 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010/08/16 09:53:57 \| 000,503,808 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3343.28368__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2010/08/16 09:53:56 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3343.28347__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010/08/16 09:53:56 \| 000,013,312 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2010/08/16 09:53:56 \| 000,007,168 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3343.28197__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010/08/16 09:53:55 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010/08/16 09:53:55 \| 000,014,848 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2010/08/16 09:53:54 \| 000,106,496 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3343.28330__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010/08/16 09:53:54 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010/08/16 09:53:53 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3343.28328__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010/08/16 09:53:53 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010/08/16 09:53:52 \| 000,405,504 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3343.28221__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010/08/16 09:53:52 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010/08/16 09:53:52 \| 000,024,576 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010/08/16 09:53:51 \| 000,544,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3343.28321__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010/08/16 09:53:51 \| 000,057,344 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3343.28199__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010/08/16 09:53:51 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010/08/16 09:53:50 \| 000,081,920 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3343.28198__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010/08/16 09:53:48 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010/08/16 09:53:46 \| 001,142,784 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3343.28207__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010/08/16 09:53:46 \| 000,040,960 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010/08/16 09:53:45 \| 000,028,672 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3343.28329__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010/08/16 09:53:45 \| 000,020,480 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010/08/16 09:53:44 \| 000,081,920 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3343.28199__90ba9c70f846762e\ATIDEMOS.dll MOD - [2010/08/16 09:53:44 \| 000,032,768 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010/08/16 09:53:43 \| 000,061,440 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3343.28198__90ba9c70f846762e\APM.Server.dll MOD - [2010/08/16 09:53:43 \| 000,045,056 \| ---- \| M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3343.28197__90ba9c70f846762e\AEM.Server.dll MOD - [2010/05/05 17:18:46 \| 000,148,280 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe MOD - [2010/05/05 17:18:43 \| 000,770,728 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe MOD - [2010/04/05 14:56:20 \| 000,094,359 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\epoemdll.dll MOD - [2010/04/05 14:56:19 \| 000,045,221 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\epstring.dll MOD - [2010/04/05 14:56:17 \| 002,203,803 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizres.dll MOD - [2010/04/05 14:56:07 \| 000,716,954 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\epwizard.dll MOD - [2010/04/05 14:55:15 \| 000,159,890 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\customui.dll MOD - [2010/04/05 14:55:04 \| 000,061,604 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\epfunct.dll MOD - [2010/04/05 14:54:59 \| 000,123,033 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\eputil.dll MOD - [2010/04/05 14:54:52 \| 000,143,502 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\imagutil.dll MOD - [2010/04/01 21:24:28 \| 001,159,168 \| ---- \| M] () -- C:\Program Files\Lexmark\S300-S400 Series\lxeadrs.dll MOD - [2010/04/01 21:24:28 \| 001,159,168 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeadrs.dll MOD - [2010/04/01 21:23:27 \| 000,389,120 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll MOD - [2010/02/05 22:27:45 \| 001,291,776 \| ---- \| M] () -- C:\WINDOWS\system32\quartz.dll MOD - [2009/12/16 15:42:12 \| 000,167,936 \| ---- \| M] () -- C:\Program Files\Lexmark\S300-S400 Series\lxeamicro.dll MOD - [2009/11/04 17:14:19 \| 000,157,696 \| ---- \| M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeadrpp.dll MOD - [2009/05/27 16:16:50 \| 000,192,512 \| ---- \| M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeadatr.dll MOD - [2009/04/07 23:25:27 \| 000,409,600 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\iptk.dll MOD - [2009/03/11 13:41:42 \| 000,049,152 \| ---- \| M] () -- C:\Program Files\OxelonMedia\menuext.dll MOD - [2009/03/10 09:43:49 \| 000,155,648 \| ---- \| M] () -- C:\Program Files\Lexmark\S300-S400 Series\lxeacaps.dll MOD - [2009/03/10 09:43:49 \| 000,155,648 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll MOD - [2009/03/02 18:25:47 \| 000,151,552 \| ---- \| M] () -- C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll MOD - [2009/02/20 12:48:43 \| 000,023,552 \| ---- \| M] () -- C:\WINDOWS\system32\LXEAsmr.dll MOD - [2009/02/20 12:48:03 \| 000,299,008 \| ---- \| M] () -- C:\WINDOWS\system32\LXEAsm.dll MOD - [2008/05/22 06:28:17 \| 000,389,120 \| ---- \| M] () -- C:\Program Files\Lexmark Toolbar\resource.dll MOD - [2008/05/22 06:27:17 \| 000,372,736 \| ---- \| M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll MOD - [2008/04/29 18:10:38 \| 000,685,336 \| ---- \| M] () -- C:\Program Files\Nitro PDF\Professional\N5ShellExtension.dll MOD - [2008/04/14 04:11:59 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/04/14 04:11:51 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2006/09/29 12:48:06 \| 000,065,536 \| ---- \| M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe MOD - [2006/08/04 04:52:00 \| 000,073,728 \| ---- \| M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll MOD - [2006/05/07 20:28:48 \| 000,057,451 \| ---- \| M] () -- C:\Program Files\ICQLite\ICQLiteShell.dll MOD - [2005/08/04 10:32:08 \| 000,125,440 \| ---- \| M] () -- C:\Program Files\WinRAR\RarExt.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/12/04 21:42:21 \| 000,161,664 \| ---- \| M] (Oracle Corporation) [Auto \| Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2011/11/18 09:00:21 \| 003,313,752 \| ---- \| M] () [Auto \| Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai) SRV - [2011/11/16 12:09:18 \| 002,996,784 \| ---- \| M] (Emsi Software GmbH) [Auto \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2011/08/12 03:38:07 \| 000,116,608 \| ---- \| M] (SUPERAntiSpyware.com) [Auto \| Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011/07/20 19:56:27 \| 001,044,816 \| ---- \| M] (Flexera Software, Inc.) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/13 22:09:22 \| 000,267,568 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2011/04/24 23:15:02 \| 000,202,296 \| ---- \| M] (Kaspersky Lab ZAO) [Auto \| Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2010/04/27 13:43:48 \| 000,611,840 \| ---- \| M] (Nokia) [On_Demand \| Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/04/15 00:45:21 \| 000,598,696 \| ---- \| M] ( ) [Auto \| Running] -- C:\WINDOWS\System32\lxeacoms.exe -- (lxea_device) SRV - [2010/04/15 00:45:14 \| 000,193,192 \| ---- \| M] () [Auto \| Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe -- (lxeaCATSCustConnectService) SRV - [2010/03/18 11:19:26 \| 000,113,152 \| ---- \| M] (ArcSoft Inc.) [Auto \| Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/12/16 16:44:36 \| 003,750,400 \| ---- \| M] (SafeNet Inc.) [Auto \| Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms) SRV - [2009/09/23 13:38:18 \| 000,935,208 \| ---- \| M] (Nero AG) [Auto \| Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/09/08 17:25:52 \| 000,096,334 \| ---- \| M] (Canon Inc.) [Auto \| Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2008/11/17 08:05:32 \| 000,195,752 \| ---- \| M] (CybelSoft) [On_Demand \| Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2008/07/11 21:24:44 \| 000,085,096 \| ---- \| M] (Autodesk) [Auto \| Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2008/06/05 23:41:12 \| 001,322,648 \| ---- \| M] (Autodesk, Inc.) [On_Demand \| Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service) SRV - [2008/02/11 11:58:00 \| 000,151,552 \| ---- \| M] () [On_Demand \| Stopped] -- C:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe -- (bepldr) SRV - [2007/01/25 21:31:34 \| 000,093,048 \| ---- \| M] (CACE Technologies) [On_Demand \| Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2006/09/29 12:48:06 \| 000,065,536 \| ---- \| M] () [Auto \| Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) SRV - [2005/04/27 14:59:24 \| 000,241,725 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/12/02 22:43:53 \| 000,565,552 \| ---- \| M] (Kaspersky Lab) [File_System \| System \| Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2011/11/02 10:13:12 \| 000,051,632 \| ---- \| M] (Emsi Software GmbH) [File_System \| On_Demand \| Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2011/07/22 20:27:02 \| 000,012,880 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/13 01:55:22 \| 000,067,664 \| ---- \| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011/05/19 13:10:34 \| 000,017,904 \| ---- \| M] (Emsi Software GmbH) [Kernel \| System \| Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA) DRV - [2011/03/04 13:23:20 \| 000,011,352 \| ---- \| M] (Kaspersky Lab ZAO) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2011/03/04 13:23:14 \| 000,133,208 \| ---- \| M] (Kaspersky Lab ZAO) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2010/11/26 18:02:54 \| 000,014,776 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV - [2010/10/29 10:14:44 \| 002,649,216 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2010/05/07 12:06:26 \| 000,032,856 \| ---- \| M] (Kaspersky Lab ZAO) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2010/02/26 14:32:58 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/02/26 14:32:46 \| 000,008,192 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/02/26 14:32:44 \| 000,022,528 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/02/26 14:32:44 \| 000,018,176 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/02/26 14:21:22 \| 000,137,344 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/02/26 14:21:22 \| 000,008,320 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010/02/11 16:02:15 \| 000,226,880 \| ---- \| M] (Microsoft Corporation) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009/11/02 20:27:24 \| 000,019,472 \| ---- \| M] (Kaspersky Lab) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009/08/20 07:01:50 \| 000,356,864 \| ---- \| M] (Aladdin Knowledge Systems Ltd.) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge) DRV - [2009/02/26 02:58:57 \| 003,565,568 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2008/11/17 08:06:38 \| 000,015,360 \| ---- \| M] (Ma-Config.com) [Kernel \| On_Demand \| Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2008/08/26 10:26:12 \| 000,018,816 \| ---- \| M] (Nokia) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008/07/13 21:10:44 \| 000,101,120 \| ---- \| M] (MagicISO, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus) DRV - [2008/05/10 18:03:04 \| 000,094,064 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm) DRV - [2008/05/10 18:03:04 \| 000,085,408 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM) DRV - [2008/05/10 18:03:04 \| 000,083,344 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex) DRV - [2008/05/10 18:03:04 \| 000,058,288 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM) DRV - [2008/05/10 18:03:04 \| 000,008,336 \| ---- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl) DRV - [2008/04/13 22:53:09 \| 000,040,320 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008/01/24 01:25:32 \| 000,027,136 \| ---- \| M] (The OpenVPN Project) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn) DRV - [2007/12/14 12:28:20 \| 001,270,872 \| ---- \| M] (IDT, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2007/09/13 20:41:28 \| 000,051,608 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2007/09/13 20:41:20 \| 000,014,744 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2007/09/13 20:40:54 \| 000,019,352 \| ---- \| M] (Logitech Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2007/01/25 21:31:34 \| 000,042,000 \| ---- \| M] (CACE Technologies) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2006/12/29 16:37:35 \| 000,223,128 \| ---- \| M] (DT Soft Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2006/12/29 16:32:36 \| 000,642,560 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2006/11/21 04:25:44 \| 000,045,568 \| R--- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006/11/15 00:16:24 \| 000,032,256 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006/11/14 19:42:46 \| 000,043,520 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/14 17:35:20 \| 000,037,376 \| ---- \| M] (REDC) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006/05/24 18:07:18 \| 000,328,237 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio) DRV - [2006/05/24 18:05:26 \| 000,023,271 \| ---- \| M] (Broadcom Corporation.) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL) DRV - [2006/05/24 18:04:04 \| 000,851,434 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2006/05/24 18:01:34 \| 000,030,427 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver) DRV - [2006/05/24 18:01:22 \| 000,030,285 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem) DRV - [2006/05/24 18:00:50 \| 000,066,488 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006/05/24 17:58:18 \| 000,148,900 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS) DRV - [2006/05/24 17:57:00 \| 000,045,683 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid) DRV - [2006/02/20 17:59:36 \| 000,083,344 \| R--- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex) DRV - [2006/02/20 17:59:34 \| 000,094,064 \| R--- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm) DRV - [2006/02/20 17:59:34 \| 000,085,408 \| R--- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) DRV - [2006/02/20 17:59:32 \| 000,008,336 \| R--- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl) DRV - [2006/02/20 17:59:28 \| 000,058,288 \| R--- \| M] (MCCI) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM) DRV - [2006/02/16 17:51:08 \| 000,004,096 \| R--- \| M] (SuperAdBlocker, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2006/01/10 21:07:58 \| 000,004,864 \| ---- \| M] (GTek Technologies Ltd.) [Kernel \| On_Demand \| Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2005/08/13 03:50:46 \| 000,016,128 \| ---- \| M] (Dell Inc) [Kernel \| System \| Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV) DRV - [2005/07/22 13:02:12 \| 001,035,008 \| ---- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005/07/22 13:01:08 \| 000,201,600 \| ---- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005/07/22 13:01:00 \| 000,717,952 \| ---- \| M] (Conexant Systems, Inc.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005/06/07 14:02:44 \| 000,061,376 \| ---- \| M] () [Kernel \| Auto \| Stopped] -- C:\WINDOWS\System32\drivers\hl_mull.SYS -- (hl_mull) DRV - [2004/02/14 02:46:00 \| 000,017,153 \| ---- \| M] (Dell Inc) [Kernel \| System \| Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci) DRV - [2004/01/31 20:14:32 \| 000,420,000 \| ---- \| M] () [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock) DRV - [2003/12/18 18:53:06 \| 000,047,616 \| ---- \| M] (Aladdin Knowledge Systems) [Kernel \| Auto \| Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt) DRV - [2001/06/21 21:39:02 \| 000,073,728 \| ---- \| M] (Rainbow Technologies, Inc.) [Kernel \| Auto \| Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel) DRV - [2001/06/21 21:39:02 \| 000,020,032 \| R--- \| M] (Rainbow Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:53:11 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	reply to archeng [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3061218 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3061218 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:myworld\|»www.google.com" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\KHALID82\Application Data\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\KHALID82\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011/12/02 23:28:12 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011/12/02 23:28:12 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011/12/02 23:28:11 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/28 15:36:02 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/22 03:35:18 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Extensions [2008/12/10 22:32:01 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241} [2010/02/22 03:35:18 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Extensions\IMVUClientXUL@imvu.com [2011/11/30 09:44:10 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions [2011/09/29 22:02:22 \| 000,000,000 \| ---D \| M] (Garmin Communicator) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2009/09/05 01:01:05 \| 000,000,000 \| ---D \| M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2008/12/12 19:33:36 \| 000,000,000 \| ---D \| M] ("I â™¥ Miro") -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{216ec66d-214a-43ea-92f0-5373f8405c88} [2008/08/06 00:20:35 \| 000,000,000 \| ---D \| M] (Me.dium) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{9d4d6c4a-1a93-4e99-9729-49084331babe} [2011/05/14 00:20:15 \| 000,000,000 \| ---D \| M] (BitComet Video Downloader) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010/01/09 12:59:05 \| 000,000,000 \| ---D \| M] (BitComet Video Downloader) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(2) [2010/01/10 15:33:55 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash [2008/11/21 11:50:55 \| 000,000,000 \| ---D \| M] ("Ma-config.com") -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66} [2008/08/06 23:55:24 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [2011/11/30 09:44:10 \| 000,000,000 \| ---D \| M] (BitDefender QuickScan) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2011/11/15 00:58:28 \| 000,000,000 \| ---D \| M] (Memory Fox) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2010/02/17 18:03:26 \| 000,000,000 \| ---D \| M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2011/10/15 01:06:25 \| 000,000,000 \| ---D \| M] (Microsoft Choice Guard) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\ChoiceGuard@Microsoft [2011/10/14 17:50:15 \| 000,000,000 \| ---D \| M] (SkipScreen) -- C:\Documents and Settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\extensions\SkipScreen@SkipScreen [2008/07/18 15:41:18 \| 000,002,105 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Application Data\Flock\Browser\Profiles\rgfzmp0q.default\searchplugins\youtube-video-search.xml [2011/12/04 21:43:20 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/12/04 21:42:52 \| 000,000,000 \| ---D \| M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} [2011/12/02 22:46:05 \| 000,000,000 \| ---D \| M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2011/12/02 22:46:01 \| 000,000,000 \| ---D \| M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2008/09/03 17:48:55 \| 000,000,000 \| ---D \| M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\KHALID82\APPLICATION DATA\FLOCK\BROWSER\PROFILES\RGFZMP0Q.DEFAULT\EXTENSIONS\MOZILLA_CC@INTERNETDOWNLOADMANAGER.COM [2011/11/21 08:04:51 \| 000,134,104 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/11/21 05:04:05 \| 000,002,252 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/11/21 05:04:05 \| 000,002,040 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = »www.google.com/search?q={searchT···f-8&aq=t CHR - default_search_provider: suggest_url = »suggestqueries.google.com/comple···chTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\KHALID82\Application Data\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\KHALID82\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Abacast v1.62 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPAbacheck.dll CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.5.7_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Poppit = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ Hosts file not found O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 ) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {AE40EBA0-2D49-48C9-BA8D-E9F046240F5F} - No CLSID value found. O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark S300-S400 Series\ezprint.exe () O4 - HKLM..\Run: [lxeamon.exe] C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: Search the Web - Reg Error: Value error. File not found O8 - Extra context menu item: Translate with &Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.) O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.) O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} »download.eset.com/special/eos/On···nner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} »java.sun.com/update/1.7.0/jinsta···i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} »fpdownload.macromedia.com/get/fl···shim.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} »java.sun.com/update/1.7.0/jinsta···i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} »java.sun.com/update/1.7.0/jinsta···i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} »download.abacast.com/download/fi···p163.cab (Reg Error: Value error.) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6075958-C0C3-4FAF-ADEE-ED31E94F27A8}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O24 - Desktop Components:0 () - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Dell.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/07/20 09:11:27 \| 000,000,000 \| ---D \| M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2005/08/16 14:43:04 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2007/07/04 01:03:25 \| 000,002,640 \| ---- \| M] () - C:\autorun.PNF -- [ NTFS ] O32 - AutoRun File - [2011/10/29 12:08:59 \| 000,000,000 \| ---D \| M] - F:\AutoCAD2009 -- [ NTFS ] O32 - AutoRun File - [2011/07/19 14:58:09 \| 007,974,616 \| ---- \| M] () - F:\autocad_structural_detailing_2012_brochure.pdf -- [ NTFS ] O32 - AutoRun File - [2011/10/11 14:10:39 \| 000,000,000 \| ---D \| M] - F:\AUTODESK QUANTITY TAKEOFF -- [ NTFS ] O32 - AutoRun File - [2011/10/16 15:42:28 \| 000,000,000 \| ---D \| M] - F:\AUTODESK ROBOT 2010 -- [ NTFS ] O32 - AutoRun File - [2011/10/11 14:22:54 \| 000,000,000 \| ---D \| M] - F:\AUTODESK.REVIT.STRUCTURE.V2012-ISO -- [ NTFS ] O32 - AutoRun File - [2011/07/19 14:57:43 \| 007,566,661 \| ---- \| M] () - F:\autodesk_revit_structure_2012_overview_brochure_us.pdf -- [ NTFS ] O32 - Unable to obtain root file information for disk F:\ O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color] [2011/12/07 17:36:45 \| 000,446,464 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\KHALID82\Desktop\TFC.exe [2011/12/06 20:12:14 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\KHALID82\Recent [2011/12/04 21:43:52 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\Sun [2011/12/04 21:42:45 \| 000,214,408 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/04 21:42:45 \| 000,173,960 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/04 21:42:45 \| 000,173,960 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/04 21:42:45 \| 000,128,000 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/03 23:54:40 \| 000,584,192 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\KHALID82\Desktop\OTL.exe [2011/12/03 22:15:22 \| 000,000,000 \| ---D \| C] -- C:\MGtools [2011/12/03 21:10:04 \| 000,472,064 \| ---- \| C] ( ) -- C:\Documents and Settings\KHALID82\Desktop\RootRepeal.exe [2011/12/03 21:09:11 \| 000,000,000 \| -HSD \| C] -- C:\RECYCLER [2011/12/03 18:50:43 \| 000,000,000 \| RHSD \| C] -- C:\cmdcons [2011/12/03 18:45:28 \| 000,518,144 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/12/03 18:45:28 \| 000,406,528 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/12/03 18:45:28 \| 000,212,480 \| ---- \| C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/12/03 18:45:28 \| 000,060,416 \| ---- \| C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/12/03 18:41:55 \| 000,000,000 \| ---D \| C] -- C:\Qoobox [2011/12/03 18:41:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Favorites [2011/12/03 14:33:20 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware [2011/12/03 14:32:53 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup [2011/12/03 09:25:32 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft Anti-Malware [2011/12/03 09:25:08 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\My Documents\Anti-Malware [2011/12/03 08:58:56 \| 004,326,308 \| R--- \| C] (Swearware) -- C:\Documents and Settings\KHALID82\Desktop\ComboFix.exe [2011/12/03 06:14:51 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2011/12/02 22:46:05 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kaspersky Internet Security 2012 [2011/12/02 22:44:31 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Kaspersky Lab [2011/11/30 18:45:01 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ESET [2011/11/30 11:29:59 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\f-secure [2011/11/30 11:29:34 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2011/11/30 09:44:32 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\QuickScan [2011/11/28 15:36:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\Mozilla [2011/11/28 15:35:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2011/11/20 00:03:12 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\1 [2011/11/19 23:02:30 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Start Menu\Programs\SHAE [2011/11/19 23:02:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files\McGraw-Hill [2011/11/19 23:02:12 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat [2011/11/19 23:02:09 \| 000,000,000 \| ---D \| C] -- C:\Acrobat3 [2011/11/18 18:35:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\ElevatedDiagnostics [2011/11/18 18:29:27 \| 000,000,000 \| ---D \| C] -- C:\MATS [2011/11/18 18:21:18 \| 000,347,920 \| ---- \| C] (Microsoft Corporation) -- C:\Documents and Settings\KHALID82\Desktop\MicrosoftFixit.ProgramInstallUninstall.Run.exe [2011/11/17 22:49:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2011/11/17 22:45:05 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe [2011/11/17 22:45:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Adobe Media Player [2011/11/17 21:45:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\Recorded TV [2011/11/16 23:57:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSXML 6.0 [2011/11/16 21:41:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\CSC TEDDS v.12 [2011/11/16 18:48:37 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\AdobeDreamweaver11.Absba.org [2011/11/16 18:45:21 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\microsoft [2011/11/16 18:42:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime [2011/11/16 18:32:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2011/11/16 18:30:50 \| 000,000,000 \| ---D \| C] -- C:\Program Files\iPod [2011/11/16 18:30:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files\iTunes [2011/11/16 18:21:30 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Templates [2011/11/15 18:40:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files\jv16 PowerTools 2011 [2011/11/15 15:49:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth [2011/11/15 00:54:25 \| 000,476,064 \| ---- \| C] (SpeedyFox) -- C:\Documents and Settings\KHALID82\Desktop\speedyfox.exe [2011/11/14 21:44:43 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RISADemo [2011/11/14 21:44:41 \| 000,000,000 \| ---D \| C] -- C:\RISADemo [2011/11/12 11:24:44 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\IBRAHIM ALHARTHI [2011/11/10 10:49:22 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\Akamai [2011/11/04 00:16:56 \| 000,025,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2011/11/04 00:15:03 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Lx_cats [2011/11/03 23:36:43 \| 000,442,368 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeacoin.dll [2011/11/03 23:36:25 \| 000,983,121 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\lxk_gf.dll [2011/11/03 23:35:46 \| 000,087,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll [2011/11/03 23:35:46 \| 000,087,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll [2011/11/03 23:35:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ABBYY FineReader 6.0 Sprint [2011/11/03 23:34:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint [2011/11/03 23:33:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Lexmark Tools for Office [2011/11/03 23:33:42 \| 000,372,736 \| ---- \| C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEAwupd.dll [2011/11/03 23:33:42 \| 000,213,672 \| ---- \| C] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LXEAwupd.exe [2011/11/03 23:33:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Lexmark [2011/11/03 23:32:39 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Lexmark Toolbar [2011/11/03 23:32:28 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark [2011/11/03 23:32:25 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Lexmark Printable Web [2011/11/03 23:32:03 \| 000,364,544 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeainpa.dll [2011/11/03 23:32:03 \| 000,356,352 \| ---- \| C] ( ) -- C:\WINDOWS\System32\LXEAhcp.dll [2011/11/03 23:32:03 \| 000,344,064 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeaiesc.dll [2011/11/03 23:32:02 \| 001,048,576 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeaserv.dll [2011/11/03 23:32:02 \| 000,847,872 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeausb1.dll [2011/11/03 23:32:01 \| 000,643,072 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeapmui.dll [2011/11/03 23:32:01 \| 000,577,536 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxealmpm.dll [2011/11/03 23:31:59 \| 000,688,128 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeahbn3.dll [2011/11/03 23:31:59 \| 000,324,264 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeaih.exe [2011/11/03 23:31:58 \| 000,598,696 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeacoms.exe [2011/11/03 23:31:57 \| 000,802,816 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeacomc.dll [2011/11/03 23:31:57 \| 000,373,416 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeacfg.exe [2011/11/03 23:31:57 \| 000,372,736 \| ---- \| C] ( ) -- C:\WINDOWS\System32\lxeacomm.dll [2011/11/03 23:31:56 \| 000,086,186 \| ---- \| C] (Lexmark International) -- C:\WINDOWS\System32\LXEAcfg.dll [2011/11/03 23:28:38 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Lexmark S300-S400 Series [2011/10/30 22:54:24 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Yuna Software [2011/10/29 20:25:40 \| 000,000,000 \| ---D \| C] -- C:\SWSetup [2011/10/29 01:55:52 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\ORION PROJECTS [2011/10/29 00:14:55 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Desktop\PROKON [2011/10/27 16:17:14 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Tracker Software [2011/10/27 14:27:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\inkscape [2011/10/27 14:20:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Inkscape [2011/10/27 13:26:14 \| 035,746,429 \| ---- \| C] (inkscape.org) -- C:\Documents and Settings\KHALID82\Desktop\Inkscape-0.48.2-1-win32.exe [2011/10/24 14:29:02 \| 000,094,208 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2011/10/24 14:29:02 \| 000,069,632 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2011/10/24 07:35:39 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\Threat Expert [2011/10/23 11:50:02 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Symantec Shared [2011/10/23 11:49:07 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Norton [2011/10/23 11:49:00 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2011/10/23 10:17:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\AVAST Software [2011/10/23 10:17:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/10/23 06:07:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\PC Tools [2011/10/23 06:01:01 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\PC Tools [2011/10/22 00:25:37 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft [2011/10/21 16:46:04 \| 000,527,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2011/10/21 16:46:04 \| 000,074,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2011/10/21 16:46:03 \| 000,239,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2011/10/21 16:46:02 \| 002,106,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2011/10/21 16:46:02 \| 001,868,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2011/10/21 16:46:01 \| 000,248,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2011/10/21 16:46:00 \| 000,470,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2011/10/21 16:45:59 \| 001,998,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2011/10/21 15:07:06 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer [2011/10/15 22:24:10 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\STAAD.Pro v8i [2011/10/15 22:23:07 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\RAM Common [2011/10/15 22:21:57 \| 000,000,000 \| ---D \| C] -- C:\Program Files\VectorDraw [2011/10/15 22:21:57 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Bentley [2011/10/15 22:21:48 \| 000,000,000 \| ---D \| C] -- C:\SPro2007 [2011/10/15 09:54:35 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011/10/15 09:50:00 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer [2011/10/15 01:53:52 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Panda Security [2011/10/15 01:02:06 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Live SkyDrive [2011/10/13 16:02:02 \| 000,000,000 \| ---D \| C] -- C:\2ed6fb110415dde8396714f1a674ea [2011/10/11 20:42:06 \| 007,501,472 \| ---- \| C] (Igor Pavlov) -- C:\Documents and Settings\KHALID82\Desktop\WebUpdater_254.exe [2011/10/09 20:47:31 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth [2011/10/09 18:42:50 \| 000,000,000 \| ---D \| C] -- C:\found.000 [2011/09/29 22:07:10 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\Garmin [2011/09/29 01:02:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\My Documents\Messenger Plus [2011/09/19 06:20:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\iVocalize Web Conference 4 [2011/09/18 19:40:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\ZoomBrowser EX [2011/09/18 19:26:00 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\Canon MyCameraFiles [2011/09/18 19:24:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities [2011/09/18 19:24:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Canon [2011/09/18 19:23:11 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Canon [2011/09/16 22:54:23 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Broadcom [2011/09/03 14:17:37 \| 000,599,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/08/30 23:05:04 \| 000,178,536 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\dnssdX.dll [2011/08/30 23:05:04 \| 000,083,816 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe [2011/08/30 23:05:04 \| 000,073,064 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll [2011/08/30 23:05:04 \| 000,050,536 \| ---- \| C] (Apple Inc.) -- C:\WINDOWS\System32\jdns_sd.dll [2011/08/26 14:59:24 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\My Documents\Autodesk Revit Structure 2010 [2011/08/26 14:54:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Autodesk Revit Structure 2010 [2011/08/16 22:08:50 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger [2011/08/03 22:12:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\DDMSettings [2011/08/03 19:42:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus [2011/08/03 19:41:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\DivX Shared [2011/08/03 19:26:24 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\DivX [2011/08/03 18:43:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\xing shared [2011/08/03 18:42:37 \| 000,006,656 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/08/03 18:42:37 \| 000,005,632 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/08/03 18:42:36 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real [2011/08/03 18:42:27 \| 000,000,000 \| ---D \| C] -- C:\Program Files\real [2011/08/03 18:31:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Sun [2011/08/03 18:30:36 \| 000,544,656 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2011/08/03 18:24:58 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Adobe [2011/07/23 00:51:50 \| 000,094,208 \| ---- \| C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll [2011/07/20 22:16:18 \| 000,414,368 \| ---- \| C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/07/20 19:56:46 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\My Documents\Revit Structure 2012 [2011/07/20 18:54:25 \| 000,000,000 \| ---D \| C] -- C:\ProgramData [2011/07/20 18:51:11 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\My Documents\Visual Studio 2008 [2011/07/20 18:48:37 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft SDKs [2011/07/20 18:48:33 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2011/07/20 18:47:35 \| 000,528,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2011/07/20 18:47:35 \| 000,074,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2011/07/20 18:47:34 \| 000,238,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2011/07/20 18:47:33 \| 000,022,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2011/07/20 18:47:32 \| 000,515,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2011/07/20 18:47:31 \| 000,238,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2011/07/20 18:47:30 \| 001,974,616 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2011/07/20 18:47:29 \| 005,501,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2011/07/20 18:47:28 \| 000,235,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2011/07/20 18:47:27 \| 000,453,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2011/07/20 18:47:26 \| 001,892,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2011/07/20 18:47:25 \| 001,846,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2011/07/20 18:47:25 \| 000,453,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2011/07/20 18:47:24 \| 004,178,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2011/07/20 18:47:23 \| 000,069,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2011/07/20 18:47:22 \| 000,517,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2011/07/20 18:47:22 \| 000,235,352 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2011/07/20 18:47:21 \| 000,022,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2011/07/20 18:47:20 \| 002,036,576 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2011/07/20 18:47:20 \| 000,452,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2011/07/20 18:47:19 \| 004,379,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2011/07/20 18:47:17 \| 000,514,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2011/07/20 18:47:17 \| 000,070,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2011/07/20 18:47:16 \| 000,235,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2011/07/20 18:47:15 \| 000,023,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2011/07/20 18:47:14 \| 000,509,448 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2011/07/20 18:47:14 \| 000,068,616 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2011/07/20 18:47:13 \| 000,238,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2011/07/20 18:47:12 \| 001,493,528 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2011/07/20 18:47:12 \| 000,467,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2011/07/20 18:47:11 \| 003,851,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2011/07/20 18:47:09 \| 000,507,400 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2011/07/20 18:47:09 \| 000,065,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2011/07/20 18:47:07 \| 000,238,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2011/07/20 18:47:07 \| 000,025,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2011/07/20 18:47:06 \| 001,491,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2011/07/20 18:47:06 \| 000,467,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2011/07/20 18:47:04 \| 003,850,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2011/07/20 18:47:03 \| 000,479,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2011/07/20 18:47:02 \| 000,238,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2011/07/20 18:47:01 \| 000,025,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2011/07/20 18:47:00 \| 003,786,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2011/07/20 18:47:00 \| 001,420,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2011/07/20 18:47:00 \| 000,462,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2011/07/20 18:46:58 \| 000,267,272 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2011/07/20 18:46:57 \| 001,374,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2011/07/20 18:46:57 \| 000,444,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2011/07/20 18:46:56 \| 003,734,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2011/07/20 18:46:54 \| 000,267,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2011/07/20 18:46:53 \| 001,358,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2011/07/20 18:46:53 \| 000,444,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2011/07/20 18:46:51 \| 000,266,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2011/07/20 18:46:50 \| 000,017,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2011/07/20 18:46:49 \| 001,124,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2011/07/20 18:46:49 \| 000,443,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2011/07/20 18:45:20 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Logs [2011/07/19 19:23:32 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Akamai [2011/07/05 21:30:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Clearblue [2011/07/05 21:30:46 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Clearblue [2011/05/29 23:43:18 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Start Menu\Programs\Google Chrome [2011/05/27 14:28:28 \| 000,222,080 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe [2011/04/24 23:13:10 \| 000,229,776 \| ---- \| C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\klogon.dll [2011/04/21 10:08:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Ovulation Calendar -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:53:53 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	[2011/04/19 23:19:54 \| 000,353,592 \| ---- \| C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl [2011/04/06 08:38:44 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\BitComet [2011/03/09 01:01:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\KHALID82\Application Data\FLEXnet [2011/03/09 01:01:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2011/03/09 01:00:42 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\Orion 16 [2011/03/09 01:00:41 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\PBOrion [2011/03/09 01:00:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Corporation [2011/03/09 00:59:40 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Aladdin Shared [2011/03/09 00:59:38 \| 003,750,400 \| ---- \| C] (SafeNet Inc.) -- C:\WINDOWS\System32\hasplms.exe [2011/03/09 00:59:38 \| 003,750,400 \| ---- \| C] (SafeNet Inc.) -- C:\WINDOWS\System32\aksllmtp.exe [2011/03/09 00:59:37 \| 000,356,864 \| ---- \| C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\drivers\aksfridge.sys [2011/03/09 00:58:02 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Macrovision [2011/03/04 13:23:20 \| 000,011,352 \| ---- \| C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl2.sys [2011/03/04 13:23:14 \| 000,133,208 \| ---- \| C] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl1.sys [2011/03/02 01:32:34 \| 002,682,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcredist_x86.exe [2011/02/18 22:38:46 \| 000,293,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2011/02/17 13:47:09 \| 000,000,000 \| ---D \| C] -- C:\Program Files\FreeApps [2011/02/17 13:46:53 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\FreeApp [2011/02/17 13:45:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Defrag 2 [2011/01/08 07:17:16 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Freecorder [2011/01/07 15:39:22 \| 004,368,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100u.dll [2011/01/07 15:39:22 \| 004,342,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100.dll [2011/01/07 15:39:22 \| 000,768,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll [2011/01/07 15:39:22 \| 000,421,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll [2011/01/07 15:39:22 \| 000,137,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl100.dll [2011/01/07 15:39:22 \| 000,080,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100u.dll [2011/01/07 15:39:22 \| 000,080,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100.dll [2011/01/07 15:39:22 \| 000,064,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100fra.dll [2011/01/07 15:39:22 \| 000,064,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100deu.dll [2011/01/07 15:39:22 \| 000,063,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100esn.dll [2011/01/07 15:39:22 \| 000,062,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100ita.dll [2011/01/07 15:39:22 \| 000,060,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100rus.dll [2011/01/07 15:39:22 \| 000,055,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100enu.dll [2011/01/07 15:39:22 \| 000,051,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcomp100.dll [2011/01/07 15:39:22 \| 000,043,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100jpn.dll [2011/01/07 15:39:22 \| 000,043,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100kor.dll [2011/01/07 15:39:22 \| 000,036,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100cht.dll [2011/01/07 15:39:22 \| 000,036,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100chs.dll [2010/12/25 23:30:02 \| 000,007,552 \| ---- \| C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys [2010/12/20 21:32:15 \| 000,551,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll [color=#E56717]========== Files - Modified Within 360 Days ==========[/color] [2011/12/07 22:05:00 \| 000,000,990 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1605582275-3857380357-824892274-1009UA.job [2011/12/07 21:58:11 \| 000,879,649 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\SecurityCheck.exe [2011/12/07 21:57:24 \| 000,000,428 \| -H-- \| M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0ABCA13D-15FD-410C-B075-C625424017B3}.job [2011/12/07 21:45:01 \| 000,000,890 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/12/07 20:14:06 \| 000,000,580 \| -H-- \| M] () -- C:\WINDOWS\tasks\DataUpload.job [2011/12/07 19:47:03 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2011/12/07 18:45:04 \| 000,000,886 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/12/07 17:48:19 \| 000,000,264 \| ---- \| M] () -- C:\WINDOWS\tasks\OGALogon.job [2011/12/07 17:45:16 \| 000,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1605582275-3857380357-824892274-1009.job [2011/12/07 17:45:07 \| 000,000,616 \| -H-- \| M] () -- C:\WINDOWS\tasks\ConfigExec.job [2011/12/07 17:44:37 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2011/12/07 17:44:30 \| 2145,845,248 \| -HS- \| M] () -- C:\hiberfil.sys [2011/12/07 17:38:25 \| 000,446,464 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\KHALID82\Desktop\TFC.exe [2011/12/07 02:00:00 \| 000,000,348 \| ---- \| M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KHALID-KHALID82.job [2011/12/07 01:40:19 \| 002,428,524 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\mgtools.exe [2011/12/05 00:05:00 \| 000,000,938 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1605582275-3857380357-824892274-1009Core.job [2011/12/04 21:42:21 \| 000,544,656 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2011/12/04 21:42:21 \| 000,214,408 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2011/12/04 21:42:21 \| 000,173,960 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2011/12/04 21:42:21 \| 000,173,960 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2011/12/04 21:42:21 \| 000,128,000 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2011/12/03 23:54:58 \| 000,584,192 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\KHALID82\Desktop\OTL.exe [2011/12/03 23:27:35 \| 000,000,325 \| RHS- \| M] () -- C:\boot.ini [2011/12/03 22:22:20 \| 000,293,178 \| ---- \| M] () -- C:\MGlogs.zip [2011/12/03 21:10:11 \| 000,000,000 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\settings.dat [2011/12/03 21:09:56 \| 000,465,298 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\RootRepeal.rar [2011/12/03 18:44:34 \| 004,326,308 \| R--- \| M] (Swearware) -- C:\Documents and Settings\KHALID82\Desktop\ComboFix.exe [2011/12/03 14:33:21 \| 000,001,678 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011/12/03 09:25:32 \| 000,000,784 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk [2011/12/03 09:25:32 \| 000,000,766 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk [2011/12/03 06:20:37 \| 000,000,209 \| ---- \| M] () -- C:\Boot.bak [2011/12/02 23:28:01 \| 000,115,369 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\klin.dat [2011/12/02 23:28:01 \| 000,097,961 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\klick.dat [2011/12/02 22:52:03 \| 000,017,408 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\WebpageIcons.db [2011/12/02 22:43:53 \| 000,565,552 \| ---- \| M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2011/11/30 18:52:09 \| 000,001,734 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\HijackThis.lnk [2011/11/30 14:15:23 \| 000,000,264 \| ---- \| M] () -- C:\WINDOWS\tasks\OGADaily.job [2011/11/30 12:57:37 \| 000,000,284 \| ---- \| M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/11/30 09:59:02 \| 005,750,240 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\bd_securityscan.exe [2011/11/30 09:58:10 \| 001,239,109 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\BDUSBImmunizer1.zip [2011/11/30 09:38:11 \| 000,414,368 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/11/30 02:56:54 \| 000,713,006 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\census.cache [2011/11/30 02:55:52 \| 000,294,803 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\ars.cache [2011/11/28 15:36:05 \| 000,000,742 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/11/28 15:36:05 \| 000,000,724 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/11/28 15:31:44 \| 000,000,652 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Start Tedds.lnk [2011/11/27 23:05:31 \| 000,001,854 \| ---- \| M] () -- C:\WINDOWS\ACROREAD.INI [2011/11/22 23:08:07 \| 000,000,488 \| ---- \| M] () -- C:\WINDOWS\System32\lsprst7.tgz [2011/11/22 23:08:07 \| 000,000,087 \| ---- \| M] () -- C:\WINDOWS\System32\ssprs.tgz [2011/11/22 23:08:07 \| 000,000,016 \| -H-- \| M] () -- C:\WINDOWS\System32\servdat.slm [2011/11/20 00:04:06 \| 000,001,383 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\SHAE.lnk [2011/11/19 22:53:37 \| 000,000,041 \| ---- \| M] () -- C:\WINDOWS\CUSTDATA.INI [2011/11/19 17:17:28 \| 000,001,486 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\MagicISO.lnk [2011/11/19 17:06:10 \| 000,002,309 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\Google Chrome.lnk [2011/11/18 18:21:17 \| 000,347,920 \| ---- \| M] (Microsoft Corporation) -- C:\Documents and Settings\KHALID82\Desktop\MicrosoftFixit.ProgramInstallUninstall.Run.exe [2011/11/18 17:32:50 \| 000,000,664 \| ---- \| M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/11/18 09:28:08 \| 000,002,684 \| ---- \| M] () -- C:\WINDOWS\System32\config.nt [2011/11/17 23:02:01 \| 000,000,872 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\Shortcut to Dreamweaver.lnk [2011/11/17 12:05:32 \| 001,563,160 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\TEDDS Quick Start Guide (NA).pdf [2011/11/16 18:32:56 \| 000,001,542 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2011/11/15 19:00:58 \| 000,000,784 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011/11/15 18:43:13 \| 000,000,022 \| -HS- \| M] () -- C:\WINDOWS\System5537 Data.Repository [2011/11/15 18:43:13 \| 000,000,022 \| -HS- \| M] () -- C:\Documents and Settings\KHALID82\Application Data\Sys2662.Config.Repository.bin [2011/11/15 15:49:39 \| 000,001,915 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/15 00:54:25 \| 000,476,064 \| ---- \| M] (SpeedyFox) -- C:\Documents and Settings\KHALID82\Desktop\speedyfox.exe [2011/11/14 23:07:16 \| 000,014,106 \| ---- \| M] () -- C:\WINDOWS\StaadPro20070.ini [2011/11/14 21:44:43 \| 000,001,199 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\RISAFloor 5.1 Demo.lnk [2011/11/14 21:41:47 \| 007,363,936 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\Design of Post Tensioned slabs 27-12-2010.pdf [2011/11/11 13:53:01 \| 000,000,292 \| ---- \| M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1605582275-3857380357-824892274-1009.job [2011/11/10 09:48:28 \| 000,539,960 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2011/11/10 09:48:28 \| 000,102,740 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2011/11/05 11:22:37 \| 001,719,440 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/11/04 14:59:28 \| 000,579,852 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\How to design a good API.pdf [2011/11/04 14:59:21 \| 001,368,308 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\api_design.pdf [2011/11/04 14:57:18 \| 000,052,484 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\x-mashups-pdf.pdf [2011/11/04 09:33:53 \| 000,038,310 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\henna.jpg [2011/11/04 01:07:20 \| 000,000,682 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2011/11/03 23:37:33 \| 000,198,632 \| ---- \| M] () -- C:\WINDOWS\System32\LexFiles.ulf [2011/11/03 23:33:08 \| 000,000,814 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK [2011/10/30 17:09:13 \| 000,244,034 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\قانون القضاء العسكري.pdf [2011/10/30 01:35:38 \| 000,344,172 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\codes.pdf..pdf [2011/10/30 01:33:56 \| 000,204,093 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\p_delta.pdf..pdf [2011/10/28 22:44:54 \| 000,000,116 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2011/10/28 22:43:44 \| 000,000,124 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Application Data\default.rss [2011/10/27 16:17:27 \| 000,000,866 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\PDF-Viewer.lnk [2011/10/27 16:16:09 \| 000,290,248 \| ---- \| M] () -- C:\WINDOWS\ETABS9.2.0chg.tb2 [2011/10/27 16:02:16 \| 000,001,803 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\ETABS.lnk [2011/10/27 15:55:02 \| 000,000,719 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Orion 16.lnk [2011/10/27 14:32:16 \| 000,000,218 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\.recently-used.xbel [2011/10/27 13:40:08 \| 035,746,429 \| ---- \| M] (inkscape.org) -- C:\Documents and Settings\KHALID82\Desktop\Inkscape-0.48.2-1-win32.exe [2011/10/27 12:26:45 \| 000,173,143 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\toyota camry 2007 maintainance guide.pdf [2011/10/25 11:51:42 \| 000,015,182 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\لق.jpg [2011/10/24 14:29:02 \| 000,094,208 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2011/10/24 14:29:02 \| 000,069,632 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2011/10/24 10:09:03 \| 000,248,397 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\AC69~1.pdf [2011/10/23 06:08:32 \| 000,600,278 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Cat.DB [2011/10/23 01:26:54 \| 000,000,720 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk [2011/10/21 15:40:19 \| 000,001,945 \| ---- \| M] () -- C:\WINDOWS\epplauncher.mif [2011/10/19 07:43:34 \| 001,468,596 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\tuhfat-alabrar-qnubi.pdf [2011/10/15 22:25:24 \| 000,458,752 \| ---- \| M] () -- C:\WINDOWS\System32\LiveUpdate.dll [2011/10/15 22:25:24 \| 000,006,534 \| ---- \| M] () -- C:\WINDOWS\System32\WinGPDrv.dat [2011/10/15 22:25:23 \| 001,290,240 \| ---- \| M] (Research Engineers International) -- C:\WINDOWS\System32\NGWinSys.dll [2011/10/15 22:25:23 \| 000,708,608 \| ---- \| M] (Research Engineers) -- C:\WINDOWS\System32\Resecure60.dll [2011/10/15 22:25:23 \| 000,006,532 \| ---- \| M] () -- C:\WINDOWS\System32\NGWinDrv.dat [2011/10/15 22:25:20 \| 000,000,219 \| ---- \| M] () -- C:\WINDOWS\System32\us9mj4j.tgz [2011/10/15 22:25:18 \| 000,000,115 \| ---- \| M] () -- C:\WINDOWS\System32\prsgrc.tgz [2011/10/15 22:24:43 \| 000,001,025 \| ---- \| M] () -- C:\WINDOWS\System32\vn8yhc1.tgz [2011/10/15 22:24:43 \| 000,001,025 \| ---- \| M] () -- C:\WINDOWS\System32\vn8yhc1.dll [2011/10/15 22:23:42 \| 000,000,570 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\STAAD.Pro V8i.lnk [2011/10/15 00:07:43 \| 017,340,913 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\How Buildings Work - The Natural Order of Architecture.pdf [2011/10/11 20:42:52 \| 007,501,472 \| ---- \| M] (Igor Pavlov) -- C:\Documents and Settings\KHALID82\Desktop\WebUpdater_254.exe [2011/10/11 18:50:39 \| 000,747,585 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\قانون الجزاء ال.zip [2011/10/10 18:22:41 \| 000,692,736 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2011/10/09 20:48:11 \| 000,159,744 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/10/09 20:48:11 \| 000,027,806 \| -H-- \| M] () -- C:\Documents and Settings\KHALID82\Desktop\$$JetTHM$$.cache [2011/10/03 12:35:11 \| 005,971,456 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2011/09/28 11:06:50 \| 000,599,040 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/28 00:57:02 \| 000,000,600 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\PUTTY.RND [2011/09/27 00:07:17 \| 000,000,036 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\housecall.guid.cache [2011/09/26 11:41:20 \| 000,611,328 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll [2011/09/26 11:41:20 \| 000,220,160 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll [2011/09/26 11:41:14 \| 000,020,480 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll [2011/09/26 11:41:14 \| 000,020,480 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll [2011/09/16 21:37:02 \| 000,022,729 \| ---- \| M] () -- C:\newkey [2011/09/16 21:37:02 \| 000,022,729 \| ---- \| M] () -- C:\newfile.enc [2011/09/06 17:20:51 \| 001,858,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2011/09/06 17:20:51 \| 001,858,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2011/08/31 17:00:50 \| 000,022,216 \| ---- \| M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/08/30 23:05:04 \| 000,178,536 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\dnssdX.dll [2011/08/30 23:05:04 \| 000,083,816 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe [2011/08/30 23:05:04 \| 000,073,064 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll [2011/08/30 23:05:04 \| 000,050,536 \| ---- \| M] (Apple Inc.) -- C:\WINDOWS\System32\jdns_sd.dll [2011/08/30 01:34:04 \| 001,441,792 \| ---- \| M] () -- C:\WINDOWS\System32\bmchat.ocx [2011/08/26 14:58:50 \| 000,001,874 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Revit Structure 2010.lnk [2011/08/23 17:48:56 \| 011,081,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2011/08/23 03:48:55 \| 001,212,416 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2011/08/23 03:48:55 \| 000,916,480 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2011/08/23 03:48:55 \| 000,611,840 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2011/08/23 03:48:55 \| 000,611,840 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2011/08/23 03:48:55 \| 000,602,112 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2011/08/23 03:48:55 \| 000,602,112 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2011/08/23 03:48:55 \| 000,206,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2011/08/23 03:48:55 \| 000,105,984 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2011/08/23 03:48:55 \| 000,105,984 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2011/08/23 03:48:55 \| 000,066,560 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2011/08/23 03:48:55 \| 000,055,296 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2011/08/23 03:48:55 \| 000,055,296 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2011/08/23 03:48:54 \| 002,000,384 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2011/08/23 03:48:54 \| 001,469,440 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2011/08/23 03:48:54 \| 001,469,440 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2011/08/23 03:48:54 \| 000,743,424 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2011/08/23 03:48:54 \| 000,184,320 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2011/08/23 03:48:54 \| 000,184,320 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2011/08/23 03:48:54 \| 000,043,520 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2011/08/23 03:48:54 \| 000,043,520 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2011/08/23 03:48:54 \| 000,025,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2011/08/23 03:48:54 \| 000,025,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2011/08/23 03:48:53 \| 000,387,584 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2011/08/23 03:48:53 \| 000,387,584 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2011/08/22 15:56:56 \| 000,174,080 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2011/08/22 15:56:56 \| 000,174,080 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2011/08/22 15:56:39 \| 000,385,024 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2011/08/17 17:49:54 \| 000,138,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2011/08/03 18:43:33 \| 000,000,747 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/08/03 18:43:00 \| 000,198,848 \| ---- \| M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2011/08/03 18:42:37 \| 000,006,656 \| ---- \| M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2011/08/03 18:42:37 \| 000,005,632 \| ---- \| M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2011/08/03 18:42:36 \| 000,272,896 \| ---- \| M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2011/07/23 00:51:50 \| 000,094,208 \| ---- \| M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll [2011/07/20 19:56:18 \| 000,001,882 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Revit Structure 2012.lnk [2011/07/15 17:29:31 \| 000,456,320 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011/07/08 18:02:00 \| 000,010,496 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011/06/26 10:45:56 \| 000,256,000 \| ---- \| M] () -- C:\WINDOWS\PEV.exe [2011/06/24 18:10:36 \| 000,139,656 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011/06/20 21:44:52 \| 000,293,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll [2011/06/20 21:44:52 \| 000,293,376 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll [2011/04/30 07:01:14 \| 000,758,784 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2011/04/29 21:25:27 \| 000,151,552 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [2011/04/26 15:07:50 \| 000,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll [2011/04/26 15:07:50 \| 000,033,280 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll [2011/04/24 23:13:10 \| 000,229,776 \| ---- \| M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\klogon.dll [2011/04/21 17:37:43 \| 000,105,472 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2011/04/21 10:09:12 \| 000,000,002 \| ---- \| M] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\setuplog.bin [2011/04/19 23:19:54 \| 000,353,592 \| ---- \| M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl [2011/03/11 12:43:54 \| 000,029,763 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\klopp.dat [2011/03/04 13:23:20 \| 000,011,352 \| ---- \| M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl2.sys [2011/03/04 13:23:14 \| 000,133,208 \| ---- \| M] (Kaspersky Lab ZAO) -- C:\WINDOWS\System32\drivers\kl1.sys [2011/03/04 10:37:06 \| 000,726,528 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll [2011/03/04 10:37:06 \| 000,420,864 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll [2011/03/03 10:55:19 \| 000,149,504 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2011/02/24 09:01:13 \| 000,016,109 \| ---- \| M] () -- C:\dev_.exe [2011/02/17 17:18:03 \| 000,357,888 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2011/02/15 16:56:39 \| 000,290,432 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2011/02/15 16:56:39 \| 000,290,432 \| ---- \| M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll [2011/02/11 17:25:52 \| 000,229,888 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe [2011/02/11 17:25:52 \| 000,229,888 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2011/02/08 17:33:55 \| 000,978,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll [2011/02/08 17:33:55 \| 000,978,944 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll [2011/02/08 17:33:55 \| 000,974,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll [2011/02/08 17:33:55 \| 000,974,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll [2011/02/04 17:48:32 \| 000,456,192 \| ---- \| M] () -- C:\WINDOWS\System32\dllcache\encdec.dll [2011/02/04 17:48:30 \| 000,291,840 \| ---- \| M] () -- C:\WINDOWS\System32\dllcache\sbe.dll [2011/02/02 11:58:35 \| 002,067,456 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll [2011/01/27 15:57:06 \| 000,677,888 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe [2011/01/21 18:44:37 \| 008,462,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2011/01/21 18:44:37 \| 000,439,296 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll [2011/01/07 15:39:22 \| 004,368,720 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100u.dll [2011/01/07 15:39:22 \| 004,342,600 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100.dll [2011/01/07 15:39:22 \| 000,768,848 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll [2011/01/07 15:39:22 \| 000,421,200 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll [2011/01/07 15:39:22 \| 000,137,544 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\atl100.dll [2011/01/07 15:39:22 \| 000,080,720 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100u.dll [2011/01/07 15:39:22 \| 000,080,208 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100.dll [2011/01/07 15:39:22 \| 000,064,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100fra.dll [2011/01/07 15:39:22 \| 000,064,336 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100deu.dll [2011/01/07 15:39:22 \| 000,063,824 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100esn.dll [2011/01/07 15:39:22 \| 000,062,288 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100ita.dll [2011/01/07 15:39:22 \| 000,060,752 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100rus.dll [2011/01/07 15:39:22 \| 000,055,120 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100enu.dll [2011/01/07 15:39:22 \| 000,051,024 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\vcomp100.dll [2011/01/07 15:39:22 \| 000,043,856 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100jpn.dll [2011/01/07 15:39:22 \| 000,043,344 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100kor.dll [2011/01/07 15:39:22 \| 000,036,176 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100cht.dll [2011/01/07 15:39:22 \| 000,036,176 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100chs.dll [2010/12/22 16:34:28 \| 000,301,568 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll [2010/12/20 21:32:15 \| 000,551,936 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll [2010/12/20 21:26:00 \| 000,730,112 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010/12/13 17:03:50 \| 000,028,496 \| ---- \| M] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/12/07 21:57:38 \| 000,879,649 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\SecurityCheck.exe [2011/12/03 23:29:18 \| 2145,845,248 \| -HS- \| C] () -- C:\hiberfil.sys [2011/12/03 22:15:23 \| 000,293,178 \| ---- \| C] () -- C:\MGlogs.zip [2011/12/03 21:10:11 \| 000,000,000 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\settings.dat [2011/12/03 21:09:41 \| 000,465,298 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\RootRepeal.rar [2011/12/03 18:50:48 \| 000,000,209 \| ---- \| C] () -- C:\Boot.bak [2011/12/03 18:50:45 \| 000,260,272 \| RHS- \| C] () -- C:\cmldr [2011/12/03 18:45:28 \| 000,256,000 \| ---- \| C] () -- C:\WINDOWS\PEV.exe [2011/12/03 18:45:28 \| 000,208,896 \| ---- \| C] () -- C:\WINDOWS\MBR.exe [2011/12/03 18:45:28 \| 000,098,816 \| ---- \| C] () -- C:\WINDOWS\sed.exe [2011/12/03 18:45:28 \| 000,080,412 \| ---- \| C] () -- C:\WINDOWS\grep.exe [2011/12/03 18:45:28 \| 000,068,096 \| ---- \| C] () -- C:\WINDOWS\zip.exe [2011/12/03 14:33:20 \| 000,001,678 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011/12/03 09:25:32 \| 000,000,784 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk [2011/12/03 09:25:32 \| 000,000,766 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk [2011/12/03 08:59:46 \| 002,428,524 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\mgtools.exe [2011/12/02 22:51:58 \| 000,017,408 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\WebpageIcons.db [2011/11/30 18:52:09 \| 000,001,734 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\HijackThis.lnk [2011/11/30 09:57:41 \| 001,239,109 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\BDUSBImmunizer1.zip [2011/11/30 09:57:20 \| 005,750,240 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\bd_securityscan.exe [2011/11/28 15:36:05 \| 000,000,742 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/11/28 15:36:05 \| 000,000,730 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk [2011/11/28 15:36:05 \| 000,000,724 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/11/19 23:02:30 \| 000,001,383 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\SHAE.lnk [2011/11/19 23:02:10 \| 000,001,854 \| ---- \| C] () -- C:\WINDOWS\ACROREAD.INI [2011/11/19 22:53:37 \| 000,000,041 \| ---- \| C] () -- C:\WINDOWS\CUSTDATA.INI [2011/11/19 17:17:28 \| 000,001,486 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\MagicISO.lnk [2011/11/19 00:19:31 \| 052,562,241 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\Neufert[1].Ernst.and.Peter-Architects.Data.3rd.ed.2000.pdf [2011/11/19 00:18:34 \| 024,637,376 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\Understanding Architecture Through Drawing.pdf [2011/11/17 23:02:01 \| 000,000,872 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\Shortcut to Dreamweaver.lnk [2011/11/17 22:59:51 \| 000,000,348 \| ---- \| C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KHALID-KHALID82.job [2011/11/17 22:49:29 \| 000,000,878 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Dreamweaver CS5.lnk [2011/11/17 22:46:41 \| 000,001,000 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2011/11/17 22:46:22 \| 000,001,144 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2011/11/17 22:46:04 \| 000,000,909 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Device Central CS5.lnk [2011/11/17 22:43:38 \| 000,000,728 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help.lnk [2011/11/17 12:03:53 \| 001,563,160 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\TEDDS Quick Start Guide (NA).pdf [2011/11/17 00:04:20 \| 000,000,652 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Start Tedds.lnk [2011/11/16 18:32:56 \| 000,001,542 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2011/11/15 18:43:13 \| 000,000,022 \| -HS- \| C] () -- C:\WINDOWS\System5537 Data.Repository [2011/11/15 18:43:13 \| 000,000,022 \| -HS- \| C] () -- C:\Documents and Settings\KHALID82\Application Data\Sys2662.Config.Repository.bin [2011/11/15 15:49:39 \| 000,001,915 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/14 21:44:43 \| 000,001,199 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\RISAFloor 5.1 Demo.lnk [2011/11/14 21:41:08 \| 007,363,936 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\Design of Post Tensioned slabs 27-12-2010.pdf [2011/11/05 11:21:19 \| 001,719,440 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/11/04 14:59:41 \| 000,579,852 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\How to design a good API.pdf [2011/11/04 14:59:18 \| 001,368,308 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\api_design.pdf [2011/11/04 14:57:23 \| 000,052,484 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\x-mashups-pdf.pdf [2011/11/04 09:34:01 \| 000,038,310 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\henna.jpg [2011/11/03 23:36:48 \| 000,040,960 \| ---- \| C] () -- C:\WINDOWS\System32\lxeavs.dll [2011/11/03 23:36:26 \| 000,065,106 \| ---- \| C] () -- C:\WINDOWS\System32\lxeaprpr.chm [2011/11/03 23:36:25 \| 000,086,016 \| ---- \| C] () -- C:\WINDOWS\System32\lxeagcfg.dll [2011/11/03 23:36:23 \| 000,294,912 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacui.dll [2011/11/03 23:36:23 \| 000,110,592 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacuir.dll [2011/11/03 23:36:22 \| 000,008,694 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacommuilogo_rtl.bmp [2011/11/03 23:36:22 \| 000,008,694 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacommuilogo.bmp [2011/11/03 23:33:08 \| 000,000,814 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK [2011/11/03 23:32:17 \| 000,000,044 \| -H-- \| C] () -- C:\WINDOWS\System32\lxearwrd.ini [2011/11/03 23:32:05 \| 000,198,632 \| ---- \| C] () -- C:\WINDOWS\System32\LexFiles.ulf [2011/11/03 23:32:04 \| 000,331,776 \| ---- \| C] () -- C:\WINDOWS\System32\LXEAinst.dll [2011/11/03 23:32:00 \| 000,323,584 \| ---- \| C] () -- C:\WINDOWS\System32\lxeains.dll [2011/11/03 23:32:00 \| 000,262,144 \| ---- \| C] () -- C:\WINDOWS\System32\lxeainsb.dll [2011/11/03 23:32:00 \| 000,106,496 \| ---- \| C] () -- C:\WINDOWS\System32\lxeainsr.dll [2011/11/03 23:32:00 \| 000,057,344 \| ---- \| C] () -- C:\WINDOWS\System32\lxeajswr.dll [2011/11/03 23:31:58 \| 000,253,952 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacu.dll [2011/11/03 23:31:58 \| 000,208,896 \| ---- \| C] () -- C:\WINDOWS\System32\lxeagrd.dll [2011/11/03 23:31:58 \| 000,090,112 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacub.dll [2011/11/03 23:31:58 \| 000,036,864 \| ---- \| C] () -- C:\WINDOWS\System32\lxeacur.dll [2011/11/03 23:31:56 \| 000,002,106 \| ---- \| C] () -- C:\WINDOWS\System32\lxea.loc [2011/11/03 23:28:38 \| 000,023,552 \| ---- \| C] () -- C:\WINDOWS\System32\LXEAsmr.dll [2011/11/03 23:28:37 \| 000,299,008 \| ---- \| C] () -- C:\WINDOWS\System32\LXEAsm.dll [2011/10/30 17:09:06 \| 000,244,034 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\قانون القضاء العسكري.pdf [2011/10/30 01:35:33 \| 000,344,172 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\codes.pdf..pdf [2011/10/30 01:33:51 \| 000,204,093 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\p_delta.pdf..pdf [2011/10/27 16:17:27 \| 000,000,866 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\PDF-Viewer.lnk [2011/10/27 16:02:16 \| 000,001,803 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\ETABS.lnk [2011/10/27 14:32:16 \| 000,000,218 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\.recently-used.xbel [2011/10/27 14:23:58 \| 000,000,700 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Inkscape.lnk [2011/10/27 12:26:45 \| 000,173,143 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\toyota camry 2007 maintainance guide.pdf [2011/10/25 11:51:41 \| 000,015,182 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\لق.jpg [2011/10/24 10:08:53 \| 000,248,397 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\AC69~1.pdf [2011/10/23 06:08:05 \| 000,600,278 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\Cat.DB [2011/10/19 07:43:34 \| 001,468,596 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\tuhfat-alabrar-qnubi.pdf [2011/10/15 22:24:43 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\vn8yhc1.tgz [2011/10/15 22:24:43 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\vn8yhc1.dll [2011/10/15 22:24:36 \| 000,000,219 \| ---- \| C] () -- C:\WINDOWS\System32\us9mj4j.tgz [2011/10/15 22:23:42 \| 000,000,570 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\STAAD.Pro V8i.lnk [2011/10/15 09:59:01 \| 000,001,854 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk [2011/10/15 09:05:35 \| 000,001,830 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk [2011/10/14 23:58:12 \| 017,340,913 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\How Buildings Work - The Natural Order of Architecture.pdf [2011/10/11 18:50:13 \| 000,747,585 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Desktop\قانون الجزاء ال.zip [2011/09/27 00:32:58 \| 000,713,006 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\census.cache [2011/09/27 00:32:27 \| 000,294,803 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\ars.cache [2011/09/27 00:07:17 \| 000,000,036 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\housecall.guid.cache [2011/09/07 23:50:18 \| 000,000,784 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011/08/30 01:34:04 \| 001,441,792 \| ---- \| C] () -- C:\WINDOWS\System32\bmchat.ocx [2011/08/26 14:58:50 \| 000,001,874 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Autodesk Revit Structure 2010.lnk [2011/08/03 18:43:33 \| 000,000,747 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk [2011/08/02 23:36:52 \| 000,455,342 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1605582275-3857380357-824892274-1009-0.dat [2011/07/21 00:22:39 \| 000,455,342 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/07/20 22:09:01 \| 000,279,664 \| ---- \| C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/07/20 19:56:18 \| 000,001,882 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Revit Structure 2012.lnk [2011/07/14 21:22:32 \| 000,000,890 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/07/14 21:22:32 \| 000,000,886 \| ---- \| C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/07/02 08:42:11 \| 000,002,347 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk [2011/05/27 13:57:59 \| 000,001,945 \| ---- \| C] () -- C:\WINDOWS\epplauncher.mif [2011/04/21 10:08:45 \| 000,000,002 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\setuplog.bin [2011/03/09 01:01:10 \| 000,000,719 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Orion 16.lnk [2011/03/02 01:32:34 \| 000,000,416 \| ---- \| C] () -- C:\WINDOWS\System32\vcredist_x86.bat [2011/03/02 01:32:12 \| 000,022,729 \| ---- \| C] () -- C:\newkey [2011/03/02 01:32:12 \| 000,022,729 \| ---- \| C] () -- C:\newfile.enc [2011/02/24 08:59:57 \| 000,016,109 \| ---- \| C] () -- C:\dev_.exe -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:54:16 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	[2011/02/17 13:46:01 \| 000,028,496 \| ---- \| C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe [2011/02/17 13:46:01 \| 000,014,776 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys [2010/08/16 10:12:52 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ativpsrm.bin [2010/08/16 09:44:03 \| 000,593,920 \| ---- \| C] () -- C:\WINDOWS\System32\ati2sgag.exe [2010/05/21 02:40:03 \| 000,157,696 \| ---- \| C] () -- C:\WINDOWS\System32\unrar.dll [2010/05/21 02:40:00 \| 000,856,064 \| ---- \| C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/05/21 02:40:00 \| 000,579,090 \| ---- \| C] () -- C:\WINDOWS\System32\x264vfw.dll [2010/05/21 02:40:00 \| 000,217,088 \| ---- \| C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/05/21 02:39:59 \| 000,005,120 \| ---- \| C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/05/19 17:39:16 \| 000,120,769 \| ---- \| C] () -- C:\WINDOWS\System32\DyKZcYdrThve.exe [2010/02/06 15:05:33 \| 000,000,124 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Application Data\default.rss [2009/11/26 23:06:55 \| 000,115,369 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\klin.dat [2009/11/26 23:06:54 \| 000,097,961 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\klick.dat [2009/09/26 19:29:22 \| 000,000,620 \| ---- \| C] () -- C:\WINDOWS\RegGenie.ini [2009/09/09 19:01:40 \| 000,029,763 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\klopp.dat [2009/06/27 23:02:47 \| 000,000,068 \| ---- \| C] () -- C:\WINDOWS\RUNTEST.INI [2009/06/06 21:12:36 \| 000,000,664 \| ---- \| C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009/04/04 19:52:10 \| 000,027,648 \| ---- \| C] () -- C:\WINDOWS\System32\AVSredirect.dll [2009/02/26 00:58:44 \| 003,107,788 \| ---- \| C] () -- C:\WINDOWS\System32\ativva5x.dat [2009/02/26 00:58:44 \| 000,887,724 \| ---- \| C] () -- C:\WINDOWS\System32\ativva6x.dat [2008/12/31 17:04:42 \| 000,691,560 \| ---- \| C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2008/12/31 17:04:42 \| 000,528,744 \| ---- \| C] () -- C:\WINDOWS\System32\OGAVerify.exe [2008/09/20 22:06:20 \| 007,809,568 \| -HS- \| C] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2008/09/20 22:06:20 \| 001,409,056 \| -HS- \| C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2008/08/06 16:21:13 \| 000,006,550 \| ---- \| C] () -- C:\WINDOWS\jautoexp.dat [2008/07/27 01:47:53 \| 000,061,376 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\HL_MULL.SYS [2008/07/27 01:42:55 \| 000,420,000 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\hardlock.sys [2008/07/27 01:42:19 \| 000,000,383 \| ---- \| C] () -- C:\WINDOWS\System32\haspdos.sys [2008/07/14 21:56:19 \| 000,101,376 \| ---- \| C] () -- C:\WINDOWS\extract.exe [2008/06/21 00:05:59 \| 000,110,602 \| ---- \| C] () -- C:\WINDOWS\System32\xcdsfx32.bin [2008/05/30 23:02:22 \| 000,159,744 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/05/30 23:02:22 \| 000,000,131 \| ---- \| C] () -- C:\Documents and Settings\KHALID82\Local Settings\Application Data\fusioncache.dat [2008/05/30 21:22:22 \| 003,596,288 \| ---- \| C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008/05/30 12:51:40 \| 000,262,144 \| ---- \| C] () -- C:\WINDOWS\System32\default_user_class.dat [2008/05/26 21:59:42 \| 000,018,904 \| ---- \| C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 21:59:40 \| 000,106,605 \| ---- \| C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2008/05/21 19:40:03 \| 000,000,365 \| ---- \| C] () -- C:\WINDOWS\RP2007.INI [2008/05/17 14:40:19 \| 000,034,308 \| ---- \| C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008/05/10 23:59:58 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\mngui.INI [2008/04/08 16:34:58 \| 000,097,208 \| -H-- \| C] () -- C:\WINDOWS\System32\mlfcache.dat [2008/03/05 13:51:32 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\Irremote.ini [2008/02/09 19:44:47 \| 000,000,067 \| ---- \| C] () -- C:\WINDOWS\Easy Video to DVD.INI [2007/12/06 17:03:29 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\System32\nsprs.dll [2007/12/04 22:37:47 \| 000,014,106 \| ---- \| C] () -- C:\WINDOWS\StaadPro20070.ini [2007/12/04 22:37:47 \| 000,008,214 \| ---- \| C] () -- C:\WINDOWS\SProRC20070.ini [2007/12/04 22:26:28 \| 000,000,209 \| ---- \| C] () -- C:\WINDOWS\staadpro20030.ini [2007/12/04 22:26:28 \| 000,000,154 \| ---- \| C] () -- C:\WINDOWS\STAAD_ETC.INI [2007/11/25 00:03:18 \| 000,001,687 \| ---- \| C] () -- C:\WINDOWS\SProEdit.INI [2007/09/27 10:51:02 \| 000,020,698 \| ---- \| C] () -- C:\WINDOWS\System32\idxcntrs.ini [2007/09/27 10:48:48 \| 000,030,628 \| ---- \| C] () -- C:\WINDOWS\System32\gsrvctr.ini [2007/09/27 10:48:28 \| 000,031,698 \| ---- \| C] () -- C:\WINDOWS\System32\gthrctr.ini [2007/08/30 01:01:00 \| 000,038,400 \| ---- \| C] () -- C:\WINDOWS\System32\moveex.exe [2007/05/30 18:14:44 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\sysprs7.dll [2007/05/30 18:09:08 \| 000,458,752 \| ---- \| C] () -- C:\WINDOWS\System32\LiveUpdate.dll [2007/05/30 18:09:08 \| 000,006,534 \| ---- \| C] () -- C:\WINDOWS\System32\WinGPDrv.dat [2007/05/30 18:09:07 \| 000,006,532 \| ---- \| C] () -- C:\WINDOWS\System32\NGWinDrv.dat [2007/05/17 15:56:40 \| 000,000,300 \| ---- \| C] () -- C:\WINDOWS\3DHOME.INI [2007/05/17 15:49:58 \| 000,000,730 \| ---- \| C] () -- C:\WINDOWS\cdplayer.ini [2007/05/07 13:29:32 \| 000,000,124 \| ---- \| C] () -- C:\WINDOWS\ENERCALC.INI [2007/04/23 06:13:16 \| 000,000,222 \| ---- \| C] () -- C:\WINDOWS\Beam.INI [2007/04/23 06:13:01 \| 000,000,138 \| ---- \| C] () -- C:\WINDOWS\CBVIEWER.INI [2007/03/25 23:54:45 \| 000,000,035 \| ---- \| C] () -- C:\WINDOWS\A5W.INI [2007/01/25 21:31:36 \| 000,053,299 \| ---- \| C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007/01/23 05:04:21 \| 000,000,116 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2007/01/14 10:56:09 \| 000,015,840 \| ---- \| C] () -- C:\WINDOWS\System32\Machnm1.exe [2007/01/02 17:30:18 \| 000,002,828 \| ---- \| C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007/01/02 17:30:18 \| 000,000,088 \| ---- \| C] () -- C:\WINDOWS\System32\28B039CE79.sys [2006/12/30 10:30:29 \| 000,004,212 \| ---- \| C] () -- C:\WINDOWS\System32\zllictbl.dat [2006/12/29 16:32:36 \| 000,096,384 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\sptd9101.sys [2006/12/28 11:27:25 \| 000,001,477 \| ---- \| C] () -- C:\WINDOWS\mozver.dat [2006/12/28 08:59:11 \| 000,000,029 \| ---- \| C] () -- C:\WINDOWS\atid.ini [2006/12/19 08:26:17 \| 000,000,061 \| ---- \| C] () -- C:\WINDOWS\smscfg.ini [2006/12/19 08:16:58 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2006/12/19 08:10:53 \| 000,000,138 \| ---- \| C] () -- C:\WINDOWS\wininit.ini [2006/12/19 07:31:46 \| 000,182,995 \| ---- \| C] () -- C:\WINDOWS\System32\atiicdxx.dat [2006/12/19 07:31:32 \| 000,049,152 \| ---- \| C] () -- C:\WINDOWS\setpwrcg.exe [2006/12/19 07:31:24 \| 000,016,480 \| ---- \| C] () -- C:\WINDOWS\System32\rixdicon.dll [2006/12/19 07:30:54 \| 000,000,391 \| ---- \| C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006/10/06 10:59:42 \| 000,000,395 \| ---- \| C] () -- C:\WINDOWS\ETABSv9.ini [2006/05/24 18:16:22 \| 000,090,112 \| ---- \| C] () -- C:\WINDOWS\System32\btprn2k.dll [2006/05/03 02:38:24 \| 000,072,444 \| ---- \| C] () -- C:\WINDOWS\SetBrowser.exe [2006/05/03 02:38:24 \| 000,000,748 \| ---- \| C] () -- C:\WINDOWS\SetBrowser.ini [2005/08/16 14:48:31 \| 000,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2005/08/16 14:38:45 \| 000,021,640 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005/08/16 14:37:24 \| 000,001,793 \| ---- \| C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/08/16 14:33:38 \| 000,004,161 \| ---- \| C] () -- C:\WINDOWS\ODBCINST.INI [2005/08/16 14:18:35 \| 000,004,569 \| ---- \| C] () -- C:\WINDOWS\System32\secupd.dat [2005/08/16 14:18:33 \| 000,539,960 \| ---- \| C] () -- C:\WINDOWS\System32\perfh009.dat [2005/08/16 14:18:33 \| 000,272,128 \| ---- \| C] () -- C:\WINDOWS\System32\perfi009.dat [2005/08/16 14:18:33 \| 000,102,740 \| ---- \| C] () -- C:\WINDOWS\System32\perfc009.dat [2005/08/16 14:18:33 \| 000,028,626 \| ---- \| C] () -- C:\WINDOWS\System32\perfd009.dat [2005/08/16 14:18:32 \| 000,004,627 \| ---- \| C] () -- C:\WINDOWS\System32\oembios.dat [2005/08/16 14:18:30 \| 013,107,200 \| ---- \| C] () -- C:\WINDOWS\System32\oembios.bin [2005/08/16 14:18:28 \| 000,000,741 \| ---- \| C] () -- C:\WINDOWS\System32\noise.dat [2005/08/16 14:18:23 \| 000,673,088 \| ---- \| C] () -- C:\WINDOWS\System32\mlang.dat [2005/08/16 14:18:23 \| 000,046,258 \| ---- \| C] () -- C:\WINDOWS\System32\mib.bin [2005/08/16 14:18:21 \| 000,008,192 \| ---- \| C] () -- C:\WINDOWS\System32\swz0s5h.dll [2005/08/16 14:18:21 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\clauth2.dll [2005/08/16 14:18:21 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\clauth1.dll [2005/08/16 14:18:21 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth2.dll [2005/08/16 14:18:21 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth1.dll [2005/08/16 14:18:21 \| 000,000,205 \| ---- \| C] () -- C:\WINDOWS\System32\vznvhro.dll [2005/08/16 14:18:21 \| 000,000,073 \| ---- \| C] () -- C:\WINDOWS\System32\ssprs.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\xabbt9s.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\vv4skko.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\qt3byk1.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\mw8jg97.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\laihopi.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\j7uwbqv.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\hth8w5a.dll [2005/08/16 14:18:21 \| 000,000,016 \| -H-- \| C] () -- C:\WINDOWS\System32\bj1iqmv.dll [2005/08/16 14:18:15 \| 000,218,003 \| ---- \| C] () -- C:\WINDOWS\System32\dssec.dat [2005/08/16 14:18:08 \| 000,001,804 \| ---- \| C] () -- C:\WINDOWS\System32\dcache.bin [2005/08/06 00:01:54 \| 000,235,008 \| ---- \| C] () -- C:\WINDOWS\System32\psisdecd.dll [2005/04/10 03:04:54 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\System32\px.ini [2004/06/29 14:47:28 \| 000,003,072 \| ---- \| C] () -- C:\WINDOWS\WinIo.sys [2002/04/23 15:29:50 \| 000,151,552 \| ---- \| C] () -- C:\WINDOWS\System32\vsppg7.dll [2002/03/15 00:00:26 \| 000,038,567 \| ---- \| C] () -- C:\WINDOWS\System32\pcpbios.exe [2001/11/14 13:56:00 \| 001,802,240 \| ---- \| C] () -- C:\WINDOWS\System32\lcppn21.dll [1999/11/16 13:57:08 \| 000,147,456 \| ---- \| C] () -- C:\WINDOWS\System32\Comdll32.DLL [1998/08/16 17:00:00 \| 000,004,096 \| ---- \| C] () -- C:\WINDOWS\System32\sysres.dll [1998/03/22 14:50:02 \| 000,010,240 \| ---- \| C] () -- C:\WINDOWS\System32\Vidx16.dll [color=#E56717]========== LOP Check ==========[/color] [2009/05/31 23:25:39 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\27196 [2011/11/16 18:14:19 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Autodesk [2011/11/18 09:28:20 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/12/03 23:10:34 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2008/09/06 22:42:01 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\CSC [2011/11/17 00:06:45 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations [2010/02/11 19:48:52 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Easy Duplicate Finder [2011/11/30 11:29:34 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\F-Secure [2011/02/17 13:46:55 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\FreeApp [2010/06/17 12:58:36 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\HiYo [2010/08/16 02:17:30 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions [2010/06/09 19:26:53 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Installations [2011/02/17 13:45:16 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\IObit [2011/11/16 18:14:22 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2008/06/04 21:47:12 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2010/06/10 01:14:56 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010/06/10 00:43:38 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache [2011/03/09 01:00:41 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\PBOrion [2008/06/23 02:54:27 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/11/16 18:14:23 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2011/11/17 22:49:58 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2011/12/04 07:08:26 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit [2011/12/03 14:32:54 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup [2008/05/10 18:06:28 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Teleca [2009/11/22 00:49:26 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2011/12/03 06:14:51 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2006/12/19 08:13:38 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\YAHOO [2011/10/15 09:55:58 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/11/22 00:48:54 \| 000,000,000 \| -HSD \| M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} [2010/02/16 18:39:05 \| 000,000,000 \| -H-D \| M] -- C:\Documents and Settings\All Users\Application Data\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B} [2008/06/28 23:46:26 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\.purple [2011/07/20 22:22:17 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Autodesk [2011/12/03 22:37:12 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Babylon [2011/05/14 00:11:46 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\BitComet [2011/03/25 21:01:37 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\BSplayer [2011/03/25 21:01:37 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\BSplayer Pro [2008/09/03 16:56:05 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\ChessCubeVideoViewer.22A6FA2509F415BF040C756B4D9CC577BC15C17E.1 [2009/02/23 00:01:08 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/06/11 23:30:25 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\COWON [2011/08/03 22:12:57 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\DDMSettings [2008/10/03 20:56:01 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\DMCache [2010/02/11 19:48:52 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Easy Duplicate Finder [2011/11/18 18:35:56 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\ElevatedDiagnostics [2011/11/30 11:29:59 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\f-secure [2008/07/17 01:47:36 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Flock [2010/02/17 18:01:25 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Foxit [2011/09/29 22:07:10 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Garmin [2010/06/17 12:58:42 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\HiYo [2008/06/09 19:58:11 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\ICQLite [2008/10/07 14:00:11 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\IDM [2011/10/27 14:27:55 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\inkscape [2011/02/19 22:01:25 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\IObit [2008/06/23 03:30:02 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\LimeWire [2008/06/04 21:51:48 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Nitro PDF [2010/06/10 02:05:36 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Nokia [2010/06/10 02:05:39 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Nokia Ovi Suite [2010/07/20 17:01:03 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\ooVoo Details [2008/07/17 01:51:32 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Opera [2010/05/19 21:54:08 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\OxelonMC [2008/12/10 22:31:43 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Participatory Culture Foundation [2010/06/10 02:03:17 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\PC Suite [2009/07/25 14:41:28 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\PCF-VLC [2011/11/30 09:46:47 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\QuickScan [2009/12/17 17:54:51 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\RecoveryInfo [2008/06/01 18:15:23 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Skinux [2010/02/16 18:39:32 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Stardock [2008/05/29 14:41:57 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Teleca [2008/05/29 14:41:47 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\TuneUp Software [2008/05/29 14:41:47 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Uniblue [2009/04/04 19:23:04 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Video Converter for Any Flv Player [2010/02/22 03:47:54 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Vivox [2010/06/13 00:59:20 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Windows Desktop Search [2010/07/13 20:24:18 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\Windows Search [2010/05/20 17:55:47 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\KHALID82\Application Data\zweitgeist [2011/12/07 17:45:07 \| 000,000,616 \| -H-- \| M] () -- C:\WINDOWS\Tasks\ConfigExec.job [2011/12/07 20:14:06 \| 000,000,580 \| -H-- \| M] () -- C:\WINDOWS\Tasks\DataUpload.job [2011/11/30 14:15:23 \| 000,000,264 \| ---- \| M] () -- C:\WINDOWS\Tasks\OGADaily.job [2011/12/07 17:48:19 \| 000,000,264 \| ---- \| M] () -- C:\WINDOWS\Tasks\OGALogon.job [2011/12/07 21:57:24 \| 000,000,428 \| -H-- \| M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ABCA13D-15FD-410C-B075-C625424017B3}.job [color=#E56717]========== Purity Check ==========[/color] -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:54:40 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	Sec Check Results of screen317's Security Check version 0.99.28 Windows XP Service Pack 3 x86 Internet Explorer 8 `````````````````````````````` [u]Antivirus/Firewall Check:[/u] Windows Firewall Disabled! Kaspersky Internet Security 2012 Antivirus up to date! ``````````````````````````````` [u]Anti-malware/Other Utilities Check:[/u] Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java(TM) 7 Update 1 Adobe Flash Player 11.1.102.55 Adobe Reader X (10.1.1) Mozilla Firefox (8.0.1) ```````````````````````````````` Process Check: [u]objlist.exe by Laurent[/u] Emsisoft Anti-Malware a2service.exe Kaspersky Lab Kaspersky Internet Security 2012 avp.exe Kaspersky Lab Kaspersky Internet Security 2012 klwtblfs.exe ``````````End of Log```````````` -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:57:30 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	ESET ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=d0d3985e2072ce4c8faefb9b03122732 # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-11-30 03:49:56 # local_time=2011-11-30 07:49:56 (+0400, Arabian Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 134184217 134184217 0 0 # compatibility_mode=1280 16777215 100 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 1219 1219 0 0 # scanned=25718 # found=0 # cleaned=0 # scan_time=2678 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=d0d3985e2072ce4c8faefb9b03122732 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-12-08 12:38:50 # local_time=2011-12-08 04:38:50 (+0400, Arabian Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 134801253 134801253 0 0 # compatibility_mode=1280 16777175 100 0 431085 431085 0 0 # compatibility_mode=8192 67108863 100 0 618255 618255 0 0 # scanned=317687 # found=8 # cleaned=8 # scan_time=22176 C:\MGtools\Process.exe Win32/PrcView application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1003\A0272624.exe Win32/PrcView application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP998\A0267004.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\WINDOWS\system32\pmservice.exe a variant of Win32/Adware.RK.AD application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\AUTODESK QUANTITY TAKEOFF\aqto2011.iso a variant of Win32/Keygen.BT application (deleted - quarantined) 00000000000000000000000000000000 C F:\EVERYTHING1\AutoDesk Revit Structure Suite 2010\Crack\AutoDesk 2010 Products Key Generator.exe a variant of Win32/Keygen.BL application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\EVERYTHING1\EVERYTHING\Computer STUFF\TuneUp 2008\tuneup.utilities.2008.v7.0.7986-patch.exe Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\EVERYTHING1\RAM Advance\ra09050180en\RamCon\IEGLicLib.dll probably a variant of Win32/Agent.KDMLXZU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 06:58:13 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51	reply to archeng Re: Infected Computer, please help There should be an Extra's log as well (if you ran OTL once) If you can find it...please add it here
	to forum · permalink · 2011-12-08 07:00:25 ·
archeng join:2011-12-08	Thanks a lot lilihuricane for your quick response and sorry for attaching the logs instead posting them. That was totally unintentional. Here is the extra log, but to be clear, this is from an old run. I ran it before.. Extras.Txt: OTL Extras logfile created on: 12/3/2011 11:55:25 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\KHALID82\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.11 Gb Available Physical Memory \| 55.42% Memory free 3.84 Gb Paging File \| 2.89 Gb Available in Paging File \| 75.35% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 105.00 Gb Total Space \| 56.14 Gb Free Space \| 53.47% Space Free \| Partition Type: NTFS Computer Name: KHALID \| User Name: KHALID82 \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Quick Scan Company Name Whitelist: On \| Skip Microsoft Files: On \| No Company Name Whitelist: On \| File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. https [open] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 -- [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 -- [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 -- [2011/11/20 00:03:37 \| 000,000,000 \| ---D \| M] "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "24751:TCP" = 24751:TCP::Enabled:BitComet 24751 TCP "24751:UDP" = 24751:UDP::Enabled:BitComet 24751 UDP "48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp "48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\KHALID82\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe::Enabled:Google Talk Plugin -- (Google) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe::Enabled:Opera Internet Browser -- (Opera Software) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe::Enabled:WebKit -- (Apple Inc.) "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" = C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe::Enabled:FreeCall -- (FreeCall) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card "{00E1E235-AB45-4695-A156-073118949ED4}" = HiYo "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0355CF40-97AF-9CDD-7282-BF151AEE724B}" = ccc-core-static "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0978A841-2E44-4A85-922B-36D96F0BAE0E}_is1" = 3GP Player 2009 "{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0AB4C03C-D10F-422E-B060-75387F61599A}" = Nitro PDF Professional "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar "{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{10D0CE2B-510C-4481-9D96-2180B4DDB9A8}" = Autodesk Robot Structural Analysis "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 "{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1EAA2FB1-DD82-471B-97BB-770F5CEA36C9}" = Adobe Dreamweaver CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2066FE01-656E-4B2E-8E77-F30266A914CB}" = Poured Concrete 09 "{21199F32-B676-4FE2-A443-EF7DB6B8FD4F}" = Opera 10.10 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2306AB02-DE01-1366-BCFF-41D1197CF42E}" = ccc-utility "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23514382-C4B2-496D-AA6F-F966644AE01B}" = Ma-Config.com "{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012 "{257D6C9F-BD8E-4739-9D03-FED55793C774}_is1" = floAt's Mobile Agent "{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{28857B16-AD7E-47AB-A1D8-9A28B50554B7}" = CSC TEDDS Engineering Library - United Kingdom "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{310C6F8E-A94B-45BA-A6E8-D39CB8E65E15}" = ETABS 9 "{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10 "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner "{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0 "{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform "{4E203CAF-230D-5275-C15B-517273593359}" = Catalyst Control Center Core Implementation "{4E7C8500-3D69-11DB-390C-1F56BA3C7E87}" = "{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001 "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5783F2D7-7001-0409-0002-0060B0CE6BBA}" = AutoCAD 2009 - English "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin "{5E977DEC-5BB4-44C7-9FE5-9357D2DB4FCB}" = "{5EFB3290-9DD2-11DB-6784-0029022B18BE}" = "{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA "{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine "{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{62369F2F77534556AEF4C58152E3BDE5}" = "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner "{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr "{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012 "{65EAB391-4B36-59AA-0336-D0C4BEB6CD2F}" = CCC Help English "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6a43408e-fdfe-4bd6-b9dd-f223405866b4}" = Nero 9 Trial "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}" = Maya 2008 Documentation (en_US) "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal "{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{70D6B234-2430-49C0-A97E-8EB3160AC53F}" = Autodesk Robot Structural Analysis "{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7346B4A0-1200-0200-0409-705C0D862004}" = Revit Structure 2012 "{7346B4A0-1200-0201-0409-705C0D862004}" = Revit Structure 2012 Language Pack - English "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore "{7585478E9D9B42108671C12F8714CEFE}" = "{76D1AA2B-A434-4D63-BE2C-80286F23C223}" = Microsoft Interop Forms Redistributable Package 2.0a "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7C49EA42-5647-4051-84C2-E6404F25A931}" = Yahoo! Music Jukebox "{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install "{7D1FA102-9B90-48B0-8DF8-735BBA5F4093}" = Driver Updater Pro "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support "{818FD2AE-1011-4487-A0DC-71ADB78F2618}" = CSC Common "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8512096C-7B21-472F-B6F1-69430969643D}" = Autodesk Robot Structural Analysis "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{88410D8F-8529-492B-B556-2394A29B811B}" = Broadcom Driver v4.150.22.0_Foxconn Installation Program "{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini "{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012 "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007 "{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007 "{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{939D29FC-B82D-42A7-BB1E-8E3F121505CC}" = Autodesk Revit Structure 2010 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{953F4AF6-25A4-2419-0A5D-FCA262FEF85E}" = Catalyst Control Center Graphics Full New "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse "{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}" = "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap "{A0B730E3-E071-4DC5-B086-40007AB5DF48}" = Autodesk Robot Structural Analysis "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A2463AD4-996C-49E8-8D8C-475FB90F6C48}" = Orion R15.1 sp3 "{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook "{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}" = OGA Notifier 1.7.0105.35.0 "{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B234FEF3-B96F-6BA2-0FCB-4238AD0ED5A8}" = ChessCube Cinema "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore "{B4E586EE-6E4C-454C-9DB4-676DFC9ECFD2}" = CSC Tedds "{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012 "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center "{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BB8B979E-E336-47E7-96BC-1031C1B94561}" = "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}" = Autodesk DirectConnect 2.0 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C12D609B-EB71-411B-82C3-9BE6D40435D7}" = Google SketchUp LayOut 6 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C309F22B-19ED-4667-950C-2188A4B26E34}" = Google SketchUp Pro 7 "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries "{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet "{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}" = Logitech Gaming Software 5.01 "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173 "{C6A83D5C-636B-83F9-CEA4-9E2A31C4F509}" = ccc-core-preinstall "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim "{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs "{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar "{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1 "{CFDC6DD9-ABC9-4268-B104-C9318185A8EC}" = Autodesk Robot Structural Analysis "{D0019FDD-9DEC-42AB-BFC1-B9B69B04AFB1}" = RISAFloor 5.1 Demo "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software "{D4A33E08-4FE7-40C4-BF5E-5853C56ADD7C}" = Bentley IEG License Service "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D65939A4-14EC-4713-B458-924E262F877D}" = CSC Orion 16 "{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{D99F7568-803E-4C13-80DD-9403CD34F5F3}" = Clearblue Cycle Calendar "{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime "{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}" = Maya 2008 "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR "{DCB7474F-F85C-2196-700A-C69692895D00}" = Catalyst Control Center Graphics Full Existing "{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX "{DF97CCAD-8757-41A6-B7ED-2EFB10CACA73}" = Autodesk Robot Structural Analysis "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page "{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit "{EA4D0EA6-B027-4245-AD15-D42ACB22732B}" = CSC Licensing "{EA5D652F-EC02-D5E8-6887-CE9EE1C9846F}" = Skins "{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}" = "{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center "{ECE8D6A5-974F-42A1-9A76-2450DB4FB04C}" = CSC Update Service "{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1F21E3D-B075-4782-A5C8-1AE9199E9CC0}" = Autodesk Robot Structural Analysis Professional 2010 "{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari "{F3812D83-86D2-4445-A841-3E0BA4F9A11C}" = Merriam-Webster 3.0 "{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK "{F88E77C7-846D-73D9-7B33-0AF6A5F5FD1B}" = Catalyst Control Center Graphics Light "{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock "{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service "{FFD28B25-7A8C-4B3E-9939-E211C908E22F}" = STAAD.Pro V8i "12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic "4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Abacast Client" = Abacast Client "Adobe Acrobat Reader 3.01" = Adobe Acrobat Reader 3.01 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "Akamai" = Akamai NetSession Interface Service "All ATI Software" = ATI - Software Uninstall Utility "Any Flv Player_is1" = Any Flv Player 2.5.1 "AOL Diagnostics_N" = "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "Ask Toolbar_is1" = Foxit Toolbar "Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2 "ATI Display Driver" = ATI Display Driver "AudioPlugin.dll" = "Autodesk DWF Viewer" = "Autodesk Revit Structure 2010" = Autodesk Revit Structure 2010 "Autodesk Revit Structure 2012" = Autodesk Revit Structure 2012 "B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto "Babylon" = Babylon "BitComet" = BitComet 1.27 "Branding" = "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "BSPlayerf" = BS.Player FREE "CAL" = Canon Camera Access Library "Calibrize_is1" = Calibrize 2.0 "CameraWindowDC8" = Canon Utilities CameraWindow DC 8 "CameraWindowLauncher" = Canon Utilities CameraWindow Launcher "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "Cbeam_2005_R1" = Cbeam 2005 1.0.1 "CCleaner" = CCleaner "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "ChessCubeVideoViewer.22A6FA2509F415BF040C756B4D9CC577BC15C17E.1" = ChessCube Cinema "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "CopyNow.dll" = "CoreAAC" = CoreAAC "DataPlugin.dll" = "DiskAnalyzer Pro_is1" = DiskAnalyzer Pro 3.4 "DivX Setup" = DivX Setup "dlatray.exe" = "DMX5_is1" = DriverMax 5 "Driver Magician_is1" = Driver Magician 3.5 "Driver Updater Pro" = Driver Updater Pro "DriverAgent.exe" = DriverAgent by eSupport.com "DXM_Runtime" = "DyKZcYdrThve" = LoudMo Contextual Ad Assistant "Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.4.1 "EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "FairStars Audio Converter_is1" = FairStars Audio Converter 1.55 "FastFrame" = "FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0 "Fences" = Fences "Flock" = Flock 1.1 "FLV Player" = FLV Player 2.0 (build 25) "FLVPlayer" = FLV Player 1.3.3 "Foxit Reader" = Foxit Reader "FreeCall_is1" = FreeCall "Freecorder4.0" = Freecorder 4.0 Application "GameHouse Sudoku" = GameHouse Sudoku "GNU Aspell_is1" = GNU Aspell 0.50-3 "GOM ENCODER" = GOM ENCODER "GOM Player" = GOM Player "GoogleVideoPlayer" = Google Video Player "GTK 2.0" = GTK+ Runtime 2.12.8 rev a (remove only) "HASP Emulator Professiaonal Edition V2.33 for Windows NT/W2K/XP" = HASP Emulator Professiaonal Edition V2.33 for Windows NT/W2K/XP "HijackThis" = HijackThis 2.0.2 "HiYo" = HiYo "ICQLite" = ICQ 5.1 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Inkscape" = Inkscape 0.48.2 "InstallShield Uninstall Information" = "InstallShield_{27614800-84A9-484E-9CCB-43ED2F1205F5}" = Chessmaster Grandmaster Edition "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "InstallWIX_{C774410D-3EF9-4DE7-AC01-332613163ECF}" = "InstallWIX_{D0DCD54F-C829-41A5-AF32-71E632BB0E2C}" = "IPP Run-Time 5.3" = IPP Run-Time 5.3 "iVocalize Web Conference 4" = iVocalize Web Conference 4 "jv16 PowerTools 2011" = jv16 PowerTools 2011 "KLiteCodecPack_is1" = K-Lite Codec Pack 2.73 Full "Lexmark S300-S400 Series" = Lexmark S300-S400 Series "LimeWire" = LimeWire PRO 4.12.6 "Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261) "Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281) "MagicDisc 2.7.101" = MagicDisc 2.7.101 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "MCAL Aprop 2 Calculator" = MCALsoft Aprop Calculator(remove only) "Media Player Classic" = Media Player Classic "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime "Miro" = Miro "Monopoly by Parker Brothers" = Monopoly by Parker Brothers "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube "Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US) "MPE" = MyPhoneExplorer "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MsJavaVM" = "Muslim Bag1.47" = Muslim Bag "MyCamera" = Canon Utilities MyCamera "Nero - Burning Rom!UninstallKey" = "Nero8Lite_is1" = Nero 8 Lite 8.3.2.1 "NeroBackItUp!UninstallKey" = "NeroMediaHome!UninstallKey" = "NeroRecode!UninstallKey" = "NeroShowTime!UninstallKey" = "NeroVision!UninstallKey" = "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia Ovi Suite" = Nokia Ovi Suite "Oman Mobile E1550" = Oman Mobile E1550 "Oxelon Media Converter_is1" = Oxelon Media Converter 1.1 "PalTalk8.2" = Paltalk Messenger "PC Pitstop Driver Alert_is1" = PC Pitstop Driver Alert 1.0 "PC Pitstop Optimize_is1" = PC Pitstop Optimize 1.5 "PC Pitstop Optimize2_is1" = PC Pitstop Optimize2 2.0 "pcaColumn v4.00" = "PCHealth" = "PhotoStitch" = Canon Utilities PhotoStitch "PRJPRO" = Microsoft Office Project Professional 2007 "Rainbow Sentinel Driver" = Sentinel System Driver "RealPlayer 12.0" = RealPlayer "Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0 "Skype_is1" = Skype 3.0 "Smart Defrag 2_is1" = Smart Defrag 2 "SpeedBit Video Accelerator" = SpeedBit Video Accelerator "SpeedBit Video Downloader" = SpeedBit Video Downloader "ST6UNST #2" = "Standard Handbook of Architectural Engineering" = Standard Handbook of Architectural Engineering "StreetPlugin" = Learn2 Player (Uninstall Only) "SynTPDeinstKey" = Synaptics Pointing Device Driver "Total Video Converter 3.21_is1" = Total Video Converter 3.21 090220 "VLC media player" = VLC media player 1.1.9 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WIC" = Windows Imaging Component "Windows Doctor_is1" = Windows Doctor 1.7 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinPcapInst" = WinPcap 4.0 "WinRAR archiver" = WinRAR archiver "WinZip" = WinZip "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Word Struck" = Word Struck 1.01 "WordReference Unabridged English Dictionary" = WordReference Unabridged English Dictionary "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "Yahoo! Messenger" = Yahoo! Messenger "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/3/2011 10:35:39 AM \| Computer Name = KHALID \| Source = MsiInstaller \| ID = 10005 Description = Error - 12/3/2011 10:35:41 AM \| Computer Name = KHALID \| Source = MsiInstaller \| ID = 10005 Description = Error - 12/3/2011 11:10:41 AM \| Computer Name = KHALID \| Source = MatSvc \| ID = 262159 Description = The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422 . Error - 12/3/2011 11:10:58 AM \| Computer Name = KHALID \| Source = Microsoft Fax \| ID = 32063 Description = Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error - 12/3/2011 12:46:32 PM \| Computer Name = KHALID \| Source = MatSvc \| ID = 262159 Description = The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422 . Error - 12/3/2011 2:33:15 PM \| Computer Name = KHALID \| Source = Microsoft Fax \| ID = 32063 Description = Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error - 12/3/2011 2:52:57 PM \| Computer Name = KHALID \| Source = Windows Search Service \| ID = 3100 Description = Unable to initialize the filter host process. Terminating. Details: This operation returned because the timeout period expired. (0x800705b4) Error - 12/3/2011 2:59:45 PM \| Computer Name = KHALID \| Source = Microsoft Fax \| ID = 32063 Description = Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error - 12/3/2011 3:07:47 PM \| Computer Name = KHALID \| Source = Microsoft Fax \| ID = 32063 Description = Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error - 12/3/2011 3:30:11 PM \| Computer Name = KHALID \| Source = Microsoft Fax \| ID = 32063 Description = Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. [ System Events ] Error - 12/3/2011 3:26:05 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7001 Description = The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: %%31 Error - 12/3/2011 3:26:05 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7001 Description = The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: %%31 Error - 12/3/2011 3:26:05 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7001 Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 Error - 12/3/2011 3:26:05 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7001 Description = The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 Error - 12/3/2011 3:26:05 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: AFD APPDRV Fips intelppm IPSec kl2 KLIF MRxSmb NetBIOS NetBT ohci1394 RasAcd Rdbss SASDIFSV SASKUTIL sptd Tcpip Tcpip6 WS2IFSL Error - 12/3/2011 3:26:15 PM \| Computer Name = KHALID \| Source = DCOM \| ID = 10005 Description = DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 12/3/2011 3:26:16 PM \| Computer Name = KHALID \| Source = DCOM \| ID = 10005 Description = DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 12/3/2011 3:27:39 PM \| Computer Name = KHALID \| Source = DCOM \| ID = 10005 Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 12/3/2011 3:30:12 PM \| Computer Name = KHALID \| Source = Service Control Manager \| ID = 7000 Description = The hl_mull service failed to start due to the following error: %%1369 Error - 12/3/2011 3:31:37 PM \| Computer Name = KHALID \| Source = DCOM \| ID = 10016 Description = The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. [ TuneUp Events ] Error - 11/26/2009 7:07:08 AM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/4/2009 4:24:46 PM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/5/2009 6:10:36 AM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/9/2009 7:58:53 AM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/9/2009 10:10:03 PM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/10/2009 6:23:56 AM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/13/2009 1:58:23 PM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/13/2009 2:00:29 PM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/13/2009 3:20:00 PM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description = Error - 12/16/2009 10:44:42 AM \| Computer Name = KHALID \| Source = TuneUp Program Statistics \| ID = 131840 Description =
	to forum · permalink · 2011-12-08 07:10:12 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51 Reviews: ·Comcast Host: TV over IP Software RCN Inside Insight Team Discovery	said by archeng: Thanks a lot lilihuricane for your quick response and sorry for attaching the logs instead posting them. That was totally unintentional. No worries Thanks for adding in the last log. LoPhatPhuud will review soon. -- ~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
	to forum · permalink · 2011-12-08 07:11:27 ·
lilhurricane Crunchin' For Cures Premium,Mod join:2003-01-11 Purple Zone kudos:51	reply to archeng Re: Infected Computer, please help Be aware..there might be a slight post display.. Give it a few moments, some posts need review before showing
	to forum · permalink · 2011-12-08 07:15:07 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to archeng Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found. You find link(s) and instructions here: »Security Cleanup FAQ »Rootkit Detection Applications -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-12-08 12:12:54 ·
archeng join:2011-12-08	Thanks a lot LoPhatPhuud. really appreciate the help. Here is the log: Sophos Anti-Rootkit Version 1.5.4 (c) 2009 Sophos Plc Started logging on 12/8/2011 at 21:22:53 PM User "KHALID82" on computer "KHALID" Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32 Info: Starting process scan. Info: Starting registry scan. Info: Starting disk scan of C: (NTFS). Hidden: file C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1001\A0271546.exe Hidden: file C:\Program Files\Nitro PDF\Professional\NitroPDF.exe Hidden: file C:\Program Files\MagicISO\MagicISO.exe.BAK Hidden: file C:\WINDOWS\system32\drivers\sptd9101.sys Hidden: file C:\WINDOWS\system32\drivers\sptd.sys Hidden: file C:\Program Files\Participatory Culture Foundation\Miro\ffmpeg2theora.exe Hidden: file C:\HaspEmulPE.XP\HaspEmulPE.exe Hidden: file C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe Hidden: file C:\Program Files\Common Files\Microsoft Shared\OFFICE12\1033\MSOINTL.DLL Hidden: file C:\WINDOWS\$hf_mig$\KB978207-IE8\SP3QFE\ieframe.dll Hidden: file C:\dell\drivers\R140135\3100_216\Win64\instmsia.exe Hidden: file C:\dell\drivers\R140135\3100_216\Win64\instmsiw.exe Hidden: file C:\Autodesk\Autodesk_Revit_Structure_2012_English_Win_32-64bit\x64\RST2012\Program Files\Autodesk Shared\Extensions 2012\Framework\Components\AREXContentGenerator\hu-HU\REX.ContentGenerator.Resources.dll Hidden: file C:\Program Files\Common Files\Nero\AdvrCntr4\AdvrCntr4.dll Hidden: file C:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe Hidden: file C:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe Hidden: file C:\Program Files\Nero\Nero 9\Nero SoundTrax\SoundTrax.exe Hidden: file C:\Program Files\Nero\Nero 9\Nero Recode\Recode.exe Hidden: file C:\Program Files\Nero\Nero 9\Nero ShowTime\ShowTime.exe Hidden: file C:\Program Files\Nero\Nero ControlCenter 4\ncc.exe Hidden: file C:\Program Files\Muslim Bag\Mushaf.exe Hidden: file C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe Hidden: file C:\Program Files\Common Files\Autodesk Shared\Shell\AdpWShellExt.dll Hidden: file C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL Info: Starting disk scan of F: (NTFS). Hidden: file F:\EVERYTHING1\EVERYTHING\tedds v10\Modules\ISSetupPrerequisites\TEDDS\dotnetfx20.exe Hidden: file F:\EVERYTHING1\EVERYTHING\Misc\Monopoly\MonopolyPBInstall.exe Hidden: file F:\EVERYTHING1\EVERYTHING\GAMES\Sudoku\GameHouse Sudoku FULL\GameHouse Sudoku FULL\SudokuInstall.exe Hidden: file F:\EVERYTHING1\EVERYTHING\GAMES\Chess\ChessMaster-By MYTH\Register\register\schedule.exe Hidden: file F:\EVERYTHING1\EVERYTHING\Engineering Folders\Misc. Eng\pcaColumnInstall.exe Hidden: file F:\EVERYTHING1\EVERYTHING\Engineering Folders\Comp\Adobe Photoshop CS3 Extended + Crack\Crack\Photoshop.exe Hidden: file F:\EVERYTHING1\3DTutorial_1.exe Hidden: file F:\EVERYTHING1\3DTutorial_2.exe Hidden: file F:\EVERYTHING1\autodesk 2012 keygen xforce x32 & x64\x-force_2012_x32.exe Hidden: file F:\EVERYTHING1\autodesk 2012 keygen xforce x32 & x64\x-force_2012_x64.exe Hidden: file F:\EVERYTHING1\ORION 16\CSCInstaller.exe Hidden: file F:\EVERYTHING1\ORION 16\Support\HASP\haspdinst.exe Hidden: file F:\EVERYTHING1\ORION 16\Support\HASP\lmsetup.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Complex_Geometry.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Design_Drafting.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Flat_Slab.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Foundations.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Loading_Analysis.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Modelling.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Quantities.exe Hidden: file F:\EVERYTHING1\ORION VIDEO TUTORIALS\Orion151_Revit_Integration.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Changes.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Complex_Geometry.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Design_Drafting.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Flat_Slab.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Foundations.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Loading_Analysis.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Modelling.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Quantities.exe Hidden: file F:\ORION 15\ORION INSTALLATION AND TUTORIALS\Orion151_Revit_Integration.exe Hidden: file F:\EVERYTHING\NokiaSoftwareUpdaterSetup_en.exe Hidden: file F:\EVERYTHING\softwares\AutoCAD2007TrialInstallImage\Bin\acadFeui\Program Files\Root\AcMPolygonObj17enuRes.dll Hidden: file F:\EVERYTHING\Magic.ISO.5.3.Incl.Keygen_zZoooZz\Setup\MagicISO-5.-3.221.exe Hidden: file F:\ORION 16\Support\HASP\haspdinst.exe Hidden: file F:\Orion Learning Resources\Orion151_Foundations.exe Hidden: file F:\Orion Learning Resources\Orion151_Loading_Analysis.exe Hidden: file F:\Orion Learning Resources\Orion151_Modelling.exe Hidden: file F:\Orion Learning Resources\Orion151_Quantities.exe Hidden: file F:\ORION VIDEO TUTORIALS\Orion151_Complex_Geometry.exe Hidden: file F:\ORION VIDEO TUTORIALS\Orion151_Design_Drafting.exe Hidden: file F:\ORION VIDEO TUTORIALS\Orion151_Flat_Slab.exe Hidden: file F:\ORION VIDEO TUTORIALS\Orion151_Revit_Integration.exe Stopped logging on 12/9/2011 at 0:50:13 AM
	to forum · permalink · 2011-12-08 21:26:41 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to archeng The logs are not showing any remaining exploits. The were some in the Restore area, but we'll reset that as part of the final process. Most likely you got the infections from 'Extended Trial' software. Perhaps you may want to consider avoiding it in the future. One more check to sure... Download ComboFix from one of these locations: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.infospyware.net/antimalware/combofix/ * IMPORTANT !!! Save ComboFix.exe to your Desktop []Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools []Double click on ComboFix.exe & follow the prompts. []As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. []Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt** in your next reply. Notes: 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Give it at least 20-30 minutes to finish if needed. -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-12-09 11:49:07 ·

archeng join:2011-12-08 1 edit	ComboFix 11-12-09.02 - KHALID82 12/09/2011 21:56:48.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.2046.1231 [GMT 4:00] Running from: c:\documents and settings\KHALID82\Desktop\ComboFix.exe AV: Kaspersky Internet Security Disabled/Updated {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security Disabled {2C4D4BC6-0793-4956-A9F9-E252435469C0} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\runauto.. c:\windows\system32\default_user_class.dat.LOG F:\autorun.inf . . ((((((((((((((((((((((((( Files Created from 2011-11-09 to 2011-12-09 ))))))))))))))))))))))))))))))) . . 2011-12-08 17:22 . 2011-12-08 17:22 -------- d-----w- c:\program files\Sophos 2011-12-08 02:02 . 2011-12-08 02:02 -------- d-----w- c:\windows\system32\drivers\NSS 2011-12-08 02:02 . 2011-12-08 02:02 -------- d-----w- c:\program files\Norton Security Scan 2011-12-08 02:02 . 2011-12-08 02:02 -------- d-----w- c:\program files\NortonInstaller 2011-12-04 17:43 . 2011-12-04 17:43 -------- d-----w- c:\documents and settings\KHALID82\Local Settings\Application Data\Sun 2011-12-04 17:42 . 2011-12-04 17:42 128000 ----a-w- c:\windows\system32\javacpl.cpl 2011-12-03 18:15 . 2011-12-07 20:01 -------- d-----w- C:\MGtools 2011-12-03 10:32 . 2011-12-03 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup 2011-12-03 02:14 . 2011-12-03 02:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint 2011-12-02 18:44 . 2011-12-02 18:44 -------- d-----w- c:\program files\Kaspersky Lab 2011-11-30 07:29 . 2011-11-30 07:29 -------- d-----w- c:\documents and settings\KHALID82\Application Data\f-secure 2011-11-30 07:29 . 2011-11-30 07:29 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2011-11-30 05:44 . 2011-12-08 01:54 -------- d-----w- c:\documents and settings\KHALID82\Application Data\QuickScan 2011-11-28 11:36 . 2011-11-28 11:36 -------- d-----w- c:\documents and settings\KHALID82\Local Settings\Application Data\Mozilla 2011-11-19 19:02 . 2011-11-19 19:02 -------- d-----w- c:\program files\McGraw-Hill 2011-11-19 19:02 . 2011-11-19 19:02 -------- d-----w- C:\Acrobat3 2011-11-18 14:35 . 2011-11-18 14:35 -------- d-----w- c:\documents and settings\KHALID82\Application Data\ElevatedDiagnostics 2011-11-18 14:29 . 2011-11-18 14:29 -------- d-----w- C:\MATS 2011-11-17 18:49 . 2011-11-17 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe 2011-11-17 18:45 . 2011-11-17 18:45 -------- d-----w- c:\program files\Adobe Media Player 2011-11-16 19:57 . 2011-11-16 19:57 -------- d-----w- c:\program files\MSXML 6.0 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll 2011-11-16 14:42 . 2011-11-16 14:42 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll 2011-11-16 14:30 . 2011-11-16 14:30 -------- d-----w- c:\program files\iPod 2011-11-16 14:30 . 2011-11-16 14:32 -------- d-----w- c:\program files\iTunes 2011-11-15 14:43 . 2011-11-15 14:43 22 --sha-w- c:\documents and settings\KHALID82\Application Data\Sys2662.Config.Repository.bin 2011-11-15 14:40 . 2011-11-15 14:43 -------- d-----w- c:\program files\jv16 PowerTools 2011 2011-11-15 11:47 . 2011-11-15 11:47 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-11-14 17:44 . 2011-11-27 21:31 -------- d-----w- C:\RISADemo 2011-11-10 06:49 . 2011-12-03 18:36 -------- d-----w- c:\documents and settings\KHALID82\Local Settings\Application Data\Akamai . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-04 17:42 . 2011-08-03 14:30 544656 -c--a-w- c:\windows\system32\deployJava1.dll 2011-12-03 18:22 . 2011-12-03 18:15 293178 ----a-w- C:\MGlogs.zip 2011-11-30 05:38 . 2011-07-20 18:16 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-24 10:29 . 2011-10-24 10:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 10:29 . 2011-10-24 10:29 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-10-15 18:25 . 2007-05-30 14:09 458752 ----a-w- c:\windows\system32\LiveUpdate.dll 2011-10-15 18:25 . 2007-05-30 14:09 708608 ----a-w- c:\windows\system32\Resecure60.dll 2011-10-15 18:25 . 2007-05-30 14:09 1290240 ----a-w- c:\windows\system32\NGWinSys.dll 2011-10-10 14:22 . 2005-08-16 10:40 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06 . 2005-08-16 10:18 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 07:41 . 2010-03-18 06:09 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 07:41 . 2005-08-16 10:18 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 07:41 . 2005-08-16 10:18 20480 -c--a-w- c:\windows\system32\oleaccrc.dll 2011-11-21 04:04 . 2011-11-28 11:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-11-18 08:58 333192 -c--a-w- c:\program files\AskBarDis\bar\bin\askBar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192] . [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192] . [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lxeamon.exe"="c:\program files\Lexmark S300-S400 Series\lxeamon.exe" [2010-05-05 770728] "EzPrint"="c:\program files\Lexmark S300-S400 Series\ezprint.exe" [2010-05-05 148280] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-09 761947] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-08-04 1032192] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] "Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2008-04-29 210208] "avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Al-Ufuq Internet Timer.LNK] backup=c:\windows\pss\Al-Ufuq Internet Timer.LNKCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Clearblue.lnk] backup=c:\windows\pss\Clearblue.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk] backup=c:\windows\pss\Windows Search.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^FAMILY^Start Menu^Programs^Startup^BitComet Acceleration Patch.lnk] backup=c:\windows\pss\BitComet Acceleration Patch.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^KHALID82^Start Menu^Programs^Startup^MagicDisc.lnk] backup=c:\windows\pss\MagicDisc.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^KHALID82^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 08:55 937920 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-05 17:04 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 2010-03-05 23:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] 2010-02-22 00:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface] 2011-11-11 21:48 3303000 ----a-w- c:\documents and settings\KHALID82\Local Settings\Application Data\Akamai\netsession_win.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2011-11-02 03:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-11-01 19:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-03-18 07:19 207360 -c--a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client] 2008-02-14 08:41 3165920 -c--a-w- c:\program files\Babylon\Babylon-Pro\Babylon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CalibrizeResume] 2007-11-26 12:40 413696 -c--a-w- c:\program files\Calibrize\CalibrizeResume.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CGFLoader] 2007-11-26 12:39 1961984 -c--a-w- c:\program files\Calibrize\CalibrizeLoader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2008-11-08 08:47 133104 -c--atw- c:\documents and settings\KHALID82\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] 2007-01-01 21:22 3739648 -c--a-w- c:\program files\Google\Google Talk\googletalk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 07:44 31072 -c--a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hiyo] 2010-06-26 17:58 255344 -c--a-w- c:\program files\HiYo\Bin\HiYo.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] 2006-07-11 10:06 3144800 -c--a-w- c:\program files\ICQLite\ICQLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] 2010-05-21 09:40 324976 -c--a-w- c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-11-12 20:24 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2011-06-16 03:55 6276408 -c--a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold] 2003-09-10 08:24 20480 -c----w- c:\program files\NetWaiting\netwaiting.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 -c----w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2011-11-02 20:11 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] 2010-02-24 17:17 385928 -c--a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] 2009-03-05 12:07 2260480 -csha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler] 2007-09-25 11:03 93208 -c--a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-07-11 10:18 68856 -c--a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-08-03 14:42 273544 -c--a-w- c:\program files\real\realplayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wltrysvc"=2 (0x2) "Viewpoint Manager Service"=2 (0x2) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "Adobe Reader Speed Launcher"=c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Documents and Settings\\KHALID82\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "24751:TCP"= 24751:TCP:BitComet 24751 TCP "24751:UDP"= 24751:UDP:BitComet 24751 UDP . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2/17/2011 1:46 PM 14776] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/29/2006 4:32 PM 642560] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [12/3/2011 9:25 AM 17904] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [3/4/2011 1:23 PM 11352] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 8:27 PM 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/13/2011 1:55 AM 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/12/2011 3:38 AM 116608] R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [12/3/2011 9:25 AM 2996784] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/16/2005 2:18 PM 14336] R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?] R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [11/3/2011 11:36 PM 193192] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [5/7/2010 12:06 PM 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [5/16/2009 8:59 PM 19472] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/14/2011 9:22 PM 136176] S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?] S2 hl_mull;hl_mull;c:\windows\system32\drivers\HL_MULL.SYS [7/27/2008 1:47 AM 61376] S3 a2acc;a2acc;c:\program files\Emsisoft Anti-Malware\a2accx86.sys [12/3/2011 9:25 AM 51632] S3 bepldr;BCL easyPDF SDK 5 Loader;c:\program files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe [2/11/2008 11:58 AM 151552] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/14/2011 9:22 PM 136176] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [5/10/2008 6:03 PM 58288] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [5/10/2008 6:03 PM 8336] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [5/10/2008 6:03 PM 94064] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [5/10/2008 6:03 PM 85408] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [5/10/2008 6:03 PM 83344] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [11/17/2008 8:05 AM 195752] S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [6/13/2011 10:09 PM 267568] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\AA.tmp --> c:\windows\system32\AA.tmp [?] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6/9/2010 7:30 PM 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6/9/2010 7:30 PM 8320] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/25/2007 9:31 PM 42000] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 5:51 PM 4096] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504] . --- Other Services/Drivers In Memory --- . Deregistered - uphcleanhlp . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contents of the 'Scheduled Tasks' folder . 2011-12-08 c:\windows\Tasks\AdobeAAMUpdater-1.0-KHALID-KHALID82.job - c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-11-17 23:44] . 2011-11-30 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 13:57] . 2011-12-09 c:\windows\Tasks\ConfigExec.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 18:09] . 2011-12-09 c:\windows\Tasks\DataUpload.job - c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 18:09] . 2011-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-14 17:22] . 2011-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-14 17:22] . 2011-12-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1605582275-3857380357-824892274-1009Core.job - c:\documents and settings\KHALID82\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-08 08:47] . 2011-12-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1605582275-3857380357-824892274-1009UA.job - c:\documents and settings\KHALID82\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-08 08:47] . 2011-12-08 c:\windows\Tasks\Norton Security Scan for KHALID82.job - c:\progra~1\NORTON~2\Engine\361~1.11\Nss.exe [2011-12-08 07:47] . 2011-12-09 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 13:04] . 2011-12-09 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 13:04] . 2011-12-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1605582275-3857380357-824892274-1009.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 06:47] . 2011-11-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1605582275-3857380357-824892274-1009.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 06:47] . 2010-01-10 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-10-06 11:31] . 2011-12-09 c:\windows\Tasks\User_Feed_Synchronization-{0ABCA13D-15FD-410C-B075-C625424017B3}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 00:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = »login.live.com/ppsecure/sha1auth.srf?lc=1033 uInternet Settings,ProxyOverride = local;.local IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm IE: Search the Web IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} TCP: DhcpNameServer = 192.168.1.1 DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab FF - ProfilePath - c:\documents and settings\KHALID82\Application Data\Mozilla\Firefox\Profiles\82xg2xzo.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 9666 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 9050 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 9666 FF - prefs.js: network.proxy.type - 0 FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-DriverMax - c:\program files\Innovative Solutions\DriverMax\devices.exe MSConfigStartUp-DriverMax_RESTART - c:\program files\Innovative Solutions\DriverMax\devices.exe MSConfigStartUp-DriverUpdaterPro - c:\program files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe MSConfigStartUp-FreeCall - c:\program files\FreeCall.com\FreeCall\FreeCall.exe MSConfigStartUp-oovoo - c:\program files\ooVoo\oovoo.exe MSConfigStartUp-PC Pitstop Optimize Scheduler - c:\program files\PCPitstop\Optimize\PCPOptimize.exe MSConfigStartUp-PC Pitstop Optimize2 Reminder - c:\program files\PCPitstop\Optimize2\Reminder.exe MSConfigStartUp-SpeedBitVideoAccelerator - c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, »www.gmer.net Rootkit scan 2011-12-09 22:42 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai] "ServiceDll"="c:\program files\common files\akamai/netsession_win_d768ebc.dll" . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\AA.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1605582275-3857380357-824892274-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9B0AED70-1173-8E81-C043-90407C2631DD}] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "jabocjfbecblmeonnpjb"=hex:62,61,6e,68,00,00 "jabocjfbecblmeonnpnp"=hex:62,61,68,69,00,00 "iabpgfncdelccpefnk"=hex:6b,61,63,69,66,69,62,67,6a,69,6f,6b,65,6f,6f,64,70,66, 6a,69,65,6e,00,00 "hapoadaipimplljf"=hex:6b,61,63,69,66,69,62,67,6a,69,6f,6b,65,6f,6f,64,62,66, 63,61,62,6f,00,00 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(404) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(1648) c:\windows\system32\WININET.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\program files\Stardock\Fences\FencesMenu.dll c:\program files\stardock\fences\DesktopDock.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll c:\program files\SUPERAntiSpyware\SASSEH.DLL c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre7\bin\jqs.exe c:\windows\system32\lxeacoms.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\program files\UPHClean\uphclean.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\SearchIndexer.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\WgaTray.exe c:\windows\system32\wscntfy.exe c:\windows\system32\dllhost.exe c:\windows\eHome\ehmsas.exe c:\windows\system32\rundll32.exe . ************************************************************************* . Completion time: 2011-12-09 23:06:15 - machine was rebooted ComboFix-quarantined-files.txt 2011-12-09 19:06 ComboFix2.txt 2011-12-03 16:56 . Pre-Run: 59,593,285,632 bytes free Post-Run: 59,555,663,872 bytes free . - - End Of File - - 6FEF7AE579D070A0406C0CF8E1541DC2 May I add one more thing.. I went to this website before I came here and I ran Hijackthis then pasted results there. According to that, it showed my computer is infected. On startup programs, I found this one which I did not know what it was: uninst.bat?! Any idea?
	to forum · permalink · 2011-12-09 15:05:39 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to archeng First: If you honestly believe that sites which offer to interpet HJT logs for you are accurate and valid, I have a bridge you can buy cheap. In simple terms, they are worthless. Second: Please go to »www.virustotal.com/ Press the 'Browse' button to the right of the yellow box. Navigate to the file(s) listed below, one at a time (if more than one file). Press the 'Open' button in the file dialog box or double click on the file name. The file name and path should appear in the yellow box. c:\windows\system32\AA.tmp Click on the Send File button Note: If you can't find the file, let me know in your next post. Once the Scan is completed, a Web page will open with the scan results. Copy and paste the address of that webpage from the address bar of your browser into your next post in this thread. Note that you can also copy and paste the contents of the webpage if you find that easier. If the file has been previously scanned, the results webpage will show: "File has already been submitted:" Press the "View Last Report" button then copy and paste the address of that webpage from the address bar of your browser into your next post in this thread. If there is more than one file listed for scanning, press the Another File button at the bottom of the page. Repeat this procedure until all files listed have been scanned. -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-12-09 16:56:35 ·
archeng join:2011-12-08	I could not find that file!! Any suggestions?!
	to forum · permalink · 2011-12-09 21:48:50 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to archeng Thanks. As long as the file is gone. I half expected it would not be there,. but if it was, it needed to be checked. The logs are all good. Any remaining symptoms? You may want to do a full scan with your antivirus and post back here with the results. -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-12-10 11:22:43 ·
archeng join:2011-12-08	Thanks a lot for your great help.. It seems to be running well now. I ran full scan which took soooooo looong and found 2 things and fixed them.. What do I do now to clean downloaded programs?
	to forum · permalink · 2011-12-12 10:41:54 ·

Broadband Tech > Security > Security Cleanup > Infected Computer, please help

OTL

Sec Check

ESET

Re: Infected Computer, please help

Re: Infected Computer, please help