Jump to content


Photo

PC Infected? Sending out random emails


  • This topic is locked This topic is locked
18 replies to this topic

#1 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 16 February 2012 - 07:05 AM

I received a random spam email from my father's account, so popped round to check out his PC.

His Yahoo mail is full of failure notices where spam emails have been sent out and bounced; they are typical spam types i.e. You can earn money today using your pc etc plus a link.

A full MSE scan revealed nothing. Malwarebytes also found nothing. Spybot found one instance of w3i.iq5.fraud and (apparently) removed it, but the problem is still there with a second bunch of emails sent out today.

Grateful for any advice. PC is XP SP3.

HJT Log below

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:50:17 AM, on 2/16/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\User\Desktop\HijackThis.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25554
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6420 bytes

#2 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 16 February 2012 - 08:42 AM

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by User at 13:00:53 on 2012-02-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.955 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Internet Security Essentials *Enabled/Updated* {85E2087A-9B64-4118-B38C-4C6F2DB53927}
FW: Internet Security Essentials *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\User\Desktop\HijackThis.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://uk.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:25554
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [EPSON Stylus Photo RX420 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-explorer: DisallowRun = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7DD6B9BD-CE66-46EF-B17C-AF5104431005} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
IFEO: image file execution options - svchost.exe
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-9-4 57248]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-9-4 1691480]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2009-9-5 1069824]
.
=============== Created Last 30 ================
.
2012-02-15 08:46:02 6557240 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e060f003-990a-4ffe-8cb9-5d72d03ee562}\mpengine.dll
2012-02-15 08:38:10 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 08:38:10 3072 ------w- c:\windows\system32\iacenc.dll
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-24 17:43:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46:36 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22:58 385024 ----a-w- c:\windows\system32\html.iec
2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 13:02:12.25 ===============

#3 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 16 February 2012 - 08:43 AM

Also since first posting I have also run a Bitdefender online scan which found nothing.

Now running F-Secure online (EDIT: Completed. Found nothing major, just some tracking cookies)

Edited by Mightydave1976, 16 February 2012 - 09:57 AM.


#4 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 16 February 2012 - 09:15 PM

Hello Mightydave1976.

Please create a Restore Point.

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply, along with checkup.txt from Security Check (see Instructions)

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#5 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 17 February 2012 - 06:19 AM

10:53:24.0640 3032 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
10:53:24.0906 3032 ============================================================
10:53:24.0906 3032 Current date / time: 2012/02/17 10:53:24.0906
10:53:24.0906 3032 SystemInfo:
10:53:24.0906 3032
10:53:24.0906 3032 OS Version: 5.1.2600 ServicePack: 3.0
10:53:24.0906 3032 Product type: Workstation
10:53:24.0921 3032 ComputerName: REVO
10:53:24.0921 3032 UserName: User
10:53:24.0921 3032 Windows directory: C:\WINDOWS
10:53:24.0921 3032 System windows directory: C:\WINDOWS
10:53:24.0921 3032 Processor architecture: Intel x86
10:53:24.0921 3032 Number of processors: 4
10:53:24.0921 3032 Page size: 0x1000
10:53:24.0921 3032 Boot type: Normal boot
10:53:24.0921 3032 ============================================================
10:53:28.0046 3032 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:53:28.0062 3032 \Device\Harddisk0\DR0:
10:53:28.0062 3032 MBR used
10:53:28.0062 3032 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
10:53:28.0093 3032 Initialize success
10:53:28.0093 3032 ============================================================
10:53:32.0187 3024 ============================================================
10:53:32.0187 3024 Scan started
10:53:32.0187 3024 Mode: Manual;
10:53:32.0187 3024 ============================================================
10:53:32.0750 3024 Abiosdsk - ok
10:53:32.0750 3024 abp480n5 - ok
10:53:32.0796 3024 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:53:32.0812 3024 ACPI - ok
10:53:32.0843 3024 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:53:32.0843 3024 ACPIEC - ok
10:53:32.0843 3024 adpu160m - ok
10:53:32.0890 3024 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:53:32.0890 3024 aec - ok
10:53:32.0937 3024 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:53:32.0937 3024 AFD - ok
10:53:33.0000 3024 Aha154x - ok
10:53:33.0015 3024 aic78u2 - ok
10:53:33.0031 3024 aic78xx - ok
10:53:33.0046 3024 AliIde - ok
10:53:33.0156 3024 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
10:53:33.0171 3024 Ambfilt - ok
10:53:33.0234 3024 amsint - ok
10:53:33.0250 3024 asc - ok
10:53:33.0265 3024 asc3350p - ok
10:53:33.0281 3024 asc3550 - ok
10:53:33.0328 3024 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:53:33.0328 3024 AsyncMac - ok
10:53:33.0343 3024 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:53:33.0359 3024 atapi - ok
10:53:33.0359 3024 Atdisk - ok
10:53:33.0390 3024 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:53:33.0390 3024 Atmarpc - ok
10:53:33.0437 3024 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:53:33.0437 3024 audstub - ok
10:53:33.0468 3024 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:53:33.0468 3024 Beep - ok
10:53:33.0546 3024 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:53:33.0546 3024 cbidf2k - ok
10:53:33.0593 3024 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:53:33.0593 3024 CCDECODE - ok
10:53:33.0593 3024 cd20xrnt - ok
10:53:33.0609 3024 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:53:33.0609 3024 Cdaudio - ok
10:53:33.0656 3024 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:53:33.0656 3024 Cdfs - ok
10:53:33.0703 3024 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:53:33.0703 3024 Cdrom - ok
10:53:33.0765 3024 Changer - ok
10:53:33.0796 3024 CmdIde - ok
10:53:33.0812 3024 Cpqarray - ok
10:53:33.0843 3024 dac2w2k - ok
10:53:33.0843 3024 dac960nt - ok
10:53:33.0875 3024 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:53:33.0875 3024 Disk - ok
10:53:33.0921 3024 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:53:33.0937 3024 dmboot - ok
10:53:33.0984 3024 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:53:34.0000 3024 dmio - ok
10:53:34.0046 3024 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:53:34.0046 3024 dmload - ok
10:53:34.0093 3024 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:53:34.0093 3024 DMusic - ok
10:53:34.0109 3024 dpti2o - ok
10:53:34.0125 3024 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:53:34.0125 3024 drmkaud - ok
10:53:34.0312 3024 F-Secure Standalone Minifilter (1838a21b5abb3c76191573c06584f07e) C:\DOCUME~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys
10:53:34.0390 3024 F-Secure Standalone Minifilter - ok
10:53:34.0484 3024 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:53:34.0484 3024 Fastfat - ok
10:53:34.0515 3024 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
10:53:34.0515 3024 Fdc - ok
10:53:34.0531 3024 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:53:34.0531 3024 Fips - ok
10:53:34.0546 3024 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
10:53:34.0546 3024 Flpydisk - ok
10:53:34.0562 3024 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:53:34.0562 3024 FltMgr - ok
10:53:34.0578 3024 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:53:34.0578 3024 Fs_Rec - ok
10:53:34.0593 3024 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:53:34.0609 3024 Ftdisk - ok
10:53:34.0671 3024 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:53:34.0671 3024 GEARAspiWDM - ok
10:53:34.0734 3024 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:53:34.0734 3024 Gpc - ok
10:53:34.0781 3024 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:53:34.0781 3024 HDAudBus - ok
10:53:34.0812 3024 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:53:34.0812 3024 hidusb - ok
10:53:34.0859 3024 hpn - ok
10:53:34.0906 3024 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:53:34.0906 3024 HTTP - ok
10:53:34.0937 3024 i2omgmt - ok
10:53:34.0953 3024 i2omp - ok
10:53:35.0000 3024 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
10:53:35.0015 3024 i8042prt - ok
10:53:35.0031 3024 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:53:35.0031 3024 Imapi - ok
10:53:35.0062 3024 ini910u - ok
10:53:35.0265 3024 IntcAzAudAddService (a109fe3ca1ee4e92292b349de1b32f7b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:53:35.0343 3024 IntcAzAudAddService - ok
10:53:35.0406 3024 IntelIde - ok
10:53:35.0453 3024 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:53:35.0453 3024 intelppm - ok
10:53:35.0468 3024 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:53:35.0468 3024 Ip6Fw - ok
10:53:35.0500 3024 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:53:35.0500 3024 IpFilterDriver - ok
10:53:35.0515 3024 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:53:35.0515 3024 IpInIp - ok
10:53:35.0546 3024 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:53:35.0546 3024 IpNat - ok
10:53:35.0656 3024 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:53:35.0656 3024 IPSec - ok
10:53:35.0687 3024 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:53:35.0687 3024 IRENUM - ok
10:53:35.0718 3024 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:53:35.0718 3024 isapnp - ok
10:53:35.0750 3024 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:53:35.0750 3024 Kbdclass - ok
10:53:35.0765 3024 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:53:35.0765 3024 kbdhid - ok
10:53:35.0859 3024 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:53:35.0875 3024 kmixer - ok
10:53:35.0875 3024 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:53:35.0875 3024 KSecDD - ok
10:53:35.0906 3024 lbrtfdc - ok
10:53:35.0937 3024 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:53:35.0953 3024 mnmdd - ok
10:53:35.0984 3024 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:53:35.0984 3024 Modem - ok
10:53:36.0062 3024 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
10:53:36.0093 3024 Monfilt - ok
10:53:36.0171 3024 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:53:36.0187 3024 Mouclass - ok
10:53:36.0218 3024 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:53:36.0218 3024 mouhid - ok
10:53:36.0234 3024 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:53:36.0234 3024 MountMgr - ok
10:53:36.0265 3024 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:53:36.0265 3024 MpFilter - ok
10:53:36.0312 3024 mraid35x - ok
10:53:36.0343 3024 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:53:36.0343 3024 MRxDAV - ok
10:53:36.0390 3024 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:53:36.0406 3024 MRxSmb - ok
10:53:36.0484 3024 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:53:36.0484 3024 Msfs - ok
10:53:36.0531 3024 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:53:36.0531 3024 MSKSSRV - ok
10:53:36.0546 3024 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:53:36.0546 3024 MSPCLOCK - ok
10:53:36.0562 3024 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:53:36.0562 3024 MSPQM - ok
10:53:36.0593 3024 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:53:36.0593 3024 mssmbios - ok
10:53:36.0625 3024 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:53:36.0625 3024 MSTEE - ok
10:53:36.0718 3024 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:53:36.0718 3024 Mup - ok
10:53:36.0750 3024 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:53:36.0750 3024 NABTSFEC - ok
10:53:36.0796 3024 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:53:36.0796 3024 NDIS - ok
10:53:36.0843 3024 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:53:36.0843 3024 NdisIP - ok
10:53:36.0921 3024 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:53:36.0921 3024 NdisTapi - ok
10:53:36.0937 3024 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:53:36.0937 3024 Ndisuio - ok
10:53:36.0968 3024 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:53:36.0968 3024 NdisWan - ok
10:53:37.0000 3024 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:53:37.0000 3024 NDProxy - ok
10:53:37.0046 3024 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:53:37.0046 3024 NetBIOS - ok
10:53:37.0125 3024 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:53:37.0125 3024 NetBT - ok
10:53:37.0156 3024 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:53:37.0156 3024 Npfs - ok
10:53:37.0203 3024 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:53:37.0218 3024 Ntfs - ok
10:53:37.0296 3024 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:53:37.0296 3024 Null - ok
10:53:37.0640 3024 nv (cb0ce8de9f66a297cd86eb98921b8e58) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:53:37.0937 3024 nv - ok
10:53:38.0015 3024 NVENETFD (a12ec731bb00adad2d016d41c1f18fa4) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
10:53:38.0015 3024 NVENETFD - ok
10:53:38.0046 3024 NVHDA (cf68bcac297b4c98c1d25b81e4011de4) C:\WINDOWS\system32\drivers\nvhda32.sys
10:53:38.0046 3024 NVHDA - ok
10:53:38.0062 3024 nvnetbus (5dc6a149897820de315916b6ec984ec9) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
10:53:38.0062 3024 nvnetbus - ok
10:53:38.0078 3024 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
10:53:38.0078 3024 nvsmu - ok
10:53:38.0125 3024 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:53:38.0125 3024 NwlnkFlt - ok
10:53:38.0171 3024 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:53:38.0187 3024 NwlnkFwd - ok
10:53:38.0218 3024 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
10:53:38.0218 3024 Parport - ok
10:53:38.0234 3024 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:53:38.0234 3024 PartMgr - ok
10:53:38.0265 3024 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:53:38.0265 3024 ParVdm - ok
10:53:38.0265 3024 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:53:38.0281 3024 PCI - ok
10:53:38.0281 3024 PCIDump - ok
10:53:38.0312 3024 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:53:38.0312 3024 PCIIde - ok
10:53:38.0343 3024 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:53:38.0343 3024 Pcmcia - ok
10:53:38.0390 3024 PDCOMP - ok
10:53:38.0406 3024 PDFRAME - ok
10:53:38.0406 3024 PDRELI - ok
10:53:38.0421 3024 PDRFRAME - ok
10:53:38.0437 3024 perc2 - ok
10:53:38.0453 3024 perc2hib - ok
10:53:38.0515 3024 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:53:38.0515 3024 PptpMiniport - ok
10:53:38.0546 3024 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:53:38.0546 3024 PSched - ok
10:53:38.0562 3024 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:53:38.0562 3024 Ptilink - ok
10:53:38.0562 3024 ql1080 - ok
10:53:38.0578 3024 Ql10wnt - ok
10:53:38.0593 3024 ql12160 - ok
10:53:38.0609 3024 ql1240 - ok
10:53:38.0625 3024 ql1280 - ok
10:53:38.0640 3024 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:53:38.0640 3024 RasAcd - ok
10:53:38.0656 3024 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:53:38.0671 3024 Rasl2tp - ok
10:53:38.0687 3024 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:53:38.0687 3024 RasPppoe - ok
10:53:38.0703 3024 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:53:38.0703 3024 Raspti - ok
10:53:38.0718 3024 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:53:38.0734 3024 Rdbss - ok
10:53:38.0734 3024 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:53:38.0734 3024 RDPCDD - ok
10:53:38.0796 3024 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
10:53:38.0796 3024 RDPWD - ok
10:53:38.0890 3024 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:53:38.0890 3024 redbook - ok
10:53:38.0984 3024 RT80x86 (b84d2fb05142f17bd6ad3ad9dfc42750) C:\WINDOWS\system32\DRIVERS\RT2860.sys
10:53:39.0000 3024 RT80x86 - ok
10:53:39.0093 3024 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:53:39.0093 3024 Secdrv - ok
10:53:39.0140 3024 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
10:53:39.0140 3024 Serial - ok
10:53:39.0171 3024 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:53:39.0171 3024 Sfloppy - ok
10:53:39.0187 3024 Simbad - ok
10:53:39.0234 3024 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:53:39.0234 3024 SLIP - ok
10:53:39.0296 3024 Sparrow - ok
10:53:39.0328 3024 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:53:39.0343 3024 splitter - ok
10:53:39.0390 3024 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:53:39.0406 3024 sr - ok
10:53:39.0437 3024 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:53:39.0437 3024 Srv - ok
10:53:39.0484 3024 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:53:39.0484 3024 streamip - ok
10:53:39.0546 3024 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:53:39.0546 3024 swenum - ok
10:53:39.0609 3024 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:53:39.0625 3024 swmidi - ok
10:53:39.0640 3024 symc810 - ok
10:53:39.0656 3024 symc8xx - ok
10:53:39.0656 3024 sym_hi - ok
10:53:39.0671 3024 sym_u3 - ok
10:53:39.0703 3024 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:53:39.0703 3024 sysaudio - ok
10:53:39.0781 3024 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:53:39.0781 3024 Tcpip - ok
10:53:39.0859 3024 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:53:39.0859 3024 TDPIPE - ok
10:53:39.0890 3024 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:53:39.0890 3024 TDTCP - ok
10:53:39.0906 3024 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:53:39.0921 3024 TermDD - ok
10:53:39.0937 3024 TosIde - ok
10:53:39.0984 3024 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:53:39.0984 3024 Udfs - ok
10:53:39.0984 3024 ultra - ok
10:53:40.0046 3024 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:53:40.0078 3024 Update - ok
10:53:40.0171 3024 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
10:53:40.0171 3024 USBAAPL - ok
10:53:40.0203 3024 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
10:53:40.0218 3024 usbaudio - ok
10:53:40.0250 3024 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:53:40.0250 3024 usbccgp - ok
10:53:40.0296 3024 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:53:40.0296 3024 usbehci - ok
10:53:40.0375 3024 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:53:40.0375 3024 usbhub - ok
10:53:40.0390 3024 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:53:40.0390 3024 usbohci - ok
10:53:40.0437 3024 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:53:40.0437 3024 usbprint - ok
10:53:40.0453 3024 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:53:40.0453 3024 usbscan - ok
10:53:40.0500 3024 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:53:40.0500 3024 usbstor - ok
10:53:40.0562 3024 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:53:40.0562 3024 VgaSave - ok
10:53:40.0578 3024 ViaIde - ok
10:53:40.0625 3024 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:53:40.0625 3024 VolSnap - ok
10:53:40.0750 3024 VX3000 (13acfed0e6adca97440169dfd127ebcf) C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:53:40.0765 3024 VX3000 - ok
10:53:40.0875 3024 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:53:40.0875 3024 Wanarp - ok
10:53:40.0875 3024 WDICA - ok
10:53:40.0921 3024 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:53:40.0921 3024 wdmaud - ok
10:53:41.0000 3024 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:53:41.0000 3024 WmiAcpi - ok
10:53:41.0046 3024 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:53:41.0046 3024 WSTCODEC - ok
10:53:41.0093 3024 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:53:41.0281 3024 \Device\Harddisk0\DR0 - ok
10:53:41.0281 3024 Boot (0x1200) (a013ad31c8e714c6122c2d040947be48) \Device\Harddisk0\DR0\Partition0
10:53:41.0281 3024 \Device\Harddisk0\DR0\Partition0 - ok
10:53:41.0281 3024 ============================================================
10:53:41.0281 3024 Scan finished
10:53:41.0281 3024 ============================================================
10:53:41.0296 3292 Detected object count: 0
10:53:41.0296 3292 Actual detected object count: 0

And

Results of screen317's Security Check version 0.99.31
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Spybot - Search & Destroy
CCleaner
Java™ 6 Update 20
Java™ 6 Update 29
Java version out of date!
Adobe Flash Player 11.1.102.55
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

Also, and I don't know if this helps or not, we used another PC to change the Yahoo Mail password, and (so far) no more spams from it??

#6 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 17 February 2012 - 12:45 PM

Also, and I don't know if this helps or not, we used another PC to change the Yahoo Mail password, and (so far) no more spams from it??

Yes, that makes it sound as though the Yahoo password was hacked and the PC is only involved if the password was stolen via malware access to it.

Out of date Java installations are a vulnerability even if not used. Please do these updates:
Update Adobe Reader. (Uncheck the McAfee option box)
Updating Java:
  • Go
    here
    and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: Posted Image
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.


There is no rootkit or other obvious malware but there are some suspicious entries.
Please download ComboFix.exe to your Desktop. Visit this webpage for download links, and instructions for running the tool:
how-to-use-combofix. Be sure to read the whole page and note the graphics so you know what to expect.

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review, and let me know what problems remain. If ComboFix caused any error message, reboot again should fix it.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#7 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 18 February 2012 - 11:14 AM

ComboFix 12-02-17.02 - User 02/18/2012 15:50:27.1.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1268 [GMT 0:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\01c8dd
c:\documents and settings\All Users\Application Data\01c8dd\01c8ddef0fb76a5966689615346b0722.ocx
c:\documents and settings\All Users\Application Data\01c8dd\68.mof
c:\documents and settings\All Users\Application Data\01c8dd\8337.mof
c:\documents and settings\All Users\Application Data\01c8dd\ISE.ico
c:\documents and settings\All Users\Application Data\01c8dd\u8z6kfg6ofp45e7tm9q01u8wlrgv7tm9qjdk.dll
c:\documents and settings\User\Application Data\Internet Security Essentials
c:\documents and settings\User\Application Data\Internet Security Essentials\Instructions.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))
.
.
2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java
2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-02-18 10:05 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1E3474C8-AB57-4FF1-AA70-A544070FB045}\mpengine.dll
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan
2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec
2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 13:10 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 14:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/4/2010 12:41 PM 57248]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/4/2010 5:24 PM 1691480]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9/5/2009 8:54 AM 1069824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - APPMGMT
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004Core.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004UA.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]
.
2012-02-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:25554
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-18 15:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-02-18 15:59:48
ComboFix-quarantined-files.txt 2012-02-18 15:59
.
Pre-Run: 141,342,072,832 bytes free
Post-Run: 141,728,436,224 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 5459504733C70C2324D0D55359E3417B

#8 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 18 February 2012 - 01:25 PM

ComboFix removed remnants of the rogue Internet Security Essentials. This is a fake security program but not known to send spam.

Please do the following:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::
DDS::
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:25554


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now ;)

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#9 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 18 February 2012 - 02:48 PM

Hi cnm,

Yes I spotted the reference to Internet Security Essentials when Combofix first ran. I think it was just last remnants of an infection by ISE that we cleaned off the computer several months ago.

Here is the Combofix run using the script:


ComboFix 12-02-17.02 - User 02/18/2012 19:13:45.2.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1185 [GMT 0:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))
.
.
2012-02-18 16:13 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2BC54D99-7952-4110-972B-A626A231A303}\mpengine.dll
2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java
2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan
2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec
2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-18_15.56.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-18 19:19 . 2012-02-18 19:19 16384 c:\windows\temp\Perflib_Perfdata_1e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"EPSON Stylus Photo RX420 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE" [2004-04-09 98304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 13:10 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 14:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/4/2010 12:41 PM 57248]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9/4/2010 5:24 PM 1691480]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys --> c:\docume~1\User\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9/5/2009 8:54 AM 1069824]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 17:57]
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004Core.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-682003330-1004UA.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 21:20]
.
2012-02-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.yahoo.com/
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-18 19:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3216)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2012-02-18 19:24:35 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-18 19:24
ComboFix2.txt 2012-02-18 15:59
.
Pre-Run: 141,728,641,024 bytes free
Post-Run: 141,742,739,456 bytes free
.
- - End Of File - - DAE77FD51AE981DEFA66279A2A648CCA

#10 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 18 February 2012 - 03:05 PM

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report (if any) in your next reply.
  • Click the Back button.
  • Click the Finish button.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#11 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 18 February 2012 - 05:53 PM

Hi,

ESET scan result:


C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\6.0\3\6a88c983-6170ee5e Java/TrojanDownloader.Agent.NCA trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\01c8dd\68.mof.vir Win32/RogueAV.A trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\01c8dd\8337.mof.vir Win32/RogueAV.A trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{BECDF337-F4A9-4AB6-9882-5AAED48A2270}\RP543\A0046486.mof Win32/RogueAV.A trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{BECDF337-F4A9-4AB6-9882-5AAED48A2270}\RP543\A0046487.mof Win32/RogueAV.A trojan cleaned by deleting - quarantined

#12 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 18 February 2012 - 06:10 PM

TrojanDownloader.Agent.NCA was most likely the source of the spam and probably stole passwords.

I advise you to immediately change all sensitive passwords, particularly ones for online banking or anything else financial. Ideally do this from another PC; however I believe Dad's PC is now clean so it should be OK to do it from there..

Please do the following:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::
DirLook::
C:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Please include the newly-created C:\ComboFix.txt in your next reply, and let me know how things are running now ;)

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#13 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 19 February 2012 - 06:57 AM

Everything seems to be fine now. Have been trying to explain to my folks what makes a good secure password :thumbup:

Combofix log :


ComboFix 12-02-17.02 - User 02/19/2012 11:40:39.3.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1302 [GMT 0:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-01-19 to 2012-02-19 )))))))))))))))))))))))))))))))
.
.
2012-02-19 10:23 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7BD6CF2A-0740-4349-AFF6-727A66342CD5}\mpengine.dll
2012-02-18 20:56 . 2012-02-18 20:56 -------- d-----w- c:\program files\ESET
2012-02-18 15:36 . 2012-02-18 15:36 -------- d-----w- c:\program files\Common Files\Java
2012-02-18 15:36 . 2012-02-18 15:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-18 15:30 . 2012-02-18 15:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\User\Application Data\f-secure
2012-02-16 13:41 . 2012-02-16 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2012-02-16 13:18 . 2012-02-16 13:18 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan
2012-02-15 08:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 08:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 15:36 . 2010-09-05 20:24 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-31 12:44 . 2011-10-22 15:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 16:53 . 2007-03-08 13:47 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-06 04:19 . 2011-10-22 15:23 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-24 17:43 . 2011-12-24 17:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:46 . 2004-08-03 23:56 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-17 19:46 . 2004-08-03 23:56 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2004-08-03 23:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-16 12:22 . 2004-08-03 21:59 385024 ----a-w- c:\windows\system32\html.iec
2011-12-10 15:24 . 2011-03-10 19:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2007-03-17 13:43 293376 ----a-w- c:\windows\system32\winsrv.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache ----
.
2012-02-19 00:04 . 2012-02-19 00:04 3626 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-70c002cd
2012-02-19 00:04 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-70c002cd.idx
2012-02-19 00:04 . 2012-02-19 00:04 1235 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-750ae75d
2012-02-19 00:04 . 2012-02-19 00:04 410 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-750ae75d.idx
2012-02-19 00:04 . 2012-02-19 00:04 676 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-3faf9db6
2012-02-19 00:04 . 2012-02-19 00:04 391 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-3faf9db6.idx
2012-02-19 00:04 . 2012-02-19 00:04 2164 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-22a46d75
2012-02-19 00:04 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-22a46d75.idx
2012-02-19 00:04 . 2012-02-19 00:04 5683 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\4b3cd27-6d310fe6
2012-02-19 00:04 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\4b3cd27-6d310fe6.idx
2012-02-19 00:04 . 2012-02-19 00:04 1303 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-10e88a84
2012-02-19 00:04 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-10e88a84.idx
2012-02-19 00:04 . 2012-02-19 00:04 7509 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\3c488094-2534a794
2012-02-19 00:04 . 2012-02-19 00:04 408 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\3c488094-2534a794.idx
2012-02-19 00:04 . 2012-02-19 00:04 1793 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\4dadc938-1b062cc3
2012-02-19 00:04 . 2012-02-19 00:04 406 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\4dadc938-1b062cc3.idx
2012-02-19 00:04 . 2012-02-19 00:04 11707 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\64fdc34b-6eddccac
2012-02-19 00:04 . 2012-02-19 00:04 409 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\64fdc34b-6eddccac.idx
2012-02-18 16:37 . 2012-02-18 16:37 736 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\4a5b9cc6-2c3b034e
2012-02-18 16:37 . 2012-02-18 16:37 406 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\4a5b9cc6-2c3b034e.idx
2012-02-18 16:37 . 2012-02-18 16:37 1417 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\d9641e1-64d01cd8
2012-02-18 16:37 . 2012-02-18 16:37 408 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\d9641e1-64d01cd8.idx
2012-02-18 16:37 . 2012-02-18 16:37 15313 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\4d428ab0-638aeffb
2012-02-18 16:37 . 2012-02-18 16:37 384 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\4d428ab0-638aeffb.idx
2012-02-18 16:37 . 2012-02-18 16:37 3626 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-67311fa7
2012-02-18 16:37 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\4e1dacc1-67311fa7.idx
2012-02-18 16:37 . 2012-02-18 16:37 1147 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\40da6f6b-19bbacca
2012-02-18 16:37 . 2012-02-18 16:37 373 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\40da6f6b-19bbacca.idx
2012-02-18 16:37 . 2012-02-18 16:37 3769 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\32\733eb220-658de59b
2012-02-18 16:37 . 2012-02-18 16:37 399 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\32\733eb220-658de59b.idx
2012-02-18 16:37 . 2012-02-18 16:37 379 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\39fe90a2-5ca2c351
2012-02-18 16:37 . 2012-02-18 16:37 389 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\39fe90a2-5ca2c351.idx
2012-02-18 16:37 . 2012-02-18 16:37 1235 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-10c8c870
2012-02-18 16:37 . 2012-02-19 00:04 410 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\456b0973-10c8c870.idx
2012-02-18 16:37 . 2012-02-18 16:37 676 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-287eb6ef
2012-02-18 16:37 . 2012-02-19 00:04 391 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\4aa431a8-287eb6ef.idx
2012-02-18 16:37 . 2012-02-18 16:37 2521 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\46ddd682-4bfde571
2012-02-18 16:37 . 2012-02-18 16:37 369 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\46ddd682-4bfde571.idx
2012-02-18 16:37 . 2012-02-18 16:37 2164 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-77156c37
2012-02-18 16:37 . 2012-02-19 00:04 372 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\6aae2b56-77156c37.idx
2012-02-18 16:37 . 2012-02-18 16:37 640 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\2e4c06b1-5e24e71a
2012-02-18 16:37 . 2012-02-18 16:37 387 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\2e4c06b1-5e24e71a.idx
2012-02-18 16:37 . 2012-02-18 16:37 1303 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-3fdb60c7
2012-02-18 16:37 . 2012-02-19 00:04 403 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\24f63404-3fdb60c7.idx
2012-02-18 16:37 . 2012-02-18 16:37 4190 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\44d660db-1fc71e04
2012-02-18 16:37 . 2012-02-18 16:37 387 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\44d660db-1fc71e04.idx
2012-02-18 13:43 . 2012-02-18 13:43 19346 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\125a5e8e-406a0625
2012-02-18 13:43 . 2012-02-18 13:43 364 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\125a5e8e-406a0625.idx
2012-02-18 13:43 . 2012-02-18 13:43 21487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\403277e8-11b370db
2012-02-18 13:43 . 2012-02-18 15:36 572 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\403277e8-11b370db.idx
2012-02-18 10:11 . 2012-02-18 10:11 361 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\231d62d4-47ee3582
2012-02-18 10:11 . 2012-02-18 10:11 350 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\231d62d4-47ee3582.idx
2012-02-18 10:11 . 2012-02-18 10:11 1156 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\3a8eb78f-528e64fe
2012-02-18 10:11 . 2012-02-18 10:11 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\3a8eb78f-528e64fe.idx
2012-02-17 00:08 . 2012-02-17 00:08 80511 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\179643e-2bc2710a
2012-02-17 00:08 . 2012-02-18 15:36 3287 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\179643e-2bc2710a.idx
2012-02-16 20:43 . 2012-02-16 20:43 1476 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4617792d-426c5c13
2012-02-16 20:43 . 2012-02-16 20:43 395 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4617792d-426c5c13.idx
2012-02-16 20:43 . 2012-02-16 20:43 9328 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\b7c825a-4ab6d5c6
2012-02-16 20:43 . 2012-02-16 20:43 394 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\b7c825a-4ab6d5c6.idx
2012-02-07 00:16 . 2012-02-07 00:16 512 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\4c66b48-60f836d0
2012-02-07 00:16 . 2012-02-07 00:16 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\4c66b48-60f836d0.idx
2012-02-07 00:16 . 2012-02-07 00:16 1095 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\54\15767576-105378e1
2012-02-07 00:16 . 2012-02-07 00:16 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\54\15767576-105378e1.idx
2012-01-11 01:20 . 2012-01-11 01:20 264 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\636575c7-66f28339
2012-01-11 01:20 . 2012-01-11 01:20 407 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\636575c7-66f28339.idx
2011-12-23 00:17 . 2011-12-23 00:17 6675 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c5f2acc-2637b4bc
2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c5f2acc-2637b4bc.idx
2011-12-23 00:17 . 2011-12-23 00:17 4612 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\21512dc-5a813cd1
2011-12-23 00:17 . 2011-12-23 00:17 461 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\21512dc-5a813cd1.idx
2011-12-23 00:17 . 2011-12-23 00:17 2463 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\77242195-6638d198
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\77242195-6638d198.idx
2011-12-23 00:17 . 2011-12-23 00:17 13927 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\9\776dacc9-540bd70f
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\9\776dacc9-540bd70f.idx
2011-12-23 00:17 . 2011-12-23 00:17 401 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\51d2b29b-545a1b5d
2011-12-23 00:17 . 2011-12-23 00:17 459 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\51d2b29b-545a1b5d.idx
2011-12-23 00:17 . 2011-12-23 00:17 1086 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\6d5960b2-5f718698
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\6d5960b2-5f718698.idx
2011-12-23 00:17 . 2011-12-23 00:17 247 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\38\180c6d26-15237ba4
2011-12-23 00:17 . 2011-12-23 00:17 457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\38\180c6d26-15237ba4.idx
2011-12-23 00:17 . 2011-12-23 00:17 221 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\57da5931-71a12dca
2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\57da5931-71a12dca.idx
2011-12-23 00:17 . 2011-12-23 00:17 565 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\3b0b4cf8-5b992098
2011-12-23 00:17 . 2011-12-23 00:17 444 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\3b0b4cf8-5b992098.idx
2011-12-23 00:17 . 2011-12-23 00:17 21353 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\3394783f-17174218
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\3394783f-17174218.idx
2011-12-23 00:17 . 2011-12-23 00:17 91 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\4b3658a1-21c7cdf4
2011-12-23 00:17 . 2011-12-23 00:17 442 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\33\4b3658a1-21c7cdf4.idx
2011-12-23 00:17 . 2011-12-23 00:17 2630 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\3be20b3d-7b9c25e4
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\3be20b3d-7b9c25e4.idx
2011-12-23 00:17 . 2011-12-23 00:17 1638 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\39d3a390-66a21181
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\39d3a390-66a21181.idx
2011-12-23 00:17 . 2011-12-23 00:17 3251 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58ca92b1-46c7eae6
2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58ca92b1-46c7eae6.idx
2011-12-23 00:17 . 2011-12-23 00:17 201 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\2e3d1c30-343f9ea2
2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\2e3d1c30-343f9ea2.idx
2011-12-23 00:17 . 2011-12-23 00:17 188 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\1356eebc-206fd1d1
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\1356eebc-206fd1d1.idx
2011-12-23 00:17 . 2011-12-23 00:17 1296 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\23636e0b-484f4c93
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\23636e0b-484f4c93.idx
2011-12-23 00:17 . 2011-12-23 00:17 10386 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\205405db-451637f1
2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\205405db-451637f1.idx
2011-12-23 00:17 . 2011-12-23 00:17 1818 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\427fb042-62b465eb
2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\427fb042-62b465eb.idx
2011-12-23 00:17 . 2011-12-23 00:17 1723 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\0\46a03b00-3e93f90b
2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\0\46a03b00-3e93f90b.idx
2011-12-23 00:17 . 2011-12-23 00:17 10916 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\1c6fc0f9-54d402bb
2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\1c6fc0f9-54d402bb.idx
2011-12-23 00:17 . 2011-12-23 00:17 3102 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\23\2f0d8ad7-561c43ee
2011-12-23 00:17 . 2011-12-23 00:17 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\23\2f0d8ad7-561c43ee.idx
2011-12-23 00:17 . 2011-12-23 00:17 10367 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\55be12c6-352bb354
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\55be12c6-352bb354.idx
2011-12-23 00:17 . 2011-12-23 00:17 4098 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\7f49885a-74aa8ce8
2011-12-23 00:17 . 2011-12-23 00:17 450 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\7f49885a-74aa8ce8.idx
2011-12-23 00:17 . 2011-12-23 00:17 279 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\233aa404-735881a5
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\233aa404-735881a5.idx
2011-12-23 00:17 . 2011-12-23 00:17 254 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\509efd6-761f5536
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\22\509efd6-761f5536.idx
2011-12-23 00:17 . 2011-12-23 00:17 15448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\52eac9c6-321d8597
2011-12-23 00:17 . 2012-01-16 14:57 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\6\52eac9c6-321d8597.idx
2011-12-23 00:17 . 2011-12-23 00:17 2792 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\2ce1d633-7f17f21b
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\2ce1d633-7f17f21b.idx
2011-12-23 00:17 . 2011-12-23 00:17 2484 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\6a3a5835-77232241
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\6a3a5835-77232241.idx
2011-12-23 00:17 . 2011-12-23 00:17 2953 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\1551e090-54a63643
2011-12-23 00:17 . 2011-12-23 00:17 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\16\1551e090-54a63643.idx
2011-12-23 00:17 . 2011-12-23 00:17 2457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\521ee8b-420a9fe7
2011-12-23 00:17 . 2011-12-23 00:17 306 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\179311ce-100eeceb
2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\521ee8b-420a9fe7.idx
2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\179311ce-100eeceb.idx
2011-12-23 00:17 . 2011-12-23 00:17 6704 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\77ce3b9-2544e78a
2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\77ce3b9-2544e78a.idx
2011-12-23 00:17 . 2011-12-23 00:17 2514 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\24\7df1b118-315fb11b
2011-12-23 00:17 . 2011-12-23 00:17 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\24\7df1b118-315fb11b.idx
2011-12-23 00:17 . 2011-12-23 00:17 377 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4d393295-2b09e664
2011-12-23 00:17 . 2011-12-23 00:17 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4d393295-2b09e664.idx
2011-12-23 00:17 . 2011-12-23 00:17 91 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\b61402c-6add7cba
2011-12-23 00:17 . 2011-12-23 00:17 441 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\b61402c-6add7cba.idx
2011-12-23 00:17 . 2011-12-23 00:17 1597 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\130981ab-1b0adbf9
2011-12-23 00:17 . 2011-12-23 00:17 1509 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\194f1708-39119422
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\194f1708-39119422.idx
2011-12-23 00:17 . 2012-01-16 14:57 444 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\43\130981ab-1b0adbf9.idx
2011-12-23 00:17 . 2011-12-23 00:17 2165 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\386f9e48-2737edf0
2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\8\386f9e48-2737edf0.idx
2011-12-23 00:17 . 2011-12-23 00:17 719 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\5f55fa01-29d9edd4
2011-12-23 00:17 . 2011-12-23 00:17 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\5f55fa01-29d9edd4.idx
2011-12-23 00:17 . 2011-12-23 00:17 5355 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\4362a973-5c413a1b
2011-12-23 00:17 . 2011-12-23 00:17 3327 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53f13f7c-144489d7
2011-12-23 00:17 . 2011-12-23 00:17 450 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\4362a973-5c413a1b.idx
2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53f13f7c-144489d7.idx
2011-12-23 00:17 . 2011-12-23 00:17 1081 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7e0dd765-68d93775
2011-12-23 00:17 . 2011-12-23 00:17 459 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7e0dd765-68d93775.idx
2011-12-23 00:17 . 2011-12-23 00:17 2462 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\346a9bda-62d901b5
2011-12-23 00:17 . 2011-12-23 00:17 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\346a9bda-62d901b5.idx
2011-12-23 00:17 . 2011-12-23 00:17 4894 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\1a4ac4ba-682a8aa1
2011-12-23 00:17 . 2012-01-16 14:57 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\1a4ac4ba-682a8aa1.idx
2011-12-23 00:17 . 2011-12-23 00:17 3325 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58333cb1-123907e3
2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\58333cb1-123907e3.idx
2011-12-23 00:17 . 2011-12-23 00:17 5029 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\1094d7df-351a6b6a
2011-12-23 00:17 . 2012-01-16 14:57 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\1094d7df-351a6b6a.idx
2011-12-23 00:17 . 2011-12-23 00:17 1195 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\1c260aed-18457fb5
2011-12-23 00:17 . 2012-01-16 14:57 451 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\1c260aed-18457fb5.idx
2011-12-23 00:17 . 2011-12-23 00:17 4894 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\11d743ed-745f0c87
2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\11d743ed-745f0c87.idx
2011-12-23 00:17 . 2011-12-23 00:17 4089 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\d4df77f-293c3229
2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\63\d4df77f-293c3229.idx
2011-12-23 00:17 . 2011-12-23 00:17 3926 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7aea50a5-186c3a27
2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\7aea50a5-186c3a27.idx
2011-12-23 00:17 . 2011-12-23 00:17 4259 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\118715f4-3d3c4d88
2011-12-23 00:17 . 2012-01-16 14:57 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\52\118715f4-3d3c4d88.idx
2011-12-23 00:17 . 2011-12-23 00:17 2117 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\5745cdd9-7bd17edc
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\5745cdd9-7bd17edc.idx
2011-12-23 00:17 . 2011-12-23 00:17 2229 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\66ac9cf5-5020bc4e
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\53\66ac9cf5-5020bc4e.idx
2011-12-23 00:17 . 2011-12-23 00:17 2369 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\763a71e5-575b853b
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\37\763a71e5-575b853b.idx
2011-12-23 00:17 . 2011-12-23 00:17 2699 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\5aa4973-3fda75f5
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\5aa4973-3fda75f5.idx
2011-12-23 00:17 . 2011-12-23 00:17 2656 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\18\15668792-12403e21
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\18\15668792-12403e21.idx
2011-12-23 00:17 . 2011-12-23 00:17 2818 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\249f655b-70ca094b
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\249f655b-70ca094b.idx
2011-12-23 00:17 . 2011-12-23 00:17 2984 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\343cd55f-77a83a38
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\343cd55f-77a83a38.idx
2011-12-23 00:17 . 2011-12-23 00:17 3159 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\43a0673e-119a3e6c
2011-12-23 00:17 . 2012-01-16 14:57 443 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\62\43a0673e-119a3e6c.idx
2011-12-23 00:17 . 2011-12-23 00:17 4979 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\6ee386fd-1bce0ba4
2011-12-23 00:17 . 2012-01-16 14:57 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\61\6ee386fd-1bce0ba4.idx
2011-12-23 00:17 . 2011-12-23 00:17 4792 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\32a4b768-3daa8411
2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\32a4b768-3daa8411.idx
2011-12-23 00:17 . 2011-12-23 00:17 2491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\14749ab9-1a55bd16
2011-12-23 00:17 . 2012-01-16 14:57 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\14749ab9-1a55bd16.idx
2011-12-23 00:17 . 2011-12-23 00:17 479 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\18e3605a-3104af9a
2011-12-23 00:17 . 2012-01-16 14:57 448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\18e3605a-3104af9a.idx
2011-12-23 00:17 . 2011-12-23 00:17 3672 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\283c6b67-292c343d
2011-12-23 00:17 . 2012-01-16 14:57 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\283c6b67-292c343d.idx
2011-12-23 00:17 . 2011-12-23 00:17 55 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\10ca0362-7e05e04d
2011-12-23 00:17 . 2012-01-16 14:57 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\10ca0362-7e05e04d.idx
2011-12-23 00:17 . 2011-12-23 00:17 3113 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\2aba2ea3-12773523
2011-12-23 00:17 . 2012-01-16 14:57 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\2aba2ea3-12773523.idx
2011-12-23 00:17 . 2011-12-23 00:17 3958 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\42c40299-526a3a42
2011-12-23 00:17 . 2011-12-23 00:17 55 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\36\266b8be4-7a9e5bdb
2011-12-23 00:17 . 2012-01-16 14:57 460 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\36\266b8be4-7a9e5bdb.idx
2011-12-23 00:17 . 2012-01-16 14:57 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\25\42c40299-526a3a42.idx
2011-12-23 00:17 . 2011-12-23 00:17 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\3dd60b1a-147c91c6
2011-12-23 00:17 . 2012-01-16 14:57 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\3dd60b1a-147c91c6.idx
2011-12-23 00:17 . 2011-12-23 00:17 804 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\1eea73a3-1f5bf3c6
2011-12-23 00:17 . 2011-12-23 00:17 452 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\35\1eea73a3-1f5bf3c6.idx
2011-12-23 00:17 . 2011-12-23 00:17 14028 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\68880acb-44004c6b
2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\68880acb-44004c6b.idx
2011-12-23 00:17 . 2011-12-23 00:17 9221 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\55\239e4b37-69ae76e5
2011-12-23 00:17 . 2011-12-23 00:17 458 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\55\239e4b37-69ae76e5.idx
2011-12-23 00:17 . 2011-12-23 00:17 793 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\31679ac-3c997373
2011-12-23 00:17 . 2011-12-23 00:17 807 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\1c150b31-457e1030
2011-12-23 00:17 . 2011-12-23 00:17 455 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\31679ac-3c997373.idx
2011-12-23 00:17 . 2011-12-23 00:17 456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\49\1c150b31-457e1030.idx
2011-12-23 00:17 . 2011-12-23 00:17 1636 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\6f27f5ad-2f1f7bd0
2011-12-23 00:17 . 2012-01-16 14:57 445 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\6f27f5ad-2f1f7bd0.idx
2011-12-23 00:17 . 2011-12-23 00:17 3532 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\7de71da8-73f419f9
2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\7de71da8-73f419f9.idx
2011-12-23 00:17 . 2011-12-23 00:17 299 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\73c599f2-49819b33
2011-12-23 00:17 . 2011-12-23 00:17 453 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\50\73c599f2-49819b33.idx
2011-12-23 00:17 . 2011-12-23 00:17 73 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\150c4684-37fd70a1
2011-12-23 00:17 . 2011-12-23 00:17 446 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\150c4684-37fd70a1.idx
2011-12-23 00:17 . 2011-12-23 00:17 678 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\72d40033-5c0e8a70
2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\72d40033-5c0e8a70.idx
2011-12-23 00:17 . 2011-12-23 00:17 1986 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\5205b242-3e1b2d7c
2011-12-23 00:17 . 2011-12-23 00:17 454 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\2\5205b242-3e1b2d7c.idx
2011-12-23 00:17 . 2011-12-23 00:17 836 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\55eef027-1b587f7d
2011-12-23 00:17 . 2011-12-23 00:17 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\55eef027-1b587f7d.idx
2011-12-23 00:17 . 2011-12-23 00:17 886 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\539122ba-4689977d
2011-12-23 00:17 . 2011-12-23 00:17 447 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\58\539122ba-4689977d.idx
2011-12-23 00:17 . 2011-12-23 00:17 2123 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\fa1da28-3c7c949b
2011-12-23 00:17 . 2011-12-23 00:17 449 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\fa1da28-3c7c949b.idx
2011-12-23 00:17 . 2011-12-23 00:17 10637 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c11bc8c-4e1e21db
2011-12-23 00:17 . 2012-01-16 14:57 457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\12\7c11bc8c-4e1e21db.idx
2011-12-23 00:17 . 2011-12-23 00:17 429 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\430b970-40b38e17
2011-12-23 00:17 . 2012-01-16 14:57 475 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\48\430b970-40b38e17.idx
2011-12-23 00:17 . 2011-12-23 00:17 125507 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\46\4df91b2e-7b833336
2011-12-23 00:17 . 2012-02-18 15:36 567 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\46\4df91b2e-7b833336.idx
2011-12-19 21:53 . 2011-12-19 21:53 10386 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\30\215a1b5e-6edd0fc7
2011-12-19 21:53 . 2011-12-19 21:53 489 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\30\215a1b5e-6edd0fc7.idx
2011-12-19 21:53 . 2011-12-19 21:53 10471 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\409bbaf9-5ae09495
2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\57\409bbaf9-5ae09495.idx
2011-12-19 21:53 . 2011-12-19 21:53 2463 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\15d2a533-2953f35d
2011-12-19 21:53 . 2011-12-19 21:53 492 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\51\15d2a533-2953f35d.idx
2011-12-19 21:53 . 2011-12-19 21:53 2457 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\3954e47b-25ae9778
2011-12-19 21:53 . 2011-12-19 21:53 483 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\3954e47b-25ae9778.idx
2011-12-19 21:53 . 2011-12-19 21:53 2514 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\24e96d9f-7887eb2a
2011-12-19 21:53 . 2011-12-19 21:53 482 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\31\24e96d9f-7887eb2a.idx
2011-12-19 21:53 . 2011-12-19 21:53 401 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\66e73062-2bf60aaf
2011-12-19 21:53 . 2011-12-19 21:53 496 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\34\66e73062-2bf60aaf.idx
2011-12-19 21:53 . 2011-12-19 21:53 1131 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\6808b6cf-44c95e36
2011-12-19 21:53 . 2011-12-19 21:53 489 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\15\6808b6cf-44c95e36.idx
2011-12-19 21:53 . 2011-12-19 21:53 2788 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\41\302760e9-22dae9f4
2011-12-19 21:53 . 2011-12-19 21:53 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\41\302760e9-22dae9f4.idx
2011-12-19 21:53 . 2011-12-19 21:53 190 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\14f36a1b-587a6d62
2011-12-19 21:53 . 2011-12-19 21:53 315 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\670b5dec-6447654e
2011-12-19 21:53 . 2011-12-19 21:53 480 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\44\670b5dec-6447654e.idx
2011-12-19 21:53 . 2011-12-19 21:53 479 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\27\14f36a1b-587a6d62.idx
2011-12-19 21:53 . 2011-12-19 21:53 4612 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\177ea141-7ad07dcf
2011-12-19 21:53 . 2011-12-19 21:53 498 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\177ea141-7ad07dcf.idx
2011-12-19 21:53 . 2011-12-19 21:53 4113 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\101b4fce-61e87a3a
2011-12-19 21:53 . 2011-12-19 21:53 487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\101b4fce-61e87a3a.idx
2011-12-19 21:53 . 2011-12-19 21:53 5355 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53fdfdfc-769ecbbe
2011-12-19 21:53 . 2011-12-19 21:53 487 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\53fdfdfc-769ecbbe.idx
2011-12-19 21:53 . 2011-12-19 21:53 6675 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\7cad9644-20d83a0b
2011-12-19 21:53 . 2011-12-19 21:53 486 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\4\7cad9644-20d83a0b.idx
2011-12-19 21:53 . 2011-12-19 21:53 1056 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4766f52d-3a3c36f6
2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\45\4766f52d-3a3c36f6.idx
2011-12-19 21:53 . 2011-12-19 21:53 2686 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\6589f427-7d313821
2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\39\6589f427-7d313821.idx
2011-12-19 21:53 . 2011-12-19 21:53 724 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\26813741-5cbcbeca
2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\1\26813741-5cbcbeca.idx
2011-12-19 21:53 . 2011-12-19 21:53 1456 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\44edcb3b-31039d0c
2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\59\44edcb3b-31039d0c.idx
2011-12-19 21:53 . 2011-12-19 21:53 523 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\61e3c038-2c546a1c
2011-12-19 21:53 . 2011-12-19 21:53 481 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\56\61e3c038-2c546a1c.idx
2011-12-19 21:53 . 2011-12-19 21:53 266 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\653c2094-53b05dfc
2011-12-19 21:53 . 2011-12-19 21:53 480 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\20\653c2094-53b05dfc.idx
2011-12-19 21:53 . 2011-12-19 21:53 2630 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\4978ae4b-58a36c97
2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\4978ae4b-58a36c97.idx
2011-12-19 21:53 . 2011-12-19 21:53 871 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\3103af4e-1fa87d78
2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\14\3103af4e-1fa87d78.idx
2011-12-19 21:53 . 2011-12-19 21:53 1142 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4f0b5795-4c364e8a
2011-12-19 21:53 . 2011-12-19 21:53 490 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\21\4f0b5795-4c364e8a.idx
2011-12-19 21:53 . 2011-12-19 21:53 1644 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\4b8abe5c-56ca4aff
2011-12-19 21:53 . 2011-12-19 21:53 492 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\28\4b8abe5c-56ca4aff.idx
2011-12-19 21:53 . 2011-12-19 21:53 10916 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\7b67707c-1e25c72e
2011-12-19 21:53 . 2011-12-19 21:53 488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\60\7b67707c-1e25c72e.idx
2011-12-19 21:53 . 2011-12-19 21:53 1774 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\42\77649d6a-1ec999ad
2011-12-19 21:53 . 2011-12-19 21:53 491 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\42\77649d6a-1ec999ad.idx
2011-12-19 21:53 . 2011-12-19 21:53 1081 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\6e6cc90b-2234a9ed
2011-12-19 21:53 . 2011-12-19 21:53 496 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\11\6e6cc90b-2234a9ed.idx
2011-12-19 21:53 . 2011-12-19 21:53 2328 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\489802a8-3209874f
2011-12-19 21:53 . 2011-12-19 21:53 495 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\40\489802a8-3209874f.idx
2011-12-19 21:53 . 2011-12-19 21:53 247 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\2c7e2487-7e87ba25
2011-12-19 21:53 . 2011-12-19 21:53 494 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\7\2c7e2487-7e87ba25.idx
2011-12-19 21:53 . 2011-12-19 21:53 15448 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\26\

#14 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 19 February 2012 - 03:16 PM

Good. :)

This article about passwords has sensible ideas: http://lifehacker.co...ember-passwords
Length is the main thing to strive for. Less than 10 characters is just too easy to crack.

Please do this cleanup:

Start > Run and enter 'combofix /uninstall'. Note the space after 'combofix'. Among other things your Restore Points will be purged and a new clean one created.

Delete the DDS files, TDSSKiller, and Security Check folder from your Desktop.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#15 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 21 February 2012 - 06:59 AM

Thank you for all your help cnm.

#16 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 21 February 2012 - 01:54 PM

You're welcome, Mightydave1976.

The XP firewall doesn't protect against unauthorized outgoing activity so I suggest disabling it and installing free Commodo Firewall instead.

I'll keep this thread open for a few days.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#17 Mightydave1976

Mightydave1976

    Member

  • Full Member
  • Pip
  • 15 posts

Posted 23 February 2012 - 05:38 AM

Thanks. I'll take a look at Commodo. We used to use ZoneAlarm, but removed it after we started getting conflicts.

Edited by Mightydave1976, 23 February 2012 - 05:38 AM.


#18 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 23 February 2012 - 01:24 PM

Advice for malware prevention:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Chrome is another good option.
If you are interested, Firefox may be downloaded from here
Chrome is available here: http://www.google.co...e/features.html

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

http://www.systemloo...p?type=filename

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#19 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,057 posts

Posted 01 March 2012 - 05:51 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button