Avast WEBforum
Other => Viruses and worms => Topic started by: Mirek on July 04, 2010, 09:28:59 PM
-
I reset my PC last night and now Avast antivirus won't run. I have a red cross over the orange icon in my tray. Task Mng doesn't show any Avast processes. Tried to "Open" and "Run as" but in both cases I get "Program not responding". Update from Control Panel did not helped. I am running Win xp pro and Avast antivirus version 5.0.594. Please advice. Thanks, Mirek
-
Try avast repair and reboot
For a repair of avast. Windows, Add Remove programs, select 'avast! Anti-Virus,' click the Change/Remove button from the pop-up window, scroll down to Repair, click next and follow.
-
may you have malwares disable avast!,so do the following to ensure your system is clean
1.clear your temp files:http://www.piriform.com/ccleaner (http://www.piriform.com/ccleaner)
2.do a dr.web cure it scan:http://www.freedrweb.com/cureit/?lng=en (http://www.freedrweb.com/cureit/?lng=en)
3.scan your system for rootkits:http://www.usec.at/rootkit.html (http://www.usec.at/rootkit.html)
4.scan with mbam:http://www.malwarebytes.org/mbam.php (http://www.malwarebytes.org/mbam.php)
5.post a Hijack Hunter log in this topic:http://www.novirusthanks.org/products/hijack-hunter/ (http://www.novirusthanks.org/products/hijack-hunter/)
6.wait until we help you and make a threat killer script for you
-
Pondus,
Thanks for the idea but that did not helped either. Will try suggestion from Superhacker.
-
Due to a post size limitation, I have to post several messages with the logs.
I ran all the programs suggested above.
No viruses found. USEC Radix have to run separate scan of Hidden Files. Found and deleted 2 recipe files. After that PC locked up so I did have to do hard reset. Malwarebytes did not find anything. Here is the Hijack Hunter log.
Thanks for advice.
Mirek
Hijack Hunter 1.8.2.0
http://www.novirusthanks.org
Log created on 7/6/2010 at 7:36:05 PM
Operating System: Microsoft Windows XP Service Pack 3 32-bit OS
Build Version: 2600.xpsp_sp3_gdr.090804-1435
Internet Explorer: 7.0.5730.13
System Folder: C:\WINDOWS\system32
C:\WINDOWS\system32\ZoneLabs\vsmon.exe (2435592 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:07 AM) (--A-) (589a8b75fd731f8e186292275f3f3692)
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (1029456 bytes) (Lavasoft) (1/18/2009
3:34:37 PM) (--A-) (b30f37242dd1c640dd5c770ff5b378ae)
C:\WINDOWS\system32\DRIVERS\dcfssvc.exe (126526 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (9fbcc5c671011e406941f5d2008bea87)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (73728 bytes) (Hewlett-Packard Company)
(2/26/2008 4:13:22 PM) (--A-) (984ecb68ed2a2b2e6a544e87e24fba2d)
C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe (36864 bytes) (Unknown)
(10/29/2005 3:33:08 PM) (----) (e1855061710a925032249539f3f1a73d)
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (524632 bytes) (Lavasoft) (1/18/2009 3:34:48
PM) (--A-) (6f8f0ef862c6f67a09674620b7f5f418)
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe (2837864 bytes) (AVAST Software) (6/18/2010 1:54:53
PM) (--A-) (38ae7a942fc3fab1c6a27eb65de8f827)
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (1043968 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (--A-) (0d2f62c6e2e9bd508f7bf2e6c8ba176d)
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (2289664 bytes)
(Hewlett-Packard Company) (2/26/2008 4:08:32 PM) (--A-) (6cf023f0a798c56599b8ea9ff9f083a0)
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\Bin\HPOstr05.exe (1175552 bytes)
(Hewlett-Packard Co.) (5/2/2008 12:31:35 AM) (--A-) (f8578193d3f323934af37189ff50b939)
C:\Program Files\TechSmith\SnagIt 6\SnagIt32.exe (2068480 bytes) (TechSmith Corporation)
(10/29/2005 3:37:20 PM) (--A-) (1ea796b1b4e869c7fc89dc794e0ff555)
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\bin\HPOVDX05.EXE (81920 bytes)
(Hewlett-Packard Co.) (5/2/2008 12:31:35 AM) (--A-) (55567ce85bcae9c391117e333594eb51)
C:\WINDOWS\system32\hpoipm07.exe (57344 bytes) (HP) (5/2/2008 12:31:34 AM) (--A-)
(3db7f4db1cc7af93c08e07100d523bad)
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE (10737480 bytes) (Microsoft
Corporation) (9/30/2009 3:21:14 PM) (--AR) (e57208c65bba06f8873bacca803bb92e)
C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (626176 bytes) (NoVirusThanks
Company Srl) (7/6/2010 7:32:33 PM) (--A-) (cbcb938e63b44da19d1d086cfafc7c00)
C:\WINDOWS\system32\WgaLogon.dll (239496 bytes) (Microsoft Corporation) (9/5/2008 11:30:42
PM) (--A-) (02cf580510234e519736559a7f19ea20)
C:\WINDOWS\system32\msacm32.drv (20480 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (9a3bd5f55aadff859539142f6328a66e)
C:\WINDOWS\system32\imaadp32.acm (16384 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (577e496f0d41411bf149394d80959d53)
C:\WINDOWS\system32\msadp32.acm (14848 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (c5648be5409e0aabda8c9047bac8f603)
C:\WINDOWS\system32\msg711.acm (9216 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (33271a2667334b9a8842c65a079ef375)
C:\WINDOWS\system32\msgsm32.acm (19968 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (3a9846e207dafc13009c048a2f6f8c2a)
C:\WINDOWS\system32\tssoft32.acm (8192 bytes) (DSP GROUP, INC.) (8/4/2004 6:00:00 AM) (--A-)
(e8cd0d7e169ecce2d4fd829daab786ed)
C:\WINDOWS\system32\msg723.acm (118784 bytes) (Microsoft Corporation) (2/16/2008 3:27:10 PM)
(--A-) (b87f759738c52e8d6fbcdaaa84c6486f)
C:\WINDOWS\system32\msaud32.acm (282654 bytes) (Microsoft Corporation) (8/4/2004 6:00:00 AM)
(--A-) (55aeea66c5e84e3fd6cd3e933397d478)
C:\WINDOWS\system32\sl_anet.acm (86016 bytes) (Sipro Lab Telecom Inc.) (8/4/2004 6:00:00 AM)
(--A-) (0dbb250a89e2e1c9281009ac269f0805)
C:\WINDOWS\system32\iac25_32.ax (199680 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (-
-A-) (877c90686858d899b042bba45e9b7f2c)
C:\WINDOWS\system32\l3codeca.acm (290816 bytes) (Fraunhofer Institut Integrierte Schaltungen
IIS) (8/4/2004 6:00:00 AM) (--A-) (452705ac9e4c0dde91a61f0e02292423)
C:\WINDOWS\AppPatch\AcAdProc.dll (39424 bytes) (Microsoft Corporation) (3/1/2008 5:05:33 PM)
(--A-) (ea9ee60b408878e5f2012f9c783836db)
C:\WINDOWS\system32\Normaliz.dll (23552 bytes) (Microsoft Corporation) (6/29/2006 10:05:44
AM) (--A-) (10753a3adc3e39a3b10cc3f08e98e6b4)
C:\WINDOWS\system32\iertutil.dll (268288 bytes) (Microsoft Corporation) (8/13/2007 8:34:04
PM) (--A-) (bf7dfad80e6991942d362f71be1ead1f)
C:\WINDOWS\system32\VSDATA.dll (112128 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:51 AM) (--A-) (5a9a0451849497b667f0e15543065437)
C:\WINDOWS\system32\VSINIT.dll (228864 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:48 AM) (--A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b)
C:\WINDOWS\system32\VSUTIL.dll (713728 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:46 AM) (--A-) (30104887d2f952d7640b57f2a03fe6b3)
C:\WINDOWS\system32\ZoneLabs\dbghelp.dll (813568 bytes) (Microsoft Corporation) (1/7/2009
10:23:41 AM) (--A-) (3b5f0bf4125688a531fa21c823ea6193)
C:\WINDOWS\system32\ZoneLabs\icslta.dll (595432 bytes) (Check Point Software Technologies)
(1/7/2009 10:19:48 AM) (--A-) (f2fd4239901a61e876c4f5c33ed520a5)
C:\WINDOWS\system32\ZoneLabs\SSLeay32.dll (434688 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:11 AM) (--A-) (b8625ec124b5b95db5dd1ebae99f9ccc)
C:\WINDOWS\system32\ZoneLabs\vsdb.dll (211456 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:19:50 AM) (--A-) (d1542c1450d8d6f16eabd406483b75aa)
C:\WINDOWS\system32\vsxml.dll (110080 bytes) (Check Point Software Technologies LTD)
-
(1/7/2009 10:23:07 AM) (--A-) (865ca0f8296540ad5c1493ae7fcbe3a8)
C:\WINDOWS\system32\ZoneLabs\fbl.dll (169984 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:38 AM) (--A-) (48a487428d3685f2077250fad279b120)
C:\WINDOWS\system32\vswmi.dll (43008 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:10 AM) (--A-) (dc9af641b6cc3cdd26d571fa8bfab0a1)
C:\WINDOWS\system32\zlcomm.dll (69120 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:35 AM) (--A-) (91192aa3ccd9ab58479f20d5415a43ee)
C:\WINDOWS\system32\ZLCommDB.dll (103936 bytes) (Check Point Software Technologies LTD)
(7/2/2010 4:52:35 AM) (--A-) (ffcf2d668cd1e1a3816fd2b5d3cc78b0)
C:\WINDOWS\system32\ZoneLabs\VSRULEDB.DLL (1790464 bytes) (Check Point Software Technologies
LTD) (1/7/2009 10:23:12 AM) (--A-) (b878b46a658fc2e2b1396f34c9da801c)
C:\WINDOWS\system32\ZoneLabs\vsvault.dll (173056 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:40 AM) (--A-) (04d75fbb76e4bda51a57d60fcbade4b6)
C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll (99328 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:41 AM) (--A-) (84ff6b064a730e55cecf0b70cbcade3d)
C:\WINDOWS\system32\ZoneLabs\qrbase.dll (722392 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:41 AM) (--A-) (9639147d86058dbd944da82edace4279)
C:\WINDOWS\system32\ZoneLabs\scheduler.dll (135680 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:39 AM) (--A-) (23aa080554045624d38f46ab4bfe2f5b)
C:\WINDOWS\system32\ZoneLabs\zlupdate.dll (141824 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:39 AM) (--A-) (d6a2253c5cece39ed4488b398fd4b6b1)
C:\WINDOWS\system32\ZoneLabs\camupd.dll (75776 bytes) (Check Point Software Technologies
LTD) (7/2/2010 4:52:42 AM) (--A-) (11a1a5941d203f5da52ceafea89bb992)
C:\WINDOWS\system32\ieframe.dll (6067200 bytes) (Microsoft Corporation) (8/13/2007 8:54:10
PM) (--A-) (bc88680edb207514d8009bd98761b6bb)
C:\WINDOWS\system32\WPDShServiceObj.dll (133632 bytes) (Microsoft Corporation) (10/18/2006
11:47:22 PM) (--A-) (045e228f71c31901084b64be59093499)
C:\WINDOWS\system32\PortableDeviceTypes.dll (166912 bytes) (Microsoft Corporation)
(10/18/2006 11:47:18 PM) (--A-) (22358578cb321f3325496a3723029409)
C:\WINDOWS\system32\PortableDeviceApi.dll (284160 bytes) (Microsoft Corporation) (10/18/2006
11:47:18 PM) (--A-) (9d45b2201d0ecf9f42136c7b99deb8b2)
C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (89088 bytes)
(Microsoft Corporation) (2/15/2009 5:47:40 PM) (--A-) (eee7f12d9ff46f68fbc0da059a359e9e)
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll (22024 bytes) (Microsoft
Corporation) (7/25/2008 12:16:40 PM) (--A-) (de5003632f20c69a07b8dfbc83f460e4)
C:\WINDOWS\system32\zpeng25.dll (1238528 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:08 AM) (--A-) (2a1f3a456e08e69073f979b2a53b1134)
C:\WINDOWS\system32\VSPUBAPI.dll (302592 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:06 AM) (--A-) (b8387a77ab4b7bccb8f291d335725cc9)
C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd (281600 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:25 AM) (--A-) (2e8d91755727839cb2b27f3036532204)
C:\WINDOWS\system32\ZoneLabs\lib\pyd\_ctypes.pyd (81408 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:26 AM) (--A-) (99cda7006585bbcf9cc7e5981e4b3e00)
C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd (135168 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:25 AM) (--A-) (f85cb596820e9cc90a408a3f4f7fa2fb)
C:\WINDOWS\system32\vsmonapi.dll (108032 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:05 AM) (--A-) (dc7fb9c4d92a9b1c7b94b4d46dd51435)
C:\WINDOWS\system32\ZoneLabs\FFApi.dll (284136 bytes) (Check Point Software Technologies)
(7/2/2010 4:52:44 AM) (--A-) (1e2ff2dab11e82e758fd83df83f7c600)
C:\WINDOWS\system32\HPOMem05.dll (40448 bytes) (Hewlett-Packard Co.) (5/2/2008 12:31:47 AM)
(--A-) (ad1ebc05039c04472b357ff89f901cb1)
C:\WINDOWS\system32\HPOCNT05.dll (118784 bytes) (Unknown) (5/2/2008 12:31:47 AM) (--A-)
(c8df6ce06aa90bf61f922ed24b1dcdb1)
C:\WINDOWS\system32\hpoidr07.dll (73728 bytes) (HP) (2/17/2008 1:28:05 AM) (--A-)
(b43e6ad2bd7f22e6fdbf749fb292e909)
C:\WINDOWS\system32\hpoipr07.dll (53248 bytes) (HP) (5/2/2008 12:31:34 AM) (--A-)
(3b2ab41c33433590243111f223d159a4)
C:\WINDOWS\system32\hpotap05.dll (40960 bytes) (Hewlett-Packard Co.) (5/2/2008 12:31:39 AM)
(--A-) (0cee07e854f8cd707f28a825c99d0dd5)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpoui05.DLL (407044 bytes) (Unknown) (10/24/2001
1:03:20 PM) (--A-) (043e46f254971dd9ea4423ed6709f12f)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOWIN05.dll (221184 bytes) (Unknown) (10/24/2001
1:03:20 PM) (--A-) (870643e3d01ee20cbfad500c72e952f1)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOCNT05.dll (118784 bytes) (Unknown) (10/24/2001
1:03:20 PM) (--A-) (c8df6ce06aa90bf61f922ed24b1dcdb1)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOMON05.dll (49152 bytes) (Unknown) (10/24/2001
1:03:20 PM) (--A-) (29ffbace6f4613a7a97d128c49c1e82b)
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPOSRL05.DLL (389120 bytes) (Unknown) (10/24/2001
1:03:18 PM) (--A-) (bc565ed415a08b12e9884ac3ed6907f8)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpontu05.DLL (213820 bytes) (Hewlett-Packard
Company) (10/24/2001 1:03:20 PM) (--A-) (b73327c232fe2a0e23f839c4911b02ce)
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPOrsu05.dll (36864 bytes) (Unknown) (10/24/2001
1:03:20 PM) (--A-) (845f9232357dad3af0c1757c20bedb55)
C:\WINDOWS\system32\SFMAN32.DLL (51200 bytes) (Creative Technology Ltd.) (2/16/2008 7:06:18
AM) (--A-) (235781d67706e492073363e587d3b4de)
C:\WINDOWS\system32\wpdshext.dll (2603008 bytes) (Microsoft Corporation) (10/18/2006
11:47:22 PM) (--A-) (81d2a27c916c7830743e4afa454099f7)
C:\WINDOWS\system32\Audiodev.dll (276992 bytes) (Microsoft Corporation) (10/18/2006 11:47:08
PM) (--A-) (4c48f1b30a82583caee0da02dd7259ee)
Value: Ad-Watch
Data: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: avast5
Data: C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: Adobe Reader Speed Launcher
Data: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: Adobe ARM
Data: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: ZoneAlarm Client
-
Data: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: ctfmon.exe
Data: C:\WINDOWS\system32\ctfmon.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: SpybotSD TeaTimer
Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: LightScribe Control Panel
Data: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: AnyDVD
Data: C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: 1ciVoi103M
Data: C:\Documents and Settings\All Users.WINDOWS\Application Data\xuxudele\tkdyhqbm.exe
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
Value: StubPath
Data: C:\WINDOWS\system32\ieudinit.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-
0ee0-4f90-8827-78cefb8f4988}
Value: StubPath
Data: "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9
-4558-ABDC-2AB1552D831F}
Value: StubPath
Data: rundll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355
-4c82-8c07-7e181ea07608}
Value: {00C6482D-C502-44C8-8409-FCE54AD9C208}
Data: C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}
Value: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Data: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Value: {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Data: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Data: C:\Program Files\Java\jre6\bin\ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Value: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Data: C:\Program Files\Java\jre6\bin\jp2ssv.dll
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
Value: WPDShServiceObj
Data: C:\WINDOWS\system32\WPDShServiceObj.dll
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Value: DllName
Data: WgaLogon.dll
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP OfficeJet T
Series Startup.lnk (987 bytes) (Unknown) (5/2/2008 12:31:48 AM) (----)
(05eb0c9551b2357c4ff43b42146ecae5)
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
(1730 bytes) (Unknown) (2/17/2008 12:33:40 PM) (--A-) (94cda678b1ac5db4560fd966107d94bc)
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\SnagIt 6.lnk (810
bytes) (Unknown) (2/17/2008 12:49:17 PM) (----) (91a6d40861bdcac4f7c50fd346814554)
- TCPIP nameservers
- Internet Explorer settings
- Internet Explorer Trusted Sites
- Windows Firewall allowed programs
Value: %windir%\Network Diagnostic\xpnetdiag.exe
Data: %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\VideoLAN\VLC\vlc.exe
Data: C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\RealVNC\VNC4\winvnc4.exe
Data: C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server Free Edition for Win32
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
-
Value: C:\Program Files\BitTorrent\bittorrent.exe
Data: C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe
Data: C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Disabled:TurboTax
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe
Data: C:\Program Files\TurboTax\Deluxe 2007
\32bit\updatemgr.exe:LocalSubNet:Disabled:TurboTax Update Manager
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\DNA\btdna.exe
Data: C:\Program Files\DNA\btdna.exe:*:Enabled:DNA
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\Vuze\Azureus.exe
Data: C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\Skype\Plugin Manager\skypePM.exe
Data: C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\Program Files\uTorrent\uTorrent.exe
Data: C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Data: C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List
Value: %windir%\Network Diagnostic\xpnetdiag.exe
Data: %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\AuthorizedApplications\List
- Windows Firewall allowed ports
Value: 1900:UDP
Data: 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List
Value: 2869:TCP
Data: 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List
Value: 3587:TCP
Data: 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List
Value: 3540:UDP
Data: 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
DomainProfile\GloballyOpenPorts\List
Value: 1900:UDP
Data: 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List
Value: 2869:TCP
Data: 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List
Value: 3587:TCP
Data: 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List
Value: 3540:UDP
Data: 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
-
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\GloballyOpenPorts\List
Value: ShowSuperHidden
Data: 0
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Value: FirstRunDisabled
Data: 1
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center
Value: EnableDCOM
Data: Y
Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
Value: Wallpaper
Data: C:\Documents and Settings\OUR PC\My Documents\My Pictures\Olympus 2005 - 09\9-1-06
Oregon\P8300066.mod.bmp
Key: HKEY_CURRENT_USER\Control Panel\Desktop
Value: OriginalWallpaper
Data: C:\Documents and Settings\OUR PC\Local Settings\Application
Data\Microsoft\Wallpaper1.bmp
Key: HKEY_CURRENT_USER\Control Panel\Desktop
Value: ConvertedWallpaper
Data: C:\Documents and Settings\OUR PC\My Documents\My Pictures\Olympus pictures\Czech 2008
\Croatia\P9110124.JPG
Key: HKEY_CURRENT_USER\Control Panel\Desktop
- Executables in Temp folders
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst169.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:47 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst396.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:11 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst483.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:08 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d)
- Executables in suspicious folders
C:\StubInstaller.exe (700416 bytes) (LimeWire) (10/31/2005 9:56:00 AM) (--A-)
(e2e6b01d43c2555b1be3f46d8297d409)
C:\Program Files\DSETUP.dll (74448 bytes) (Microsoft Corporation) (3/31/2006 1:39:32 PM) (-
-A-) (5a8e20bed41e568424b62cb7f13d978b)
C:\Program Files\dsetup32.dll (2248912 bytes) (Microsoft Corporation) (3/31/2006 1:40:58 PM)
(--A-) (54cfb64b0ef8b59786f0d1863711dbff)
C:\Program Files\DXSETUP.exe (484560 bytes) (Microsoft Corporation) (3/31/2006 1:40:32 PM)
(--A-) (ae58445ccff33bf3fe72bf5d0fa2f873)
C:\Documents and Settings\OUR PC\Application Data\inst.exe (87608 bytes) (Unknown) (2/16/2009
7:55:42 PM) (--A-) (254fbca565e049648b0cce2ceadf05d2)
C:\Documents and Settings\OUR PC\Application Data\pcouffin.sys (47360 bytes) (VSO Software)
(2/16/2009 7:55:41 PM) (--A-) (5b6c11de7e839c05248ced8825470fef)
C:\WINDOWS\system\wowpost.exe (4672 bytes) (Adaptec) (3/1/2008 10:30:39 AM) (--A-)
(1b947583f7d1ff4f50ca9665eef63fe2)
C:\WINDOWS\system32\vsdatant.sys (532224 bytes) (Check Point Software Technologies LTD)
(1/7/2009 10:23:01 AM) (--A-) (050c38ebb22512122e54b47dc278bccd)
C:\Program Files\windows nt\hypertrm.exe (28160 bytes) (Hilgraeve, Inc.) (11/2/2008 11:02:33
AM) (--A-) (9dbb82fb602aa42b131c55c5d136dc9c)
- Autorun.ini
- Unknown .SYS files
C:\WINDOWS\system32\drivers\aavmker4.sys (28880 bytes) (ALWIL Software) (2/16/2008 3:40:29
PM) (--A-) (467f062f76e07512ecc1f5f60aab2988)
C:\WINDOWS\system32\drivers\AmdPPM.sys (33792 bytes) (Advanced Micro Devices) (4/16/2007
9:46:00 PM) (--A-) (033448d435e65c4bd72e70521fd05c76)
C:\WINDOWS\system32\drivers\anydvd.sys (106432 bytes) (SlySoft, Inc.) (4/23/2010 10:31:01
AM) (--A-) (a198fd45dfe819c1f9a7bed90339842f)
C:\WINDOWS\system32\drivers\aspi32.sys (23936 bytes) (Adaptec) (3/1/2008 10:30:39 AM) (--A-)
(20d04091eba710f6988f710507d85868)
C:\WINDOWS\system32\drivers\aswFsBlk.sys (17744 bytes) (ALWIL Software) (3/29/2008 4:59:16
PM) (--A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0)
C:\WINDOWS\system32\drivers\aswmon.sys (94544 bytes) (ALWIL Software) (2/16/2008 3:40:27 PM)
(--A-) (f4f015831ec57312d03f8541ce911401)
C:\WINDOWS\system32\drivers\aswmon2.sys (100176 bytes) (ALWIL Software) (2/16/2008 3:40:27
PM) (--A-) (aa504fa592c9ed79174cb06b8ae340aa)
C:\WINDOWS\system32\drivers\aswRdr.sys (23376 bytes) (ALWIL Software) (2/16/2008 3:40:30 PM)
(--A-) (f385ffd39165453fda96736aa3edfd9d)
C:\WINDOWS\system32\drivers\aswSP.sys (165456 bytes) (ALWIL Software) (3/29/2008 4:59:16 PM)
(--A-) (45adea26bf613a54fed64ecdd12e58a7)
C:\WINDOWS\system32\drivers\aswTdi.sys (46672 bytes) (ALWIL Software) (2/16/2008 3:40:29 PM)
(--A-) (c4ee975c87176f1900662d2874233c7f)
C:\WINDOWS\system32\drivers\CoachUsb.sys (51392 bytes) (FotoNation Inc.) (4/6/2009 7:13:10
PM) (--A-) (fafa3c99864e9df18cb68725bbcf7bca)
C:\WINDOWS\system32\drivers\CoachVid.sys (45344 bytes) (FotoNation Inc.) (4/6/2009 7:13:10
PM) (--A-) (7aefe82c02d4933cee4b7cb78c409845)
C:\WINDOWS\system32\drivers\DcCam.sys (33840 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (9a04f967886f55121fb9c0d447a2993b)
C:\WINDOWS\system32\drivers\DcFpoint.sys (61872 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (e338da0b7700682d325433cd1ce50ec3)
C:\WINDOWS\system32\drivers\DCFS2k.sys (36752 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (b9a22912f7e19f5984e5f3c15fb80266)
C:\WINDOWS\system32\drivers\DcLps.sys (8304 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (ccd2e14c7f093a5b72a74e286ec13ffb)
C:\WINDOWS\system32\drivers\DcPtp.sys (55856 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (cabc849661f92492fed5a751b8606e4f)
C:\WINDOWS\system32\drivers\ElbyCDFL.sys (34760 bytes) (SlySoft, Inc.) (2/15/2007 6:57:04
-
PM) (--A-) (ce37e3d51912e59c80c6d84337c0b4cd)
C:\WINDOWS\system32\drivers\ElbyCDIO.sys (26024 bytes) (Elaborate Bytes AG) (1/1/2010
11:20:34 AM) (--A-) (309ac30471a0f1c3a89dee1c81230576)
C:\WINDOWS\system32\drivers\ExportIt.sys (124016 bytes) (Eastman Kodak Company) (12/25/2008
3:03:02 PM) (--A-) (8e50f31d6776872ef1680165f363bcf4)
C:\WINDOWS\system32\drivers\hdaudbus.sys (144384 bytes) (Windows (R) Server 2003 DDK
provider) (8/22/2008 6:15:11 PM) (----) (573c7d0a32852b48f3058cfd8026f511)
C:\WINDOWS\system32\drivers\Lbd.sys (64160 bytes) (Lavasoft AB) (2/13/2009 5:30:34 AM) (--A
-) (419590ebe7855215bb157ea0cf0d0531)
C:\WINDOWS\system32\drivers\LGUSBBUS.SYS (20092 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (--A-) (b5fbadee0e8aa4ad1f5e3f4f153c8c6c)
C:\WINDOWS\system32\drivers\LGUsbDiag.sys (39136 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (--A-) (3cedcf0b428d5f49a4a2b031f974e838)
C:\WINDOWS\system32\drivers\LGUsbModem.sys (41664 bytes) (LG Electronics Inc.) (8/10/2008
9:22:29 PM) (--A-) (b4796b12df011dc75617d4c687cf38cc)
C:\WINDOWS\system32\drivers\maplom.sys (40584 bytes) (SlySoft Inc.) (4/2/2009 3:20:50 PM)
(--A-) (f2a399021b819c60ee7569ba529d9596)
C:\WINDOWS\system32\drivers\maploml.sys (42632 bytes) (SlySoft Inc.) (4/2/2009 3:20:50 PM)
(--A-) (1c4d99cc6a264765f5a90820da85a247)
C:\WINDOWS\system32\drivers\mbam.sys (20952 bytes) (Malwarebytes Corporation) (1/25/2009
1:38:41 PM) (--A-) (67b48a903430c6d4fb58cbaca1866601)
C:\WINDOWS\system32\drivers\mbamswissarmy.sys (38224 bytes) (Malwarebytes Corporation)
(1/25/2009 1:38:38 PM) (--A-) (c7dd7d9739785bd3a6b8499eec1dee7e)
C:\WINDOWS\system32\drivers\mdmxsdk.sys (11868 bytes) (Conexant) (8/22/2008 6:16:00 PM) (--
--) (195741aee20369980796b557358cd774)
C:\WINDOWS\system32\drivers\pcouffin.sys (47360 bytes) (VSO Software) (2/16/2009 7:55:41 PM)
(--A-) (5b6c11de7e839c05248ced8825470fef)
C:\WINDOWS\system32\drivers\pxkbf.sys (24400 bytes) (Prevx) (7/4/2010 9:17:44 AM) (--A-)
(7991a4aacd1184d9f27fba5057253d3c)
C:\WINDOWS\system32\drivers\RegKill.sys (11984 bytes) (Elaborate Bytes AG) (2/15/2007
6:56:49 PM) (--A-) (e205c313417da6fa7afe85912a310a65)
C:\WINDOWS\system32\drivers\secdrv.sys (20480 bytes) (Macrovision Corporation, Macrovision
Europe Limited, and Macrovision Japan and Asia K.K.) (8/4/2004 6:00:00 AM) (--A-)
(90a3935d05b494a5a39d37e71f09a677)
C:\WINDOWS\system32\drivers\sffp_mmc.sys (10240 bytes) (Microsoft Corporation) (8/22/2008
6:17:04 PM) (----) (d66d22d76878bf3483a6be30183fb648)
C:\WINDOWS\system32\drivers\wpdusb.sys (38528 bytes) (Microsoft Corporation) (10/18/2006
10:00:00 PM) (--A-) (cf4def1bf66f06964dc0d91844239104)
C:\WINDOWS\system32\drivers\wudfpf.sys (77568 bytes) (Microsoft Corporation) (9/28/2006
8:55:50 PM) (--A-) (f15feafffbb3644ccc80c5da584e6311)
C:\WINDOWS\system32\drivers\wudfrd.sys (82944 bytes) (Microsoft Corporation) (9/28/2006
9:00:34 PM) (--A-) (28b524262bce6de1f7ef9f510ba3985b)
- Non accessible files
- Executables in Internet Explorer Folder
C:\Program Files\Internet Explorer\custsat.dll (33792 bytes) (Microsoft Corporation)
(8/13/2007 8:54:10 PM) (--A-) (68d36448ecabc1e03c20cd2bb3b3de9f)
C:\Program Files\Internet Explorer\ieproxy.dll (287744 bytes) (Microsoft Corporation)
(8/13/2007 8:54:10 PM) (--A-) (fd0cba527032d2d3d00e17c0f24a99d3)
- Files created/modified 15 days ago
C:\WINDOWS\system32\drivers\aavmker4.sys (28880 bytes) (ALWIL Software) (6/28/2010 2:32:16
PM) (--A-) (467f062f76e07512ecc1f5f60aab2988) (Modified)
C:\WINDOWS\system32\drivers\aswFsBlk.sys (17744 bytes) (ALWIL Software) (6/28/2010 2:32:33
PM) (--A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0) (Modified)
C:\WINDOWS\system32\drivers\aswmon.sys (94544 bytes) (ALWIL Software) (6/28/2010 2:32:42 PM)
(--A-) (f4f015831ec57312d03f8541ce911401) (Modified)
C:\WINDOWS\system32\drivers\aswmon2.sys (100176 bytes) (ALWIL Software) (6/28/2010 2:32:45
PM) (--A-) (aa504fa592c9ed79174cb06b8ae340aa) (Modified)
C:\WINDOWS\system32\drivers\aswRdr.sys (23376 bytes) (ALWIL Software) (6/28/2010 2:33:13 PM)
(--A-) (f385ffd39165453fda96736aa3edfd9d) (Modified)
C:\WINDOWS\system32\drivers\aswSP.sys (165456 bytes) (ALWIL Software) (6/28/2010 2:37:30 PM)
(--A-) (45adea26bf613a54fed64ecdd12e58a7) (Modified)
C:\WINDOWS\system32\drivers\aswTdi.sys (46672 bytes) (ALWIL Software) (6/28/2010 2:37:52 PM)
(--A-) (c4ee975c87176f1900662d2874233c7f) (Modified)
C:\WINDOWS\system32\drivers\pxkbf.sys (24400 bytes) (Prevx) (7/4/2010 9:17:44 AM) (--A-)
(7991a4aacd1184d9f27fba5057253d3c) (Created)
C:\Program Files\Alwil Software\Avast5\Aavm4h.dll (272664 bytes) (AVAST Software) (6/28/2010
2:57:36 PM) (--A-) (02c51461b3a9f3595b92fb71300a6039) (Modified)
C:\Program Files\Alwil Software\Avast5\AavmRpch.dll (51208 bytes) (AVAST Software)
(6/28/2010 2:57:38 PM) (--A-) (8b2929b791ed9534c0830abf40526ef6) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResBhv.dll (19800 bytes) (AVAST Software)
(6/28/2010 2:57:56 PM) (--A-) (3690d2efaa29f95b83523dca3fafa128) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResMai.dll (47624 bytes) (AVAST Software)
(6/28/2010 2:58:01 PM) (--A-) (c8793eda93be50006d94e76c5c1dad47) (Modified)
C:\Program Files\Alwil Software\Avast5\ahResMes.dll (36288 bytes) (AVAST Software)
(6/28/2010 2:58:04 PM) (--A-) (f0afdce17708f94d4675dd09f00f7cd1) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResNS.dll (45552 bytes) (AVAST Software) (6/28/2010
2:58:07 PM) (--A-) (6d03236ee1cc962df783120733dfa237) (Modified)
C:\Program Files\Alwil Software\Avast5\ahResP2P.dll (37824 bytes) (AVAST Software)
(6/28/2010 2:58:09 PM) (--A-) (b2933dd7ec8189d295fe9431af8e8e08) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResStd.dll (54840 bytes) (AVAST Software)
(6/28/2010 2:58:14 PM) (--A-) (1ada042e02dbff575792e77622e5b788) (Modified)
C:\Program Files\Alwil Software\Avast5\AhResWS.dll (55864 bytes) (AVAST Software) (6/28/2010
2:58:17 PM) (--A-) (a39cdd5260d67311d7eec9fea02d2565) (Modified)
C:\Program Files\Alwil Software\Avast5\ashBase.dll (158840 bytes) (AVAST Software)
(6/28/2010 2:58:19 PM) (--A-) (812c994267aa01e298ef911f2179c148) (Modified)
C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll (923600 bytes) (AVAST Software)
(6/28/2010 2:58:22 PM) (--A-) (afd4972daf2d74d7059cc09a86c5d017) (Modified)
C:\Program Files\Alwil Software\Avast5\ashOutXt.dll (142360 bytes) (AVAST Software)
(6/28/2010 2:58:25 PM) (--A-) (1b7ebd11394ec0a54129a585abe6dfbc) (Modified)
-
C:\Program Files\Alwil Software\Avast5\ashQuick.exe (95504 bytes) (AVAST Software)
(6/28/2010 2:57:07 PM) (--A-) (39036601e4a0679e9a06256838758e59) (Modified)
C:\Program Files\Alwil Software\Avast5\ashServ.dll (117128 bytes) (AVAST Software)
(6/28/2010 2:58:28 PM) (--A-) (7e462c1de313183490c78314c0d6b0b9) (Modified)
C:\Program Files\Alwil Software\Avast5\ashShell.dll (81072 bytes) (AVAST Software)
(6/28/2010 2:58:30 PM) (--A-) (4e4035f3ae41ded93da01503a53c24b8) (Modified)
C:\Program Files\Alwil Software\Avast5\ashTask.dll (137728 bytes) (AVAST Software)
(6/28/2010 2:58:33 PM) (--A-) (7ae2b7d6530f12f88ba097866b246d84) (Modified)
C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll (56352 bytes) (AVAST Software)
(6/28/2010 2:58:35 PM) (--A-) (66108647a48b9fbe0bc8164cf52f7964) (Modified)
C:\Program Files\Alwil Software\Avast5\ashUpd.exe (81560 bytes) (AVAST Software) (6/28/2010
2:57:09 PM) (--A-) (2dbd73e0fe86d90790728fea0b9f495d) (Modified)
C:\Program Files\Alwil Software\Avast5\ashWebSv.dll (349384 bytes) (AVAST Software)
(6/28/2010 2:58:38 PM) (--A-) (1099d81c9c2b1094074cbc8bc3497235) (Modified)
C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll (60984 bytes) (AVAST Software)
(6/28/2010 2:58:40 PM) (--A-) (0aa417fb424b4a8e957fe0a6da0afcd6) (Modified)
C:\Program Files\Alwil Software\Avast5\aswAux.dll (680544 bytes) (AVAST Software) (6/28/2010
2:58:46 PM) (--A-) (e3ee9cc3fd1e5e229a818bede33962cd) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (294824 bytes) (AVAST Software)
(6/28/2010 2:58:48 PM) (--A-) (a796aa4d68e7eb009b2766e01cd62886) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll (140824 bytes) (AVAST Software)
(6/28/2010 2:58:51 PM) (--A-) (7885b2eb5e54486af9c8a3b21769a7f3) (Modified)
C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll (87264 bytes) (AVAST Software)
(6/28/2010 2:58:53 PM) (--A-) (e441baed30a73ea20859d79296179c76) (Modified)
C:\Program Files\Alwil Software\Avast5\aswData.dll (108352 bytes) (AVAST Software)
(6/28/2010 2:58:56 PM) (--A-) (c633e761b183c9ac6d980c4a9252a5f7) (Modified)
C:\Program Files\Alwil Software\Avast5\aswDld.dll (123296 bytes) (Unknown) (6/28/2010
2:58:58 PM) (--A-) (49401f1a447be8cca978199fd27d05f8) (Modified)
C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll (43504 bytes) (AVAST Software)
(6/28/2010 2:59:01 PM) (--A-) (34db85c1829537a767438edb494a87ae) (Modified)
C:\Program Files\Alwil Software\Avast5\aswIdle.dll (12096 bytes) (AVAST Software) (6/28/2010
2:59:03 PM) (--A-) (afeb68ffe90ae4e6f6534e2f831fcdec) (Modified)
C:\Program Files\Alwil Software\Avast5\aswLog.dll (175344 bytes) (AVAST Software) (6/28/2010
2:59:06 PM) (--A-) (a601edfa73d0421c8052745b7cbbc193) (Modified)
C:\Program Files\Alwil Software\Avast5\aswProperty.dll (44504 bytes) (AVAST Software)
(6/28/2010 2:59:11 PM) (--A-) (3d0c4e7db2eae31353bee70ace5b4a33) (Modified)
C:\Program Files\Alwil Software\Avast5\aswSqLt.dll (396776 bytes) (ALWIL Software)
(6/28/2010 2:59:19 PM) (--A-) (94eb976e186780f1d9e416ab8980185b) (Modified)
C:\Program Files\Alwil Software\Avast5\aswUtil.dll (22904 bytes) (AVAST Software) (6/28/2010
2:59:21 PM) (--A-) (4d7ba53015f5e7d39acefec148ef0d88) (Modified)
C:\Program Files\Alwil Software\Avast5\avastSS.dll (29584 bytes) (AVAST Software) (6/28/2010
2:59:24 PM) (--A-) (c69c54a4f719d6221134cc53e0944973) (Modified)
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (40384 bytes) (AVAST Software)
(6/28/2010 2:57:15 PM) (--A-) (b2386a8e66891f7cfec9f5a03f0f1210) (Modified)
C:\Program Files\Alwil Software\Avast5\AvastUI.exe (2837864 bytes) (AVAST Software)
(6/28/2010 2:57:18 PM) (--A-) (38ae7a942fc3fab1c6a27eb65de8f827) (Modified)
C:\Program Files\Alwil Software\Avast5\AvSSHook.dll (51208 bytes) (AVAST Software)
(6/28/2010 2:59:26 PM) (--A-) (9c6e5f54c63972bd4a1a6d71fc41c22e) (Modified)
C:\Program Files\Alwil Software\Avast5\CommonRes.dll (1349520 bytes) (AVAST Software)
(6/28/2010 2:59:29 PM) (--A-) (e49300608e55e8011e5bb81e536da463) (Modified)
C:\Program Files\Alwil Software\Avast5\sched.exe (82096 bytes) (AVAST Software) (6/28/2010
2:57:23 PM) (--A-) (29c265b5742b5fa806f6b4d4295cae4d) (Modified)
C:\Program Files\Alwil Software\Avast5\VisthAux.exe (127392 bytes) (AVAST Software)
(6/28/2010 2:57:31 PM) (--A-) (4a0e9f39d15e846d93ab6fd0d82fd770) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\Base.dll (55328 bytes) (AVAST Software)
(6/28/2010 3:00:31 PM) (--A-) (50a66b44064be496c4198be7b8181fab) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\Boot.dll (24408 bytes) (AVAST Software)
(6/28/2010 3:00:34 PM) (--A-) (168961559bc58f433ad2606a4338b451) (Modified)
C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll (149576 bytes) (AVAST Software)
(6/28/2010 3:00:36 PM) (--A-) (73423e3fbe8a8c6a7d7803e095b08d77) (Modified)
C:\Program Files\Alwil Software\Avast5\defs\10070400\algo.dll (661504 bytes) (Unknown)
(7/4/2010 11:02:54 AM) (--A-) (53e13a651c5e28d6ab992c3b25cf0c8d) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\ArPot.dll (36800 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (a26e59be59dd009db03f61600bc3e658) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswAR.dll (138216 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (401b9731f7db8f6d125bb6ba9f6c9eeb) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswBoot.dll (1374752 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (e58a96f641742e35f23a383e7a998033) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCleanerDLL.dll (421032 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (9a77e3bbdee6de974ff41b877cb71a4f) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnBS.dll (299456 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (d6b1f751d3bfaae77b71935919cbea4e) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnIS.dll (160400 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (a292428cef3f43408199555867145ab3) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswCmnOS.dll (88800 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (6cf7a23f54988dcb6a5f70ef70ba9a49) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswEngin.dll (1138888 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (39ca340ab82c30857332ed7b8c41dc20) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswRawFS.dll (295336 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (96c205b8e990a1501ff7c0950d87d18a) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\aswScan.dll (69224 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (94940418051fe8433ecf7d77fa809d10) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\exts.dll (11048 bytes) (AVAST Software)
(7/4/2010 11:02:51 AM) (--A-) (7083d1a4d7b551aac9b8f3fb87b3231e) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\fwAux.dll (39384 bytes) (AVAST
Software) (7/4/2010 11:02:51 AM) (--A-) (ff675e6143d5494afde62e80ba6b63e1) (Created)
C:\Program Files\Alwil Software\Avast5\defs\10070400\Sf.bin (523960 bytes) (Unknown)
(7/4/2010 11:02:51 AM) (--A-) (209a9b52540ae7b6aba3eb1541ddbfd5) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (----) (36429a92b495d7b3030e97305981ea8b) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\setiface.ovr (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (--A-) (36429a92b495d7b3030e97305981ea8b) (Modified)
-
C:\Program Files\Alwil Software\Avast5\Setup\setif_ais-252.vpx (186928 bytes) (Unknown)
(6/30/2010 11:09:49 AM) (--A-) (36429a92b495d7b3030e97305981ea8b) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\setup.ovr (2701416 bytes) (AVAST Software)
(6/30/2010 11:09:53 AM) (--A-) (7debba7e0c78312248673cb37e7238be) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\setup_ais-252.vpx (2701416 bytes) (AVAST
Software) (6/30/2010 11:09:50 AM) (--A-) (7debba7e0c78312248673cb37e7238be) (Created)
C:\Program Files\Alwil Software\Avast5\Setup\INF\Aavmker4.sys (28880 bytes) (ALWIL Software)
(6/28/2010 2:32:16 PM) (--A-) (467f062f76e07512ecc1f5f60aab2988) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswFsBlk.sys (17744 bytes) (ALWIL Software)
(6/28/2010 2:32:33 PM) (--A-) (0c0b08847f2f24baa7bd43d8f2c6c8b0) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMon.sys (94544 bytes) (ALWIL Software)
(6/28/2010 2:32:42 PM) (--A-) (f4f015831ec57312d03f8541ce911401) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMon2.sys (100176 bytes) (ALWIL Software)
(6/28/2010 2:32:45 PM) (--A-) (aa504fa592c9ed79174cb06b8ae340aa) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswMonFlt.sys (50256 bytes) (ALWIL
Software) (6/28/2010 2:32:56 PM) (--A-) (effc39a1edf04e83a42279d9daa696a7) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\AswRdr.sys (23376 bytes) (ALWIL Software)
(6/28/2010 2:33:13 PM) (--A-) (f385ffd39165453fda96736aa3edfd9d) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\aswSP.sys (165456 bytes) (ALWIL Software)
(6/28/2010 2:37:30 PM) (--A-) (45adea26bf613a54fed64ecdd12e58a7) (Modified)
C:\Program Files\Alwil Software\Avast5\Setup\INF\AswTdi.sys (46672 bytes) (ALWIL Software)
(6/28/2010 2:37:52 PM) (--A-) (c4ee975c87176f1900662d2874233c7f) (Modified)
C:\Program Files\CCleaner\CCleaner.exe (1699128 bytes) (Piriform Ltd) (6/23/2010 3:07:14 PM)
(--A-) (33ef7a3e3b2004e9a225af3d98d5bc21) (Created)
C:\Program Files\CCleaner\uninst.exe (126272 bytes) (Piriform Ltd) (6/23/2010 3:55:30 PM)
(--A-) (e55e07f58e29edfc8b19cead8191acb5) (Created)
C:\Program Files\CCleaner\Lang\lang-1025.dll (23552 bytes) (Unknown) (6/23/2010 7:16:02 PM)
(--A-) (c8b413b153273352050483c8ff48efdc) (Created)
C:\Program Files\CCleaner\Lang\lang-1026.dll (29696 bytes) (Unknown) (6/23/2010 7:17:52 PM)
(--A-) (f1123f265ad6b45f329c6a2f2b859b53) (Created)
C:\Program Files\CCleaner\Lang\lang-1027.dll (27648 bytes) (Unknown) (6/23/2010 7:15:58 PM)
(--A-) (bde57c23a37adafe5712a9ec748b2284) (Created)
C:\Program Files\CCleaner\Lang\lang-1028.dll (14336 bytes) (Unknown) (6/23/2010 7:16:10 PM)
(--A-) (0952a0b00390f9823645668b92e0f01d) (Created)
C:\Program Files\CCleaner\Lang\lang-1029.dll (25088 bytes) (Unknown) (6/23/2010 7:16:14 PM)
(--A-) (31c57c554b0aacad3b2997b09c27a168) (Created)
C:\Program Files\CCleaner\Lang\lang-1030.dll (26624 bytes) (Unknown) (6/23/2010 7:16:18 PM)
(--A-) (24ddc53855628a3894879b73bc6d3337) (Created)
C:\Program Files\CCleaner\Lang\lang-1031.dll (27136 bytes) (Unknown) (6/23/2010 7:15:54 PM)
(--A-) (99f71c1122b12c11e5fff4bfa0e10137) (Created)
C:\Program Files\CCleaner\Lang\lang-1032.dll (31744 bytes) (Unknown) (6/23/2010 7:16:38 PM)
(--A-) (5cba2234f4b7a16a3d5ad26b5328c017) (Created)
C:\Program Files\CCleaner\Lang\lang-1034.dll (30208 bytes) (Unknown) (6/23/2010 7:17:32 PM)
(--A-) (56a8ddf06d02247f2e65d84326106c00) (Created)
C:\Program Files\CCleaner\Lang\lang-1035.dll (28160 bytes) (Unknown) (6/23/2010 7:16:26 PM)
(--A-) (7289c7b46f65186be410e73989073da6) (Created)
C:\Program Files\CCleaner\Lang\lang-1036.dll (31232 bytes) (Unknown) (6/23/2010 7:16:30 PM)
(--A-) (322dcff65a8d47d324f34bdd92f60888) (Created)
C:\Program Files\CCleaner\Lang\lang-1037.dll (23040 bytes) (Unknown) (6/23/2010 7:16:42 PM)
(--A-) (57cd8d929425a9d0d0b8a54cd0557ae8) (Created)
C:\Program Files\CCleaner\Lang\lang-1038.dll (28160 bytes) (Unknown) (6/23/2010 7:16:46 PM)
(--A-) (d1b078092c432dffd832ee2ffa765a36) (Created)
C:\Program Files\CCleaner\Lang\lang-1040.dll (28672 bytes) (Unknown) (6/23/2010 7:16:50 PM)
(--A-) (8ca24fd322364b146a85f08d8e0fe8b0) (Created)
C:\Program Files\CCleaner\Lang\lang-1041.dll (17408 bytes) (Unknown) (6/23/2010 7:16:54 PM)
(--A-) (95ce15bb8882abf2ffa6b2b720690b9d) (Created)
C:\Program Files\CCleaner\Lang\lang-1042.dll (13824 bytes) (Unknown) (6/23/2010 7:17:00 PM)
(--A-) (3f5ff3f66cf0b9e2add8aa065695d9c7) (Created)
C:\Program Files\CCleaner\Lang\lang-1043.dll (30208 bytes) (Unknown) (6/23/2010 7:16:22 PM)
(--A-) (1bbb2883419e5150082883851eeffe6f) (Created)
C:\Program Files\CCleaner\Lang\lang-1044.dll (26112 bytes) (Unknown) (6/23/2010 7:17:08 PM)
(--A-) (1a6d15381be03b01f7b2235659fd7432) (Created)
C:\Program Files\CCleaner\Lang\lang-1045.dll (28160 bytes) (Unknown) (6/23/2010 7:17:12 PM)
(--A-) (367853eb5943a77435579433ac463cf6) (Created)
C:\Program Files\CCleaner\Lang\lang-1046.dll (30208 bytes) (Unknown) (6/23/2010 7:17:22 PM)
(--A-) (389535752d5f6686291af05069ea502d) (Created)
C:\Program Files\CCleaner\Lang\lang-1048.dll (26624 bytes) (Unknown) (6/23/2010 7:17:26 PM)
(--A-) (b7f3f5f0b24a1f9f673240fbd6ddf8c7) (Created)
C:\Program Files\CCleaner\Lang\lang-1049.dll (25600 bytes) (Unknown) (6/23/2010 7:17:30 PM)
(--A-) (00078200f7555480f6b865c126ae3ca5) (Created)
C:\Program Files\CCleaner\Lang\lang-1050.dll (26624 bytes) (Unknown) (6/23/2010 7:18:08 PM)
(--A-) (e77c2bcd0fb54838a045def563e76e80) (Created)
C:\Program Files\CCleaner\Lang\lang-1051.dll (26112 bytes) (Unknown) (6/23/2010 7:15:44 PM)
(--A-) (b98cf7871deaabb39602d2268e80adec) (Created)
C:\Program Files\CCleaner\Lang\lang-1052.dll (26624 bytes) (Unknown) (6/23/2010 7:15:46 PM)
(--A-) (83b6b34f6f21a6fe48195bacc8fd0d5c) (Created)
C:\Program Files\CCleaner\Lang\lang-1053.dll (27136 bytes) (Unknown) (6/23/2010 7:15:50 PM)
(--A-) (b5aa357cc9e8fca33bbbb2cb25e2fee1) (Created)
C:\Program Files\CCleaner\Lang\lang-1055.dll (26112 bytes) (Unknown) (6/23/2010 7:17:36 PM)
(--A-) (9f16d833692b846f75828d2cc856f47d) (Created)
C:\Program Files\CCleaner\Lang\lang-1058.dll (25088 bytes) (Unknown) (6/23/2010 7:18:04 PM)
(--A-) (4b906ac69b568189c4fd327243f80030) (Created)
C:\Program Files\CCleaner\Lang\lang-1061.dll (26112 bytes) (Unknown) (6/23/2010 7:18:12 PM)
(--A-) (ccdb2a30017ed69c63614c87cb886aa3) (Created)
C:\Program Files\CCleaner\Lang\lang-1063.dll (23040 bytes) (Unknown) (6/23/2010 7:17:04 PM)
(--A-) (1619df482e20e5d6055e09f9b6b0c1a0) (Created)
C:\Program Files\CCleaner\Lang\lang-1065.dll (26624 bytes) (Unknown) (6/23/2010 7:18:00 PM)
(--A-) (78c1fedfb9ec48b2e110647e17224c69) (Created)
C:\Program Files\CCleaner\Lang\lang-1066.dll (26112 bytes) (Unknown) (6/23/2010 7:18:16 PM)
(--A-) (f84522f31168eee5c048413ede2b07b5) (Created)
C:\Program Files\CCleaner\Lang\lang-1067.dll (24576 bytes) (Unknown) (6/23/2010 7:18:20 PM)
(--A-) (eb1937db557b798f93dfe665c6ffc982) (Created)
-
C:\Program Files\CCleaner\Lang\lang-1071.dll (22016 bytes) (Unknown) (6/23/2010 7:17:48 PM)
(--A-) (0904c304ee26f8a7280e028162c8c334) (Created)
C:\Program Files\CCleaner\Lang\lang-1079.dll (27648 bytes) (Unknown) (6/23/2010 7:18:26 PM)
(--A-) (dd13d4cbe624088a7e8b203c75f02278) (Created)
C:\Program Files\CCleaner\Lang\lang-1110.dll (23040 bytes) (Unknown) (6/23/2010 7:16:36 PM)
(--A-) (bc9c1468005d34560fca2b1d0fc76104) (Created)
C:\Program Files\CCleaner\Lang\lang-2052.dll (12800 bytes) (Unknown) (6/23/2010 7:16:06 PM)
(--A-) (ed54ba9f3ff992242e1c32191f9b9433) (Created)
C:\Program Files\CCleaner\Lang\lang-2070.dll (30720 bytes) (Unknown) (6/23/2010 7:17:18 PM)
(--A-) (cbf4c8bf71dd1fba8e3943adaac9ca7e) (Created)
C:\Program Files\CCleaner\Lang\lang-2074.dll (21504 bytes) (Unknown) (6/23/2010 7:17:44 PM)
(--A-) (0f959bab5d981841deba30f994259195) (Created)
C:\Program Files\CCleaner\Lang\lang-3098.dll (25088 bytes) (Unknown) (6/23/2010 7:17:40 PM)
(--A-) (03f804a92bc07f0c8e33f9922c41db58) (Created)
C:\Program Files\CCleaner\Lang\lang-5146.dll (26112 bytes) (Unknown) (6/23/2010 7:17:56 PM)
(--A-) (446d3b3f34511a7adad23c30b9da537a) (Created)
C:\Program Files\CCleaner\Lang\lang-9999.dll (30720 bytes) (Unknown) (6/23/2010 2:59:36 PM)
(--A-) (78e1f19906909ea819d3a67a29c5e60d) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\basefx.dll (778240 bytes) (Jasc Software
Inc.) (1/20/2030 7:02:00 AM) (--A-) (294bca9110a7a4a9cd4e0347a7542447) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\fpxlib.dll (332800 bytes) (Unknown)
(1/20/2030 7:02:00 AM) (--A-) (5237cc27a7c26399094b29f868892955) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jbrws.dll (290816 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (53590fbda4748f4d9ebec062db832d65) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jbrwsutil.dll (102400 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (--A-) (2a91bd38653e0de084f1922e7066ad88) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcap.dll (65536 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (dff514f4c83ed5047e8a3a9fa45b71f8) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcmyk.dll (233472 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (3022292315f7753c7686fcde223a8ed5) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jcontrols.dll (458752 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (--A-) (a38f9b36a6eb8320a20b7254bec8875d) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jff.dll (1892352 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (8519db8dd78997a40a35a2ccedd0f49e) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jlem.dll (69632 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (3499f5315bf2421118741350ae0c3eff) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jmem.dll (73728 bytes) (Jasc Software,
Inc.) (1/20/2030 7:02:00 AM) (--A-) (d214628bc02444513d29c1ccd8f1e661) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jpeglib.dll (122880 bytes) (Unknown)
(1/20/2030 7:02:00 AM) (--A-) (324de03de18dfd6e4a03bcfb0d5c7a32) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\jwebtools.dll (376832 bytes) (Jasc
Software, Inc.) (1/20/2030 7:02:00 AM) (--A-) (763f8382ce89470900aad6e299a1cf05) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\morefx.dll (311296 bytes) (Jasc Software
Inc.) (1/20/2030 7:02:00 AM) (--A-) (0c27e8bec010e586c3855254e332af19) (Created)
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7\pcdlib32.dll (212480 bytes) (Eastman
Kodak) (1/20/2030 7:02:00 AM) (--A-) (7ed438c44b90af7b01609a942c7e7196) (Created)
C:\Program Files\mozilla.org\SeaMonkey\AccessibleMarshal.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (--A-) (867c59e700898521e5214c076e1bb247) (Created)
C:\Program Files\mozilla.org\SeaMonkey\nsldap32v50.dll (139264 bytes) (Unknown) (6/25/2010
1:58:12 PM) (--A-) (ebde0991b9697979e88a07e4d09966f1) (Created)
C:\Program Files\mozilla.org\SeaMonkey\nsldappr32v50.dll (24576 bytes) (Unknown) (6/25/2010
1:58:12 PM) (--A-) (7fbcfaf6f3c7a4c697edce1cf2515dbb) (Created)
C:\Program Files\mozilla.org\SeaMonkey\regxpcom.exe (16384 bytes) (Unknown) (6/25/2010
1:58:13 PM) (--A-) (288e4cc53b23139f7666bd4bf5049482) (Created)
C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe (106496 bytes) (mozilla.org) (6/25/2010
1:58:13 PM) (--A-) (ee4a130f66787c0714634aae7b06c66e) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\accessibility.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (7a2ef89fe6d009c1b01f11e76129b4e9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\appcomps.dll (229376 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (113aa472824bf534a636aface341a467) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\appshell.dll (65536 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (4064aa7781dec13d660b3b72f2649cf9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\auth.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (d516b96fd48147a46bc5be819e7a6301) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\autoconfig.dll (36864 bytes) (Mozilla
Foundation) (6/25/2010 1:58:13 PM) (--A-) (6e9a7b538b4a6a3e6426aefaa19ca962) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\caps.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (bbeccced103e9f29ef7f5516365e5926) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\chrome.dll (65536 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (--A-) (58ea7597e980c27eacd0d5aa8af36aa9) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\composer.dll (57344 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (--A-) (d476dd06f920bd9980a29c888ed2aa9a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\cookie.dll (36864 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (325aa210ffced9ba4e7287166a51beeb) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\docshell.dll (188416 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (e4165664e82a37ce68930a3356a8a893) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\editor.dll (405504 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (--A-) (d06bd7bc0a945b714dbfa1f74ea44610) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\embedcomponents.dll (126976 bytes)
(Mozilla Foundation) (6/25/2010 1:58:02 PM) (--A-) (1be6a140a593e9ded2c21d032523acd5)
(Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkgfxwin.dll (147456 bytes) (Mozilla
Foundation) (6/25/2010 1:58:03 PM) (--A-) (4cc56c402927dc46e55055f76d06c04f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gklayout.dll (3067904 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (8342d340ef69047f8a64fb3d03f76a04) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkparser.dll (237568 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (a662a6bd3d6aa07b8fe0d2b76f56e0e4) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkplugin.dll (151552 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (48d7183ef8c1c6823c1dd236ee95f57a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\gkwidget.dll (147456 bytes) (Unknown)
(6/25/2010 1:58:01 PM) (--A-) (a8e06d33875855d283c10545961967e3) (Created)
-
C:\Program Files\mozilla.org\SeaMonkey\components\i18n.dll (188416 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (--A-) (6f13a99931ef8c7cf53691fd434729c6) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\imgicon.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (e32d74ffe0e384ad42f812c1a41e7a40) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\imglib2.dll (155648 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (82792efd39475af512f753652a3c6082) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\jar50.dll (53248 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (--A-) (92daae1056ae10cd847a6401c892e20f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\jsd3250.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (f7683d0e0f654308dd82a4e1ef12f84e) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mork.dll (106496 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (292d817ebfc47659bb55090155031559) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mozfind.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:13 PM) (--A-) (0247ed0ee345329f132ef461040d6b14) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\mozldap.dll (49152 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (5d76326fcf65dc3b3aed164c45dee451) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\necko.dll (516096 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (--A-) (0e59adcb44494b018c71a23d9ae57118) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\necko2.dll (40960 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (--A-) (866e8ccbf6100852c5c1713cdbd66237) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\nsprefm.dll (40960 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (59f806bbfe6d233ba15d45d3a706b08b) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\oji.dll (49152 bytes) (Mozilla Foundation)
(6/25/2010 1:57:59 PM) (--A-) (0bff1b408fe19008dd740922d997bc59) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\p3p.dll (32768 bytes) (Mozilla Foundation)
(6/25/2010 1:58:00 PM) (--A-) (640817221b8cf4034180de81965e9e43) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\perms.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (29968b3de8e374acd6e92bef0f8c68a3) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pipboot.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (--A-) (a3caf8aabf6f6733156939f729b74d2c) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pipnss.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (--A-) (4a8f5129c3b7abdaa718508cc2912dc0) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\pippki.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (4ecaba7b47145a21616b298131b59afe) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\profile.dll (61440 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (99c7ddaa77a0af8846d9ac068bd3680d) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\rdf.dll (110592 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (e0c90493c1cd6ee0d443da4c383231ca) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\srchsvc.dll (98304 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (--A-) (56d874a385396c3c8a77b8f08768fba2) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\strgcmps.dll (233472 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (9d53d180907f308a16d78d1687be2e64) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\transformiix.dll (208896 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (d21bec805eafb3a1fca7f49dcca76a19) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\txmgr.dll (32768 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (--A-) (da0ffa29097b877781a9dd6418f561ad) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\typeaheadfind.dll (49152 bytes) (Mozilla
Foundation) (6/25/2010 1:58:11 PM) (--A-) (efa986676871db8dcaf48f7389c75d12) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\uconv.dll (737280 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (7949ddb234a865f4aef44c62ec3cb76d) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\ucvmath.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:58:00 PM) (--A-) (549825225861edbf8ff8b029e0a5f93f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\universalchardet.dll (106496 bytes)
(Mozilla Foundation) (6/25/2010 1:57:59 PM) (--A-) (626f0b6aa3631d4bc927d256f4ef1429)
(Created)
C:\Program Files\mozilla.org\SeaMonkey\components\wallet.dll (77824 bytes) (Mozilla
Foundation) (6/25/2010 1:58:02 PM) (--A-) (a80e25e1919590174d940ccdc5551f43) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\webbrwsr.dll (57344 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (378aff4ee0d83898fe009f56164ca7cf) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\websrvcs.dll (286720 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (89226df89f4c8e86c1261f87cd4135be) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\wlltvwrs.dll (24576 bytes) (Mozilla
Foundation) (6/25/2010 1:58:12 PM) (--A-) (4c77e36a01c64de6cb87946a99d170e4) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xmlextras.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (b9755954f03176df243411cab13ce356) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpc3250.dll (221184 bytes) (Mozilla
Foundation) (6/25/2010 1:57:59 PM) (--A-) (acc92bef5830fda833175b998329fc07) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpcom_compat_c.dll (28672 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (--A-) (996bd8788737ef29df0bbb174a87bc36) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xpinstal.dll (159744 bytes) (Mozilla
Foundation) (6/25/2010 1:57:58 PM) (--A-) (8af3a10612d00a284a50bcf5d7e1a75c) (Created)
C:\Program Files\mozilla.org\SeaMonkey\components\xppref32.dll (53248 bytes) (Mozilla
Foundation) (6/25/2010 1:58:01 PM) (--A-) (20d21c04d3f77fa4ac4bdad96a38c72a) (Created)
C:\Program Files\mozilla.org\SeaMonkey\Setup GRE\SETUP.EXE (249856 bytes) (mozilla.org)
(6/25/2010 1:57:54 PM) (--A-) (9bd37657c60c08ee4167537f4b4f510f) (Created)
C:\Program Files\mozilla.org\SeaMonkey\Setup GRE\setuprsc.dll (225280 bytes) (Unknown)
(6/25/2010 1:57:54 PM) (--A-) (527c9c732bcdc15f5a950f928775d743) (Created)
C:\Program Files\mozilla.org\SeaMonkey\uninstall\GREUninstall.exe (118784 bytes) (Unknown)
(6/25/2010 1:58:04 PM) (--A-) (672be8add341f1d2587c8518273531ea) (Modified)
C:\Program Files\mozilla.org\SeaMonkey\uninstall\SeaMonkeyUninstall.exe (118784 bytes)
(Unknown) (6/25/2010 1:58:15 PM) (--A-) (2bd7b5adcebf5ec1fbeaab9686936237) (Modified)
C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (626176 bytes) (NoVirusThanks
Company Srl) (7/6/2010 7:32:33 PM) (--A-) (cbcb938e63b44da19d1d086cfafc7c00) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company
Srl) (7/6/2010 7:32:33 PM) (--A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
C:\Program Files\NoVirusThanks\Hijack Hunter\unins000.exe (707354 bytes) (Unknown) (7/6/2010
7:32:33 PM) (--A-) (eecf7fe501b410aa3733bb0b23ab678a) (Created)
C:\Program Files\Prevx\prevx.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:43 AM) (--A-)
(8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\Program Files\SeaMonkey\AccessibleMarshal.dll (12288 bytes) (Mozilla Foundation)
(6/25/2010 1:47:00 PM) (--A-) (ff950ab4969ad5c74833cda77aff4ecd) (Modified)
-
C:\Program Files\SeaMonkey\crashreporter.exe (118272 bytes) (Mozilla Foundation) (6/25/2010
1:47:09 PM) (--A-) (41d38ed429db641884dd833ede79ec75) (Modified)
C:\Program Files\SeaMonkey\freebl3.dll (249856 bytes) (Mozilla Foundation) (6/25/2010
1:47:11 PM) (--A-) (02fa81c159a7a11d7113a6e79e49aa58) (Modified)
C:\Program Files\SeaMonkey\js3250.dll (809472 bytes) (Netscape Communications Corporation)
(6/25/2010 1:47:11 PM) (--A-) (2691f12e7d1983e12c675eb299f3d783) (Modified)
C:\Program Files\SeaMonkey\MapiProxy.dll (11776 bytes) (Mozilla.org) (6/25/2010 1:47:00 PM)
(--A-) (2cbfbad7e66189e376625f268919325a) (Modified)
C:\Program Files\SeaMonkey\MapiProxy_InUse.dll (11776 bytes) (Mozilla.org) (6/25/2010
1:47:00 PM) (--A-) (2cbfbad7e66189e376625f268919325a) (Modified)
C:\Program Files\SeaMonkey\mozcrt19.dll (708608 bytes) (Mozilla Foundation) (6/25/2010
1:47:11 PM) (--A-) (630b4e41473424fb6b085309a3d05aa0) (Modified)
C:\Program Files\SeaMonkey\mozMapi32.dll (45056 bytes) (Mozilla.org) (6/25/2010 1:47:11 PM)
(--A-) (f89eb91a1fc90fdf2dc17f801eb0e074) (Modified)
C:\Program Files\SeaMonkey\mozMapi32_InUse.dll (45056 bytes) (Mozilla.org) (6/25/2010
1:47:11 PM) (--A-) (f89eb91a1fc90fdf2dc17f801eb0e074) (Modified)
C:\Program Files\SeaMonkey\nsldap32v60.dll (155648 bytes) (Unknown) (6/25/2010 1:47:11 PM)
(--A-) (dc7224d3971e241030f36c829b9da85c) (Modified)
C:\Program Files\SeaMonkey\nsldappr32v60.dll (15360 bytes) (Unknown) (6/25/2010 1:47:11 PM)
(--A-) (94583c8e263da96db75129a298df054d) (Modified)
C:\Program Files\SeaMonkey\nsldif32v60.dll (10240 bytes) (Unknown) (6/25/2010 1:47:12 PM)
(--A-) (224cdcf795eb1f27355e8760010d6a2e) (Modified)
C:\Program Files\SeaMonkey\nspr4.dll (163840 bytes) (Mozilla Foundation) (6/25/2010 1:47:12
PM) (--A-) (5de7d301fd304698f3c4e3f1421889c5) (Modified)
C:\Program Files\SeaMonkey\nss3.dll (638976 bytes) (Mozilla Foundation) (6/25/2010 1:47:12
PM) (--A-) (9149956985475f1c74ccce8667aa6920) (Modified)
C:\Program Files\SeaMonkey\nssckbi.dll (344064 bytes) (Mozilla Foundation) (6/25/2010
1:47:12 PM) (--A-) (85ed24f4a069e8fc87280a8f4dfac6cf) (Modified)
C:\Program Files\SeaMonkey\nssdbm3.dll (98304 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (--A-) (a6b20f65ce26dc0fe4f348522a5bbfad) (Modified)
C:\Program Files\SeaMonkey\nssutil3.dll (81920 bytes) (Mozilla Foundation) (6/25/2010
1:47:13 PM) (--A-) (a9a49ae75b2b0b6941b4886fc12f903d) (Modified)
C:\Program Files\SeaMonkey\plc4.dll (14848 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (--A-) (ae635826d46d4a8803c07589f4895231) (Modified)
C:\Program Files\SeaMonkey\plds4.dll (11776 bytes) (Mozilla Foundation) (6/25/2010 1:47:13
PM) (--A-) (a73dd06ed1a0bb537449a60ec41c91ce) (Modified)
C:\Program Files\SeaMonkey\seamonkey.exe (11523072 bytes) (mozilla.org) (6/25/2010 1:47:20
PM) (--A-) (e7f1058abb0d073eab12e26544c6779a) (Modified)
C:\Program Files\SeaMonkey\smime3.dll (98304 bytes) (Mozilla Foundation) (6/25/2010 1:47:21
PM) (--A-) (e01c2ff05ed95096e4d313989d505f0f) (Modified)
C:\Program Files\SeaMonkey\softokn3.dll (155648 bytes) (Mozilla Foundation) (6/25/2010
1:47:21 PM) (--A-) (bfa9d39c112f9d5f9343a3cf746b6e91) (Modified)
C:\Program Files\SeaMonkey\sqlite3.dll (452096 bytes) (sqlite.org) (6/25/2010 1:47:21 PM)
(--A-) (78ce45a064e1b9139423d68e0aad5087) (Modified)
C:\Program Files\SeaMonkey\ssl3.dll (135168 bytes) (Mozilla Foundation) (6/25/2010 1:47:22
PM) (--A-) (145123f8dd242896143f4cb74317cb02) (Modified)
C:\Program Files\SeaMonkey\updater.exe (241152 bytes) (Mozilla Foundation) (6/25/2010
1:47:23 PM) (--A-) (2b706aae28bc186f1acd0a63378afe67) (Modified)
C:\Program Files\SeaMonkey\xpcom.dll (12288 bytes) (Mozilla Foundation) (6/25/2010 1:47:23
PM) (--A-) (8c9cc8d1fc4bd6275ae6aaf8cc2da0f8) (Modified)
C:\Program Files\SeaMonkey\xpcom_core.dll (393728 bytes) (Mozilla Foundation) (6/25/2010
1:47:23 PM) (--A-) (b4123595e86cb33cd3c8ff2708e1b1c3) (Modified)
C:\Program Files\SeaMonkey\components\jar50.dll (73216 bytes) (Mozilla Foundation)
(6/25/2010 1:47:07 PM) (--A-) (e8e1f1e72ed7826f11d1fc725a0e2ea9) (Modified)
C:\Program Files\SeaMonkey\components\jsd3250.dll (51712 bytes) (Mozilla Foundation)
(6/25/2010 1:47:08 PM) (--A-) (40efceac1ede246e5c32f844efd53597) (Modified)
C:\Program Files\SeaMonkey\components\suite.dll (219648 bytes) (Mozilla Foundation)
(6/25/2010 1:47:08 PM) (--A-) (327692eab89f8113533867a585bf82d5) (Modified)
C:\Program Files\SeaMonkey\components\xpinstal.dll (60928 bytes) (Mozilla Foundation)
(6/25/2010 1:47:09 PM) (--A-) (f7e2f40a58eb994520aea2dbdd3a99ed) (Modified)
C:\Program Files\SeaMonkey\plugins\npnul32.dll (59392 bytes) (mozilla.org) (6/25/2010
1:47:13 PM) (--A-) (b4818769db2221d8b6daed92a0fcf44e) (Modified)
C:\Program Files\SeaMonkey\uninstall\helper.exe (574366 bytes) (mozilla.org) (6/25/2010
1:47:22 PM) (--A-) (d9abaaae8c1533b688c37bae69c63b2c) (Modified)
C:\Program Files\Uniblue\RegistryBooster\cache.dll (47616 bytes) (Unknown) (7/4/2010 2:39:43
AM) (--A-) (7755a4124b2479747ac7d48f7ae50524) (Created)
C:\Program Files\Uniblue\RegistryBooster\cwebpage.dll (13312 bytes) (Unknown) (7/4/2010
2:39:43 AM) (--A-) (f93afc6e00fa44babcf453e0aff5cb90) (Created)
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe (56680 bytes) (Uniblue Systems
Limited) (7/4/2010 2:39:45 AM) (--A-) (8282dbc5552bf24b67a015cb960f4379) (Created)
C:\Program Files\Uniblue\RegistryBooster\locale\en\en.dll (131072 bytes) (Unknown) (7/4/2010
2:39:46 AM) (--A-) (dc820e487afe07525e42094974679698) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\alert.zap (206848 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (7b8585831ea0f3d17ab76917ebb9f110) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\cam.zap (77312 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:42 AM) (--A-) (7a45369411d5eafe098b9eacbbf68196) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\cpes_clean.exe (3894280 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:36 AM) (--A-) (95d7584246c4d0e4d673548ee50b265a) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\email.zap (68096 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (8f55dd5df1cd0471a9f7cb9aae4b9e3b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\expert.dll (215552 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (de8953604082e49e706e8e732a83ba48) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\filter.zap (70656 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (58d576c7862cd9c9079f5b1c22b5dd88) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap (139264 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (3fc764f87954cb2c32c779ce20bb9d73) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll (1480192 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (--A-) (d0c7036087aa8621f9c1c2ffd702f5ae) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap (219648 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (c613b4e002e606edf9d2764d7c1945ce) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\multifix.exe (17920 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:38 AM) (--A-) (00e72530e2cff387ba3ff4383afaf1f8) (Created)
-
C:\Program Files\Zone Labs\ZoneAlarm\programs.zap (323584 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:39 AM) (--A-) (be98b0eafbaa8cb136db829f6323af58) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\scan.zap (617472 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:41 AM) (--A-) (015694f89b79e49f7feb7cedbb27a131) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\security.zap (353280 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:39 AM) (--A-) (7b3a934e7b16483f4a044aa67bc233de) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\websecurity.zap (53760 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (785ab89038de4e22e7e92d301aa12fd7) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe (218624 bytes) (Unknown) (7/2/2010 4:52:35
AM) (--A-) (4b90b1e1dc53efbca79893d417ae3233) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zhtml.dll (2035592 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:40 AM) (--A-) (16da352476324eb9f2745e7f2f0aee20) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (1043968 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:37 AM) (--A-) (0d2f62c6e2e9bd508f7bf2e6c8ba176d) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe (39936 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:38 AM) (--A-) (d8fc70ceedaf0306437186d9061651c5) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\cpinfo.exe (345384 bytes) (Check Point
Software Technologies) (7/2/2010 4:52:18 AM) (--A-) (efaca930e0309acf4377390a7adcfb4c)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\DiagnosticsCaptureTool.exe (253952 bytes)
(Unknown) (7/2/2010 4:52:17 AM) (--A-) (f3df58d3699453ba00cb4811c089def4) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\osrbang.exe (67584 bytes) (OSR Open Systems
Resources, Inc.) (7/2/2010 4:52:18 AM) (--A-) (0571d17ad54479cded409e07a205c85b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\vsinit.dll (228864 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:18 AM) (--A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\vsutil.dll (713728 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:18 AM) (--A-) (30104887d2f952d7640b57f2a03fe6b3)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsdb.dll (211456 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:22 AM) (--A-) (d1542c1450d8d6f16eabd406483b75aa) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsinit.dll (228864 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:44:14 AM) (--A-) (8bb8d55cb7b7ba11abd25b4f051e8a3b) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsmon.exe (2435592 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:52:23 AM) (--A-) (589a8b75fd731f8e186292275f3f3692) (Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsruledb.dll (1790464 bytes) (Check Point
Software Technologies LTD) (7/2/2010 4:52:27 AM) (--A-) (b878b46a658fc2e2b1396f34c9da801c)
(Created)
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsutil.dll (713728 bytes) (Check Point Software
Technologies LTD) (7/2/2010 4:44:13 AM) (--A-) (30104887d2f952d7640b57f2a03fe6b3) (Created)
C:\WINDOWS\avastSS.scr (38848 bytes) (ALWIL Software) (6/30/2010 11:11:00 AM) (--A-)
(048948bd5b560f0db1788d31daa5caa5) (Created)
C:\WINDOWS\GREUninstall.exe (118784 bytes) (Unknown) (6/25/2010 1:58:04 PM) (--A-)
(672be8add341f1d2587c8518273531ea) (Modified)
C:\WINDOWS\SeaMonkeyUninstall.exe (118784 bytes) (Unknown) (6/25/2010 1:58:15 PM) (--A-)
(2bd7b5adcebf5ec1fbeaab9686936237) (Modified)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst169.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:47 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst396.exe (6385616 bytes) (Prevx) (7/4/2010 9:17:11 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\pvxinst483.exe (6385616 bytes) (Prevx) (7/4/2010 9:22:08 AM)
(--A-) (8eda696d91c56c2f16cacb2b3306ad5d) (Created)
C:\DOCUME~1\OUR PC\LOCALS~1\Temp\4510DCCA-3609EAE0-6EC12C2E-4635F69C\7E11E135-8ECC946A-
535C87F0-C88831DA (119288 bytes) (Doctor Web, Ltd.) (7/5/2010 8:30:37 AM) (--A-)
(cde066123a0a7b52369ea75cdd39a343) (Created)
- Hidden files in suspicious folders
- Suspicious Registry Keys
- Suspicious folders
- Drivers
C:\WINDOWS\system32\drivers\amdppm.sys (AmdPPM) (AMD HwPState Processor Driver) (Advanced
Micro Devices) (033448d435e65c4bd72e70521fd05c76)
C:\WINDOWS\system32\drivers\anydvd.sys (AnyDVD) (AnyDVD) (SlySoft, Inc.)
(a198fd45dfe819c1f9a7bed90339842f)
C:\WINDOWS\system32\drivers\dccam.sys (DcCam) (Kodak Camera Proxy) (Eastman Kodak Company)
(9a04f967886f55121fb9c0d447a2993b)
C:\WINDOWS\system32\drivers\dcfs2k.sys (DCFS2k) (DCFS2k) (Eastman Kodak Company)
(b9a22912f7e19f5984e5f3c15fb80266)
C:\WINDOWS\system32\drivers\dclps.sys (DcLps) (Legacy Polling Service) (Eastman Kodak
Company) (ccd2e14c7f093a5b72a74e286ec13ffb)
C:\WINDOWS\system32\drivers\elbycdfl.sys (ElbyCDFL) (ElbyCDFL) (SlySoft, Inc.)
(ce37e3d51912e59c80c6d84337c0b4cd)
C:\WINDOWS\system32\drivers\elbycdio.sys (ElbyCDIO) (ElbyCDIO Driver) (Elaborate Bytes AG)
(309ac30471a0f1c3a89dee1c81230576)
C:\WINDOWS\system32\drivers\lbd.sys (Lbd) (Lbd) (Lavasoft AB)
(419590ebe7855215bb157ea0cf0d0531)
C:\WINDOWS\system32\vsdatant.sys (vsdatant) (vsdatant) (Check Point Software Technologies
LTD) (050c38ebb22512122e54b47dc278bccd)
- Drivers -> FSFilter Anti-Virus
- Services
c:\windows\system32\drivers\dcfssvc.exe (Dcfssvc) (Dcfssvc) (Eastman Kodak Company)
(9fbcc5c671011e406941f5d2008bea87)
c:\program files\lavasoft\ad-aware\aawservice.exe (Lavasoft Ad-Aware Service) (Lavasoft Ad-
Aware Service) (Lavasoft) (b30f37242dd1c640dd5c770ff5b378ae)
-
c:\program files\common files\lightscribe\lssrvc.exe (LightScribeService)
(LightScribeService Direct Disc Labeling Service) (Hewlett-Packard Company)
(984ecb68ed2a2b2e6a544e87e24fba2d)
c:\program files\kodak\kodak picture transfer software\ptssvc.exe (ptssvc) (ptssvc)
(Unknown) (e1855061710a925032249539f3f1a73d)
slserv.exe (SLService) (SmartLinkService) (Smart Link) (d41d8cd98f00b204e9800998ecf8427e)
c:\windows\system32\zonelabs\vsmon.exe (vsmon) (TrueVector Internet Monitor) (Check Point
Software Technologies LTD) (589a8b75fd731f8e186292275f3f3692)
C:\Program Files\NOS\bin\getPlus_Helper.dll (68000 bytes) (NOS Microsystems Ltd.) (1/2/2010
2:00:45 PM) (--A-) (0879dc7444a201df84e69c5dd5083d61)
- Unknown files in Winsock LSP
- Unknown files in CLSID
C:\WINDOWS\System32\Adobe\SVG Viewer\SVGControl.dll (491574 bytes) (Adobe Systems
Incorporated) (4/9/2008 7:50:19 PM) (--A-) (90d5a849e8df91f94fe965e145818215)
C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL (175968 bytes) (Unknown) (6/30/2007 8:09:06
PM) (--A-) (bcd0a5c3c1715c363cb3f321abe31514)
C:\WINDOWS\system32\OGACheckControl.dll (403816 bytes) (Unknown) (8/3/2009 4:07:42 PM) (--A
-) (10c03f5479e6bd73c9cb3dfde9fa4c2e)
C:\WINDOWS\system32\threed32.ocx (205848 bytes) (Sheridan Software Systems, Inc.) (12/2/2003
10:19:09 AM) (--A-) (63b70d0ba6990e04ec37b9e3ead762b3)
C:\WINDOWS\system32\hypertrm.dll (347136 bytes) (Hilgraeve, Inc.) (8/22/2008 6:15:14 PM) (-
-A-) (277bdf16a94be0d063988d692541650b)
C:\WINDOWS\system32\ir50_32.dll (755200 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (-
-A-) (5f10dc19d92ccf6b719b494572f4f74b)
C:\WINDOWS\system32\VSFLEX3.OCX (225280 bytes) (VideoSoft) (1/5/1999 5:30:02 PM) (--A-)
(c758ebc719c0d07b1b0e251c77f11bfd)
C:\WINDOWS\system32\MIDIFL32.OCX (52224 bytes) (Unknown) (7/15/2001 1:19:02 PM) (--A-)
(ad5724821febd3d0e12bcf55de9e32ea)
C:\WINDOWS\system32\Hpousd05.dll (50848 bytes) (Windows (R) 2000 DDK provider) (5/2/2008
12:31:47 AM) (--A-) (3f1c412a42120c0704d2fd14360daa86)
C:\WINDOWS\system32\ir41_32.ax (848384 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (--
A-) (948e1498c6438625247f94534aaa82fe)
C:\WINDOWS\system32\l3codecx.ax (83456 bytes) (Fraunhofer Institut Integrierte Schaltungen
IIS) (8/4/2004 6:00:00 AM) (--A-) (b5a7a5a67ecc144117d1e7d5352a2f6a)
C:\WINDOWS\system32\acelpdec.ax (61952 bytes) (Sipro Lab Telecom Inc.) (8/4/2004 6:00:00 AM)
(--A-) (d0a33c77354a6f12ccd8034e4429a30d)
C:\WINDOWS\system32\MIDIIO32.OCX (61952 bytes) (Unknown) (7/15/2001 1:32:04 PM) (--A-)
(d75ae4ef5ccd747c1c12f5accb6f005c)
C:\WINDOWS\system32\hticons.dll (44544 bytes) (Hilgraeve, Inc.) (11/2/2008 11:02:34 AM) (--
A-) (f759a6e14403bc3d7a55ccad1b8f7b4a)
C:\WINDOWS\system32\CmdLineExt.dll (107888 bytes) (Sony DADC Austria AG.) (3/21/2009
12:13:06 AM) (--A-) (ccec125c8a9d90e2c27fc73bde97772b)
C:\WINDOWS\system32\actskin4.ocx (380928 bytes) (Unknown) (2/16/2008 3:40:18 PM) (--A-)
(99825c8aed2fa0ac76aa0fad770f44c1)
C:\WINDOWS\system32\HSlide32.OCX (61872 bytes) (Unknown) (6/11/2008 8:54:42 AM) (--A-)
(2dab57153ed40dcd8a021f69c14b0299)
C:\WINDOWS\system32\CoachWia.dll (96768 bytes) (FotoNation) (4/6/2009 7:13:10 PM) (--A-)
(d1a846757fa77dc56fb75cd4a80ddfd1)
C:\WINDOWS\system32\ivfsrc.ax (154624 bytes) (Intel Corporation) (8/4/2004 6:00:00 AM) (--A
-) (f7aceef4b13e8035ded875978b40c998)
C:\WINDOWS\system32\deploytk.dll (410984 bytes) (Sun Microsystems, Inc.) (2/21/2009 11:25:35
AM) (--A-) (d14bfab125e34b0f1bc152b92fb02d94)
C:\WINDOWS\system32\CoachDlg.dll (16896 bytes) (FotoNation Inc.) (4/6/2009 7:13:10 PM) (--A
-) (3fb1f0c7678b0c0841e2d33a78fad6df)
tcpsvcs.exe -> 0.0.0.0:7 -> 0.0.0.0:0 -> LISTENING
tcpsvcs.exe -> 0.0.0.0:9 -> 0.0.0.0:0 -> LISTENING
tcpsvcs.exe -> 0.0.0.0:13 -> 0.0.0.0:0 -> LISTENING
tcpsvcs.exe -> 0.0.0.0:17 -> 0.0.0.0:0 -> LISTENING
tcpsvcs.exe -> 0.0.0.0:19 -> 0.0.0.0:0 -> LISTENING
inetinfo.exe -> 0.0.0.0:25 -> 0.0.0.0:0 -> LISTENING
inetinfo.exe -> 0.0.0.0:80 -> 0.0.0.0:0 -> LISTENING
svchost.exe -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING
inetinfo.exe -> 0.0.0.0:443 -> 0.0.0.0:0 -> LISTENING
N/A -> 0.0.0.0:445 -> 0.0.0.0:53303 -> LISTENING
inetinfo.exe -> 0.0.0.0:1025 -> 0.0.0.0:0 -> LISTENING
N/A -> 96.18.111.243:139 -> 0.0.0.0:2080 -> LISTENING
tcpsvcs.exe -> 0.0.0.0:7 -> *.*
tcpsvcs.exe -> 0.0.0.0:9 -> *.*
tcpsvcs.exe -> 0.0.0.0:13 -> *.*
tcpsvcs.exe -> 0.0.0.0:17 -> *.*
tcpsvcs.exe -> 0.0.0.0:19 -> *.*
N/A -> 0.0.0.0:445 -> *.*
inetinfo.exe -> 0.0.0.0:3456 -> *.*
svchost.exe -> 0.0.0.0:3544 -> *.*
svchost.exe -> 96.18.111.243:123 -> *.*
N/A -> 96.18.111.243:137 -> *.*
N/A -> 96.18.111.243:138 -> *.*
svchost.exe -> 96.18.111.243:520 -> *.*
svchost.exe -> 96.18.111.243:1041 -> *.*
svchost.exe -> 96.18.111.243:1900 -> *.*
svchost.exe -> 127.0.0.1:123 -> *.*
svchost.exe -> 127.0.0.1:1026 -> *.*
svchost.exe -> 127.0.0.1:1900 -> *.*
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
(I have about 150 pages of additional Hosts files)
C:\WINDOWS\Explorer.EXE -> KERNEL32.DLL->GetProcAddress -> ShimEng.dll -> IAT
[SSDT] NtClose -> 0xEEB56CD2 -> 0x80567A6D -> aswSP.SYS
[SSDT] NtConnectPort -> 0xEECA1534 -> 0x80588DBB -> vsdatant.sys
-
[SSDT] NtCreateFile -> 0xEEC9B782 -> 0x8056F600 -> vsdatant.sys
[SSDT] NtCreateKey -> 0xEEB56B8E -> 0x80572E9D -> aswSP.SYS
[SSDT] NtCreatePort -> 0xEECA1CC0 -> 0x805975B1 -> vsdatant.sys
[SSDT] NtCreateProcess -> 0xEECB4EB4 -> 0x805B136A -> vsdatant.sys
[SSDT] NtCreateProcessEx -> 0xEECB52A2 -> 0x80581030 -> vsdatant.sys
[SSDT] NtCreateSection -> 0xEECBE916 -> 0x805652B3 -> vsdatant.sys
[SSDT] NtCreateWaitablePort -> 0xEECA1DF6 -> 0x805DB11C -> vsdatant.sys
[SSDT] NtDeleteFile -> 0xEEC9C398 -> 0x805D8003 -> vsdatant.sys
[SSDT] NtDeleteKey -> 0xEEB57142 -> 0x805952BE -> aswSP.SYS
[SSDT] NtDeleteValueKey -> 0xEEB5706C -> 0x80592D50 -> aswSP.SYS
[SSDT] NtDuplicateObject -> 0xEECB3DF0 -> 0x80573FE9 -> vsdatant.sys
[SSDT] NtLoadKey -> 0xEECBC93C -> 0x805AED6D -> vsdatant.sys
[SSDT] NtLoadKey2 -> 0xEECBCB44 -> 0x805AEBAA -> vsdatant.sys
[SSDT] NtOpenFile -> 0xEEC9BFAA -> 0x8056F59B -> vsdatant.sys
[SSDT] NtOpenKey -> 0xEEB56C68 -> 0x80568EE9 -> aswSP.SYS
[SSDT] NtOpenProcess -> 0xEECB71CE -> 0x805741D0 -> vsdatant.sys
[SSDT] NtOpenThread -> 0xEECB6DF8 -> 0x8058B58D -> vsdatant.sys
[SSDT] NtQueryValueKey -> 0xEEB56D88 -> 0x8056A382 -> aswSP.SYS
[SSDT] NtRenameKey -> 0xEEB57210 -> 0x8064E812 -> aswSP.SYS
[SSDT] NtReplaceKey -> 0xEECBD208 -> 0x8064F16E -> vsdatant.sys
[SSDT] NtRequestWaitReplyPort -> 0xEECA10F4 -> 0x8056DA20 -> vsdatant.sys
[SSDT] NtRestoreKey -> 0xEEB56D48 -> 0x8064ED05 -> aswSP.SYS
[SSDT] NtSecureConnectPort -> 0xEECA17DC -> 0x8058F4DC -> vsdatant.sys
[SSDT] NtSetInformationFile -> 0xEEC9C75C -> 0x80576CA4 -> vsdatant.sys
[SSDT] NtSetSecurityObject -> 0xEECBDE12 -> 0x8059B19B -> vsdatant.sys
[SSDT] NtSetValueKey -> 0xEEB56EC8 -> 0x80579A43 -> aswSP.SYS
[SSDT] NtSystemDebugControl -> 0xEECB5F0A -> 0x80649D57 -> vsdatant.sys
[SSDT] NtTerminateProcess -> 0xEECB5C86 -> 0x805836B0 -> vsdatant.sys
[RING0] ntoskrnl.exe -> ObInsertObject -> 0x8056503A -> 0xEEB60F6C -> aswSP.SYS
[RING0] ntoskrnl.exe -> ObMakeTemporaryObject -> 0x8059F85E -> 0xEEB5F5B4 -> aswSP.SYS
[RING0] ntoskrnl.exe -> NtLoadDriver -> 0x805A3B01 -> 0xEEB63AFE -> aswSP.SYS
(!!!POSSIBLE ROOTKIT DETECTED!!!)
---
Finish [ 0:9:24 ]
-
look in /var/log/Xorg.0.log for the reason X didnt start. That may give you a clue.
-
Hi friend sorry for lating i have a problem with internet connection.
1.download threat killer from here:http://www.novirusthanks.org/products/threat-killer/ (http://www.novirusthanks.org/products/threat-killer/)
2.i attach a file with name "clean.txt",open the GUI of threat killer and browse for my file after download then press "Excute!"button
3.wait until the program work.then post the log here
4.download dial a fix to fix related policies problems:http://wiki.lunarsoft.net/wiki/Dial-a-fix (http://wiki.lunarsoft.net/wiki/Dial-a-fix)
5.reboot
6.clean your temp using ccleaner:http://www.piriform.com/ccleaner (http://www.piriform.com/ccleaner)
7.re install avast from scratch.
I suggest you to uninstall S&D and ad-aware and use a better product like MBAM.
post again if you have problems.
superhacker
-
I am sorry I can't find "clean.txt", only .txt file I found is "readme.txt".
Thanks,
Mirek
-
i mean you should download it from the topic,then run the script from threat killer
http://www.novirusthanks.org/products/threat-killer/ (http://www.novirusthanks.org/products/threat-killer/)
see pictures
-
I feel pretty stupid now... I saved the file in Thread Killer and I will run it. Every time I need to open Internet explorer, I have to reboot PC. I will post logs once done.
Thanks,
Mirek
-
Here is the log:
Threat Killer - Scriptable Malware Remover 1.7.2.0
http://www.novirusthanks.org
Log started on 7/10/2010 at 6:59:40 AM
Microsoft Windows XP 5.1 Service Pack 3 32-bit OS
(kill process) C:\WINDOWS\GREUninstall.exe -> Error: Process does not exist
(kill process) C:\Documents and Settings\All Users.WINDOWS\Application Data\xuxudele\tkdyhqbm.exe -> Error: Process does not exist
Backup of C:\WINDOWS\GREUninstall.exe completed. -> GREUninstall.exe_7-10-2010_6_59_40 AM_672be8add341f1d2587c8518273531ea
(delete files) C:\WINDOWS\GREUninstall.exe -> Deleted
Backup of C:\Documents and Settings\All Users.WINDOWS\Application Data\xuxudele\tkdyhqbm.exe failed.
(delete files) C:\Documents and Settings\All Users.WINDOWS\Application Data\xuxudele\tkdyhqbm.exe -> Error: The system cannot find the path specified
End.
Thanks,
Mirek
-
did you still the problem with avast?
i wish no you dont ;D
-
No problem with Avast now. Thanks a lot,
Mirek
-
I will pay anybody with my debit card 2 help me get rid of the 007guard parasite !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
I will pay anybody with my debit card 2 help me get rid of the 007guard parasite !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
well...that is not how it works, in here the removal is free ;)
first you start a new topic that is yours....
follow this guide and attach the logs from Malwarebytes / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0
if you have trouble attaching the logs, then upload to www.mediafire.com and post the download link in the new topic you started
Googling "007guard" it seems to have to do with SpyBot S&D