Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Coolwebsearch.....


  • Please log in to reply
8 replies to this topic

#1 Ryan706

Ryan706

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 09 July 2008 - 07:49 PM

Hey, i need some help removing this unwanted $%* from my computer. Help is much appreciated. I have hijackthis and have log ready to be posted. Please HELP!!!

Here is the log ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:35:30 PM, on 7/9/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32uoyzsydz.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesWindows DefenderMSASCui.exe
C:hpsupporthpsysdrv.exe
C:Program FilesHewlett-PackardOn-Screen OSD IndicatorOSD.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesJavajre1.6.0_05binjusched.exe
C:WindowsRtHDVCpl.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:WindowsSystem32rundll32.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Windowsehomeehmsas.exe
C:Program FilesLinksys EasyLink AdvisorLinksysAgent.exe
C:UsersRyanAppDataRoamingMicrosoftdtsc23387.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:UsersRyanAppDataRoamingMicrosoftdtsc23387.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesWindows Sidebarsidebar.exe
C:hpkbdkbd.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:Windowssystem32SearchFilterHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:Windowssystem32userinit.exe,C:Windowssystem32uoyzsydz.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.6coIEPlg.dll
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05binssv.dll
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.6CoIEPlg.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [OsdMaestro] "C:Program FilesHewlett-PackardOn-Screen OSD IndicatorOSD.exe"
O4 - HKLM..Run: [IAAnotif] "C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_05binjusched.exe"
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [osCheck] "C:Program FilesNorton 360osCheck.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..RunOnce: [Launcher] %WINDIR%SMINSTlauncher.exe
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [EasyLinkAdvisor] "C:Program FilesLinksys EasyLink AdvisorLinksysAgent.exe" /startup
O4 - HKCU..Run: [Microsoft Windows Installer] C:UsersRyanAppDataRoamingMicrosoftdtsc23387.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
O16 - DPF: {4E73C07D-0A23-42DF-9E32-BBBB027D869A} - http://client2.tvtonic.com/install/3.2/install.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Aware 2007aawservice.exe
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:Program FilesIntelIntelDHCCUAlertService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: DQLWinService - Unknown owner - C:Program FilesCommon FilesIntelIntelDHNMSAdpPluginsDQLWinService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:Program FilesIntelIntelDHIntel Media ServerToolsIntelDHSvcConf.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:Program FilesIntelIntelDHIntel Media ServerMedia ServerbinISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:Program FilesIntelIntelDHIntel Media ServerMedia Serverbinmediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:Program FilesIntelIntelDHIntel Media ServerShellsMCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:Program FilesIntelIntelDHIntel Media ServerShellsRemote UI Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--
End of file - 11758 bytes

THANK YOU

Merged posts. ~ OB

Edited by Orange Blossom, 10 July 2008 - 05:00 PM.


BC AdBot (Login to Remove)

 


#2 Ryan706

Ryan706
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 12 July 2008 - 10:46 AM

...ok, inactive?

#3 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 16 July 2008 - 10:12 AM

Ryan706

Sorry for the delay. If you still need help please post a fresh Hijackthis log
Posted Image
Microsoft MVP - Windows Security

#4 Ryan706

Ryan706
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 16 July 2008 - 10:56 AM

Thanks man, i was starting to wonder, lol. I had a buddy of mine kinda help me out. It got rid of the pop ups, but i dont think its totally gone. Heres the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:25 AM, on 7/16/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
O16 - DPF: {4E73C07D-0A23-42DF-9E32-BBBB027D869A} - http://client2.tvtonic.com/install/3.2/install.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9009 bytes

#5 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 16 July 2008 - 02:46 PM

Ryan706

Looks like you made some good progress. Let's see whats left

1. Go HERE and download TempFix.
Save it to your Desktop (but do not run it yet)

2. Reboot into Safe Mode
This can be done byRestart your PC, and after it starts, but before you see the Windows Splash screen
Begin tapping the F8 key twice a second untill you reach another menu screen (black background with white menu choices)
Use your arrow keys and select Safe Mode and then Enter
3. Rt Click TempFix.zip ->> Extract all ->> And extract it to your Desktop
Additional help on extracting zip files can be found HEREOpen the TempFix Folder.
Rt Click TempFix.vbe ->>Select Open Then Open to confirm.
As the program runs, it will appear that nothing is happening.
When the program is fnished it will produce a log for you C:\TempFix.txt
Copy and paste the contents of that log in your reply.
Note: if your root drive is something other thatn C:\ then the log will default to your designated root drive
4. Then reboot your PC into Normal Windows Mode->> Rerun Hijackthis and post a fresh Hiajckthis log.
As well as the C:\TempFix.txt log
Posted Image
Microsoft MVP - Windows Security

#6 Ryan706

Ryan706
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 16 July 2008 - 03:45 PM

OK, here we go:

========================================
TempFix

Version 1.0.2

By bamajim @ bamajim.com

========================================


Report ran on --->>> 7/16/2008 4:36:14 PM


======== Files created in (System32) last 30 days ========

6/17/2008 9:57:30 PM 136192 32 C:\Windows\System32\aaclient.dll
6/17/2008 9:56:54 PM 2515968 32 C:\Windows\System32\accessibilitycpl.dll
6/17/2008 9:56:45 PM 127488 32 C:\Windows\System32\aclui.dll
6/17/2008 9:56:46 PM 167424 32 C:\Windows\System32\ActionQueue.dll
6/17/2008 9:57:01 PM 1405952 32 C:\Windows\System32\ActiveContentWizard.dll
6/17/2008 9:57:06 PM 204800 32 C:\Windows\System32\activeds.dll
6/17/2008 9:56:58 PM 111616 32 C:\Windows\System32\activeds.tlb
6/17/2008 9:56:59 PM 326656 32 C:\Windows\System32\actxprxy.dll
6/17/2008 9:56:36 PM 81408 32 C:\Windows\System32\ACW.exe
6/17/2008 9:56:34 PM 72704 32 C:\Windows\System32\admparse.dll
6/17/2008 9:57:04 PM 185856 32 C:\Windows\System32\adsldp.dll
6/17/2008 9:57:02 PM 198144 32 C:\Windows\System32\adsldpc.dll
6/17/2008 9:56:43 PM 76288 32 C:\Windows\System32\adsmsext.dll
6/17/2008 9:57:17 PM 257024 32 C:\Windows\System32\adsnt.dll
6/17/2008 9:56:57 PM 605696 32 C:\Windows\System32\adtschema.dll
6/17/2008 9:57:52 PM 798720 32 C:\Windows\System32\advapi32.dll
6/17/2008 9:57:19 PM 128000 32 C:\Windows\System32\advpack.dll
6/17/2008 9:56:47 PM 59392 32 C:\Windows\System32\alg.exe
6/17/2008 9:56:34 PM 70144 32 C:\Windows\System32\amstream.dll
6/17/2008 9:56:31 PM 24064 32 C:\Windows\System32\amxread.dll
6/17/2008 9:57:31 PM 1730560 32 C:\Windows\System32\apds.dll
6/17/2008 9:56:31 PM 13824 32 C:\Windows\System32\apilogen.dll
6/17/2008 9:56:47 PM 219648 32 C:\Windows\System32\apircl.dll
6/17/2008 9:57:22 PM 171008 32 C:\Windows\System32\apphelp.dll
6/17/2008 9:56:29 PM 28160 32 C:\Windows\System32\Apphlpdm.dll
6/17/2008 9:56:45 PM 33280 32 C:\Windows\System32\appinfo.dll
6/17/2008 9:57:19 PM 1122304 32 C:\Windows\System32\appwiz.cpl
6/17/2008 9:56:43 PM 198656 32 C:\Windows\System32\apss.dll
6/17/2008 9:56:33 PM 24576 32 C:\Windows\System32\at.exe
6/17/2008 9:56:32 PM 28160 32 C:\Windows\System32\AtBroker.exe
6/17/2008 9:56:45 PM 71680 32 C:\Windows\System32\atl.dll
6/17/2008 9:56:29 PM 289792 32 C:\Windows\System32\atmfd.dll
6/17/2008 9:56:45 PM 244224 32 C:\Windows\System32\audiodev.dll
6/17/2008 9:56:58 PM 88064 32 C:\Windows\System32\audiodg.exe
6/17/2008 9:57:33 PM 397312 32 C:\Windows\System32\AudioEng.dll
6/17/2008 9:57:30 PM 274944 32 C:\Windows\System32\AUDIOKSE.dll
6/17/2008 9:57:05 PM 116224 32 C:\Windows\System32\AudioSes.dll
6/17/2008 9:57:36 PM 314368 32 C:\Windows\System32\audiosrv.dll
6/17/2008 9:56:43 PM 41472 32 C:\Windows\System32\auditpol.exe
6/17/2008 9:56:35 PM 1370624 32 C:\Windows\System32\Aurora.scr
6/17/2008 9:57:40 PM 251904 32 C:\Windows\System32\authfwcfg.dll
6/17/2008 9:56:32 PM 509952 32 C:\Windows\System32\AuthFWGP.dll
6/17/2008 9:57:24 PM 4595712 32 C:\Windows\System32\AuthFWSnapin.dll
6/17/2008 9:57:40 PM 1985024 32 C:\Windows\System32\authui.dll
6/17/2008 9:56:56 PM 79360 32 C:\Windows\System32\authz.dll
6/17/2008 9:57:41 PM 642560 32 C:\Windows\System32\autochk.exe
6/17/2008 9:57:41 PM 656384 32 C:\Windows\System32\autoconv.exe
6/17/2008 9:57:41 PM 634880 32 C:\Windows\System32\autofmt.exe
6/17/2008 9:56:48 PM 516608 32 C:\Windows\System32\autoplay.dll
6/17/2008 9:56:44 PM 103936 32 C:\Windows\System32\AuxiliaryDisplayApi.dll
6/17/2008 9:57:22 PM 1186304 32 C:\Windows\System32\AuxiliaryDisplayCpl.dll
6/17/2008 9:57:42 PM 174080 32 C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
6/17/2008 9:57:00 PM 102912 32 C:\Windows\System32\AuxiliaryDisplayServices.dll
6/17/2008 9:57:23 PM 91136 32 C:\Windows\System32\avifil32.dll
6/17/2008 9:56:31 PM 12800 32 C:\Windows\System32\avrt.dll
6/17/2008 9:57:34 PM 756736 32 C:\Windows\System32\azroles.dll
6/17/2008 9:57:21 PM 317440 32 C:\Windows\System32\azroleui.dll
6/17/2008 9:56:56 PM 28160 32 C:\Windows\System32\AzSqlExt.dll
6/17/2008 9:57:33 PM 131640 32 C:\Windows\System32\basecsp.dll
6/17/2008 9:56:52 PM 68096 32 C:\Windows\System32\basesrv.dll
6/17/2008 9:56:43 PM 12800 32 C:\Windows\System32\batt.dll
6/17/2008 9:57:33 PM 334336 32 C:\Windows\System32\bcdedit.exe
6/17/2008 9:56:46 PM 48128 32 C:\Windows\System32\bcdprov.dll
6/17/2008 9:57:30 PM 117760 32 C:\Windows\System32\bcdsrv.dll
6/17/2008 9:57:42 PM 274432 32 C:\Windows\System32\bcrypt.dll
6/17/2008 9:57:36 PM 328704 32 C:\Windows\System32\BFE.DLL
6/17/2008 9:56:44 PM 192000 32 C:\Windows\System32\bitsadmin.exe
6/17/2008 9:56:32 PM 31744 32 C:\Windows\System32\bitsigd.dll
6/17/2008 9:58:01 PM 542720 32 C:\Windows\System32\blackbox.dll
6/17/2008 9:56:34 PM 81408 32 C:\Windows\System32\bootcfg.exe
6/17/2008 9:56:20 PM 2560 32 C:\Windows\System32\bootstr.dll
6/17/2008 9:56:58 PM 24120 32 C:\Windows\System32\BOOTVID.DLL
6/17/2008 9:57:20 PM 1342464 32 C:\Windows\System32\brcpl.dll
6/17/2008 9:56:45 PM 52736 32 C:\Windows\System32\brcplsdw.dll
6/17/2008 9:56:34 PM 15360 32 C:\Windows\System32\bridgeunattend.exe
6/17/2008 9:56:44 PM 81920 32 C:\Windows\System32\browser.dll
6/17/2008 9:57:40 PM 1324032 32 C:\Windows\System32\browseui.dll
6/17/2008 9:56:52 PM 45568 32 C:\Windows\System32\bthci.dll
6/17/2008 9:56:44 PM 990208 32 C:\Windows\System32\bthprops.cpl
6/17/2008 9:56:47 PM 91648 32 C:\Windows\System32\btpanui.dll
6/17/2008 9:56:34 PM 879616 32 C:\Windows\System32\Bubbles.scr
6/17/2008 9:56:53 PM 71680 32 C:\Windows\System32\cabinet.dll
6/17/2008 9:56:52 PM 97280 32 C:\Windows\System32\cabview.dll
6/17/2008 9:56:34 PM 25600 32 C:\Windows\System32\cacls.exe
6/17/2008 9:56:40 PM 17920 32 C:\Windows\System32\capisp.dll
6/17/2008 9:57:06 PM 451072 32 C:\Windows\System32\catsrv.dll
6/17/2008 9:57:16 PM 487936 32 C:\Windows\System32\catsrvut.dll
6/17/2008 9:57:24 PM 44032 32 C:\Windows\System32\cbsra.exe
6/17/2008 9:56:29 PM 36864 32 C:\Windows\System32\cdd.dll
6/17/2008 9:57:32 PM 805888 32 C:\Windows\System32\cdosys.dll
6/17/2008 9:57:31 PM 323072 32 C:\Windows\System32\certcli.dll
6/17/2008 9:57:51 PM 1111552 32 C:\Windows\System32\CertEnroll.dll
6/17/2008 9:56:29 PM 6656 32 C:\Windows\System32\CertEnrollCtrl.exe
6/17/2008 9:56:59 PM 632832 32 C:\Windows\System32\CertEnrollUI.dll
6/17/2008 9:57:30 PM 1502720 32 C:\Windows\System32\certmgr.dll
6/17/2008 9:56:44 PM 40448 32 C:\Windows\System32\certprop.dll
6/17/2008 9:57:17 PM 215040 32 C:\Windows\System32\certreq.exe
6/17/2008 9:57:43 PM 798720 32 C:\Windows\System32\certutil.exe
6/17/2008 9:56:44 PM 225792 32 C:\Windows\System32\cewmdm.dll
7/9/2008 8:52:16 PM 318976 32 C:\Windows\System32\CF27428.exe
6/17/2008 9:56:35 PM 47104 32 C:\Windows\System32\cfgbkend.dll
6/17/2008 9:56:25 PM 17408 32 C:\Windows\System32\cfgmgr32.dll
6/17/2008 9:57:32 PM 124928 32 C:\Windows\System32\chajei.ime
6/17/2008 9:56:52 PM 1671168 32 C:\Windows\System32\chsbrkr.dll
6/17/2008 9:56:27 PM 6103040 32 C:\Windows\System32\chtbrkr.dll
6/17/2008 9:56:57 PM 171520 32 C:\Windows\System32\cic.dll
6/17/2008 9:57:32 PM 124928 32 C:\Windows\System32\cintlgnt.ime
6/17/2008 9:57:26 PM 58368 32 C:\Windows\System32\cipher.exe
6/17/2008 9:57:03 PM 523776 32 C:\Windows\System32\clbcatq.dll
6/17/2008 9:57:44 PM 247352 32 C:\Windows\System32\clfs.sys
6/17/2008 9:56:55 PM 56832 32 C:\Windows\System32\clfsw32.dll
6/17/2008 9:57:48 PM 178176 32 C:\Windows\System32\clusapi.dll
6/17/2008 9:56:34 PM 31232 32 C:\Windows\System32\cmcfg32.dll
6/17/2008 9:57:25 PM 318976 32 C:\Windows\System32\cmd.exe
6/17/2008 9:56:56 PM 481792 32 C:\Windows\System32\cmdial32.dll
6/17/2008 9:56:48 PM 72704 32 C:\Windows\System32\cmdl32.exe
6/17/2008 9:57:44 PM 64512 32 C:\Windows\System32\cmicryptinstall.dll
6/17/2008 9:57:26 PM 67584 32 C:\Windows\System32\cmifw.dll
6/17/2008 9:57:44 PM 297472 32 C:\Windows\System32\cmipnpinstall.dll
6/17/2008 9:56:36 PM 32768 32 C:\Windows\System32\cmlua.dll
6/17/2008 9:56:37 PM 48640 32 C:\Windows\System32\cmmon32.exe
6/17/2008 9:56:31 PM 26112 32 C:\Windows\System32\cmpbk32.dll
6/17/2008 9:56:44 PM 84992 32 C:\Windows\System32\cmstp.exe
6/17/2008 9:56:31 PM 14336 32 C:\Windows\System32\cmstplua.dll
6/17/2008 9:56:36 PM 47616 32 C:\Windows\System32\cmutil.dll
6/17/2008 9:56:27 PM 26624 32 C:\Windows\System32\cofiredm.dll
6/17/2008 9:56:34 PM 62464 32 C:\Windows\System32\colbact.dll
6/17/2008 9:56:33 PM 161280 32 C:\Windows\System32\COLORCNV.DLL
6/17/2008 9:56:42 PM 686592 32 C:\Windows\System32\colorui.dll
6/17/2008 9:57:46 PM 531968 32 C:\Windows\System32\comctl32.dll
6/17/2008 9:57:40 PM 450048 32 C:\Windows\System32\comdlg32.dll
6/17/2008 9:57:01 PM 282624 32 C:\Windows\System32\CompatUI.dll
6/17/2008 9:57:55 PM 145408 32 C:\Windows\System32\CompMgmtLauncher.exe
6/17/2008 9:56:37 PM 276480 32 C:\Windows\System32\compstui.dll
6/17/2008 9:56:28 PM 36352 32 C:\Windows\System32\ComputerDefaults.exe
6/17/2008 9:56:35 PM 91648 32 C:\Windows\System32\comrepl.dll
6/17/2008 9:57:24 PM 1291264 32 C:\Windows\System32\comres.dll
6/17/2008 9:57:28 PM 220160 32 C:\Windows\System32\comsnap.dll
6/17/2008 9:57:44 PM 1208320 32 C:\Windows\System32\comsvcs.dll
6/17/2008 9:57:40 PM 593408 32 C:\Windows\System32\comuid.dll
6/17/2008 9:56:48 PM 69120 32 C:\Windows\System32\conime.exe
6/17/2008 9:56:45 PM 1645568 32 C:\Windows\System32\connect.dll
6/17/2008 9:56:49 PM 81920 32 C:\Windows\System32\consent.exe
6/17/2008 9:56:32 PM 17408 32 C:\Windows\System32\convert.exe
6/17/2008 9:56:26 PM 17408 32 C:\Windows\System32\corpol.dll
6/17/2008 9:56:28 PM 15872 32 C:\Windows\System32\credssp.dll
6/17/2008 9:56:36 PM 178176 32 C:\Windows\System32\credui.dll
6/17/2008 9:57:44 PM 977408 32 C:\Windows\System32\crypt32.dll
6/17/2008 9:56:41 PM 57856 32 C:\Windows\System32\cryptdll.dll
6/17/2008 9:57:28 PM 97792 32 C:\Windows\System32\cryptnet.dll
6/17/2008 9:57:06 PM 128000 32 C:\Windows\System32\cryptsvc.dll
6/17/2008 9:57:16 PM 970240 32 C:\Windows\System32\cryptui.dll
6/17/2008 9:56:56 PM 31744 32 C:\Windows\System32\cscapi.dll
6/17/2008 9:56:32 PM 22016 32 C:\Windows\System32\cscdll.dll
7/9/2008 12:22:52 PM 135168 32 C:\Windows\System32\cscript.exe
6/17/2008 9:56:42 PM 49152 32 C:\Windows\System32\csrsrv.dll
6/17/2008 9:56:29 PM 6144 32 C:\Windows\System32\csrss.exe
6/17/2008 9:56:32 PM 46080 32 C:\Windows\System32\csrstub.exe
6/17/2008 9:56:46 PM 1029120 32 C:\Windows\System32\d3d10.dll
6/17/2008 9:56:49 PM 188416 32 C:\Windows\System32\d3d10core.dll
6/17/2008 9:57:41 PM 159744 32 C:\Windows\System32\d3d10_1.dll
6/17/2008 9:57:40 PM 208896 32 C:\Windows\System32\d3d10_1core.dll
6/17/2008 9:56:56 PM 1039360 32 C:\Windows\System32\d3d8.dll
6/17/2008 9:57:48 PM 1788928 32 C:\Windows\System32\d3d9.dll
6/17/2008 9:56:37 PM 384512 32 C:\Windows\System32\d3dim.dll
6/17/2008 9:56:42 PM 816128 32 C:\Windows\System32\d3dim700.dll
6/17/2008 9:56:29 PM 53248 32 C:\Windows\System32\d3dxof.dll
6/17/2008 9:57:32 PM 1855488 32 C:\Windows\System32\dbgeng.dll
6/17/2008 9:57:35 PM 798208 32 C:\Windows\System32\dbghelp.dll
6/17/2008 9:56:47 PM 135168 32 C:\Windows\System32\dbnetlib.dll
6/17/2008 9:57:35 PM 522752 32 C:\Windows\System32\ddraw.dll
6/17/2008 9:57:02 PM 226816 32 C:\Windows\System32\Defrag.exe
6/17/2008 9:56:34 PM 368640 32 C:\Windows\System32\desk.cpl
6/17/2008 9:56:31 PM 64000 32 C:\Windows\System32\devenum.dll
6/17/2008 9:57:00 PM 377344 32 C:\Windows\System32\devmgr.dll
6/17/2008 9:56:52 PM 39936 32 C:\Windows\System32\dfdts.dll
6/17/2008 9:57:00 PM 68608 32 C:\Windows\System32\DFDWiz.exe
6/17/2008 9:57:05 PM 96768 32 C:\Windows\System32\dfrgfat.exe
6/17/2008 9:56:47 PM 58880 32 C:\Windows\System32\dfrgifc.exe
6/17/2008 9:57:39 PM 163840 32 C:\Windows\System32\DfrgNtfs.exe
6/17/2008 9:57:36 PM 671232 32 C:\Windows\System32\dfrgui.exe
6/17/2008 9:57:31 PM 96760 32 C:\Windows\System32\dfshim.dll
6/17/2008 9:58:11 PM 2091520 32 C:\Windows\System32\dfsr.exe
6/17/2008 9:57:49 PM 53760 32 C:\Windows\System32\DfsShlEx.dll
6/17/2008 9:57:22 PM 204288 32 C:\Windows\System32\dhcpcsvc.dll
6/17/2008 9:57:35 PM 128000 32 C:\Windows\System32\dhcpcsvc6.dll
6/17/2008 9:56:51 PM 66048 32 C:\Windows\System32\DHCPQEC.DLL
6/17/2008 9:57:06 PM 61440 32 C:\Windows\System32\dhcpsapi.dll
6/17/2008 9:57:48 PM 1078272 32 C:\Windows\System32\diagperf.dll
6/17/2008 9:56:35 PM 94208 32 C:\Windows\System32\diantz.exe
6/17/2008 9:56:37 PM 35328 32 C:\Windows\System32\dimsjob.dll
6/17/2008 9:56:59 PM 54784 32 C:\Windows\System32\dimsroam.dll
6/17/2008 9:56:35 PM 159232 32 C:\Windows\System32\dinput8.dll
6/17/2008 9:57:24 PM 120320 32 C:\Windows\System32\diskpart.exe
6/17/2008 9:56:54 PM 230912 32 C:\Windows\System32\diskraid.exe
6/17/2008 9:56:35 PM 35328 32 C:\Windows\System32\dispci.dll
6/17/2008 9:56:51 PM 121856 32 C:\Windows\System32\dispdiag.exe
6/17/2008 9:56:23 PM 32768 32 C:\Windows\System32\dispex.dll
6/17/2008 9:57:06 PM 388096 32 C:\Windows\System32\dmdlgs.dll
6/17/2008 9:57:25 PM 184320 32 C:\Windows\System32\dmdskmgr.dll
6/17/2008 9:56:20 PM 2048 32 C:\Windows\System32\dmdskres2.dll
6/17/2008 9:56:31 PM 178688 32 C:\Windows\System32\dmime.dll
6/17/2008 9:56:29 PM 38400 32 C:\Windows\System32\dmloader.dll
6/17/2008 9:56:46 PM 42496 32 C:\Windows\System32\dmocx.dll
6/17/2008 9:56:29 PM 84480 32 C:\Windows\System32\dmscript.dll
6/17/2008 9:56:33 PM 105472 32 C:\Windows\System32\dmsynth.dll
6/17/2008 9:56:44 PM 101888 32 C:\Windows\System32\dmusic.dll
6/17/2008 9:56:27 PM 18944 32 C:\Windows\System32\dmutil.dll
6/17/2008 9:57:40 PM 131584 32 C:\Windows\System32\dmvdsitf.dll
6/17/2008 9:56:56 PM 88064 32 C:\Windows\System32\dmview.ocx
6/17/2008 9:57:30 PM 165888 32 C:\Windows\System32\dnsapi.dll
6/17/2008 9:56:45 PM 25088 32 C:\Windows\System32\dnscacheugc.exe
6/17/2008 9:56:37 PM 48128 32 C:\Windows\System32\dnshc.dll
6/17/2008 9:57:22 PM 86528 32 C:\Windows\System32\dnsrslvr.dll
6/17/2008 9:57:06 PM 289467 32 C:\Windows\System32\dot3.tmf
6/17/2008 9:57:25 PM 45056 32 C:\Windows\System32\dot3api.dll
6/17/2008 9:57:04 PM 49664 32 C:\Windows\System32\dot3cfg.dll
6/17/2008 9:56:31 PM 45568 32 C:\Windows\System32\dot3dlg.dll
6/17/2008 9:56:43 PM 43008 32 C:\Windows\System32\dot3gpclnt.dll
6/17/2008 9:57:28 PM 235520 32 C:\Windows\System32\dot3gpui.dll
6/17/2008 9:57:05 PM 74752 32 C:\Windows\System32\dot3msm.dll
6/17/2008 9:57:38 PM 175104 32 C:\Windows\System32\dot3svc.dll
6/17/2008 9:56:47 PM 142848 32 C:\Windows\System32\dot3ui.dll
6/17/2008 9:56:48 PM 407040 32 C:\Windows\System32\dpapimig.exe
6/17/2008 9:56:33 PM 160768 32 C:\Windows\System32\DpiScaling.exe
6/17/2008 9:56:34 PM 376320 32 C:\Windows\System32\dpnet.dll
6/17/2008 9:57:15 PM 134656 32 C:\Windows\System32\dps.dll
6/17/2008 9:55:28 PM 258560 32 C:\Windows\System32\dpx.dll
6/17/2008 9:56:41 PM 66048 32 C:\Windows\System32\driverquery.exe
6/17/2008 9:56:48 PM 284672 32 C:\Windows\System32\drmmgrtn.dll
6/17/2008 9:58:01 PM 978432 32 C:\Windows\System32\drmv2clt.dll
6/17/2008 9:56:51 PM 101888 32 C:\Windows\System32\drvinst.exe
6/17/2008 9:55:28 PM 246784 32 C:\Windows\System32\drvstore.dll
6/17/2008 9:56:36 PM 29696 32 C:\Windows\System32\dsauth.dll
6/17/2008 9:56:31 PM 173568 32 C:\Windows\System32\dsdmo.dll
6/17/2008 9:56:32 PM 86528 32 C:\Windows\System32\dskquota.dll
6/17/2008 9:56:44 PM 190976 32 C:\Windows\System32\dskquoui.dll
6/17/2008 9:57:23 PM 444416 32 C:\Windows\System32\dsound.dll
6/17/2008 9:57:02 PM 137728 32 C:\Windows\System32\dsprop.dll
6/17/2008 9:56:50 PM 394240 32 C:\Windows\System32\dsquery.dll
6/17/2008 9:56:47 PM 44032 32 C:\Windows\System32\dssec.dll
6/17/2008 9:57:17 PM 155704 32 C:\Windows\System32\dssenh.dll
6/17/2008 9:56:44 PM 616448 32 C:\Windows\System32\dsuiext.dll
6/17/2008 9:56:57 PM 183808 32 C:\Windows\System32\duser.dll
6/17/2008 9:57:22 PM 81920 32 C:\Windows\System32\dwm.exe
6/17/2008 9:56:46 PM 39936 32 C:\Windows\System32\dwmapi.dll
6/17/2008 9:57:22 PM 81920 32 C:\Windows\System32\dwmredir.dll
6/17/2008 9:56:47 PM 104448 32 C:\Windows\System32\DWWIN.EXE
6/17/2008 9:57:00 PM 252928 32 C:\Windows\System32\dxdiag.exe
6/17/2008 9:56:53 PM 195072 32 C:\Windows\System32\dxdiagn.dll
6/17/2008 9:57:29 PM 171520 32 C:\Windows\System32\dxgi.dll
6/17/2008 9:56:21 PM 4096 32 C:\Windows\System32\dxmasf.dll
6/17/2008 9:56:55 PM 347136 32 C:\Windows\System32\dxtmsft.dll
6/17/2008 9:56:43 PM 214528 32 C:\Windows\System32\dxtrans.dll
6/17/2008 9:56:46 PM 64512 32 C:\Windows\System32\dxva2.dll
6/17/2008 9:58:00 PM 206830 32 C:\Windows\System32\eaphost.tmf
6/17/2008 9:57:42 PM 187904 32 C:\Windows\System32\eapp3hst.dll
6/17/2008 9:57:39 PM 135680 32 C:\Windows\System32\eappcfg.dll
6/17/2008 9:56:52 PM 93696 32 C:\Windows\System32\eappgnui.dll
6/17/2008 9:57:39 PM 181760 32 C:\Windows\System32\eapphost.dll
6/17/2008 9:56:48 PM 41472 32 C:\Windows\System32\eappprxy.dll
6/17/2008 9:56:46 PM 67584 32 C:\Windows\System32\EAPQEC.DLL
6/17/2008 9:57:30 PM 57344 32 C:\Windows\System32\eapsvc.dll
6/17/2008 9:56:50 PM 86528 32 C:\Windows\System32\efsadu.dll
6/17/2008 9:57:04 PM 179200 32 C:\Windows\System32\els.dll
7/9/2008 12:23:02 PM 564736 32 C:\Windows\System32\emdmgmt.dll
6/17/2008 9:56:35 PM 169984 32 C:\Windows\System32\EncDump.dll
6/17/2008 9:57:31 PM 262144 32 C:\Windows\System32\es.dll
6/17/2008 9:57:45 PM 1452544 32 C:\Windows\System32\esent.dll
6/17/2008 9:56:26 PM 36352 32 C:\Windows\System32\esentprf.dll
6/17/2008 9:56:34 PM 93184 32 C:\Windows\System32\esentutl.exe
6/17/2008 9:56:42 PM 51712 32 C:\Windows\System32\esrb.rs
6/17/2008 9:56:30 PM 19968 32 C:\Windows\System32\eventcls.dll
6/17/2008 9:57:36 PM 485888 32 C:\Windows\System32\evr.dll
6/17/2008 9:56:34 PM 52736 32 C:\Windows\System32\expand.exe
6/17/2008 9:56:35 PM 20992 32 C:\Windows\System32\ExplorerFrame.dll
6/17/2008 9:56:54 PM 133120 32 C:\Windows\System32\extmgr.dll
6/17/2008 9:56:30 PM 53248 32 C:\Windows\System32\extrac32.exe
6/17/2008 9:56:20 PM 7168 32 C:\Windows\System32\f3ahvoas.dll
6/17/2008 9:57:18 PM 147456 32 C:\Windows\System32\Faultrep.dll
6/17/2008 9:57:01 PM 131072 32 C:\Windows\System32\fde.dll
6/17/2008 9:56:36 PM 53760 32 C:\Windows\System32\fdeploy.dll
6/17/2008 9:56:37 PM 13312 32 C:\Windows\System32\fdPHost.dll
6/17/2008 9:57:03 PM 68096 32 C:\Windows\System32\fdSSDP.dll
6/17/2008 9:57:05 PM 69120 32 C:\Windows\System32\fdWCN.dll
6/17/2008 9:57:19 PM 67072 32 C:\Windows\System32\fdWSD.dll
6/17/2008 9:56:47 PM 54272 32 C:\Windows\System32\feclient.dll
6/17/2008 9:57:22 PM 442368 32 C:\Windows\System32\filemgmt.dll
6/17/2008 9:56:41 PM 64512 32 C:\Windows\System32\findnetprinters.dll
6/17/2008 9:56:48 PM 61952 32 C:\Windows\System32\findstr.exe
6/17/2008 9:56:49 PM 2249216 32 C:\Windows\System32\Firewall.cpl
6/17/2008 9:57:43 PM 403968 32 C:\Windows\System32\FirewallAPI.dll
6/17/2008 9:57:05 PM 2585088 32 C:\Windows\System32\FirewallControlPanel.exe
6/17/2008 9:56:42 PM 23040 32 C:\Windows\System32\fmifs.dll
6/17/2008 9:57:24 PM 142336 32 C:\Windows\System32\fontext.dll
6/17/2008 9:56:53 PM 72704 32 C:\Windows\System32\fontsub.dll
6/17/2008 9:56:31 PM 50688 32 C:\Windows\System32\fphc.dll
6/17/2008 9:56:21 PM 11776 32 C:\Windows\System32\framebuf.dll
6/17/2008 9:57:17 PM 202240 32 C:\Windows\System32\framedyn.dll
6/17/2008 9:57:19 PM 204800 32 C:\Windows\System32\framedynos.dll
6/17/2008 9:56:18 PM 144909 32 C:\Windows\System32\fsmgmt.msc
6/17/2008 9:56:37 PM 55296 32 C:\Windows\System32\fsutil.exe
6/17/2008 9:56:42 PM 41984 32 C:\Windows\System32\ftp.exe
6/17/2008 9:57:16 PM 146944 32 C:\Windows\System32\fundisc.dll
6/17/2008 9:56:34 PM 54272 32 C:\Windows\System32\fwcfg.dll
6/17/2008 9:57:45 PM 595456 32 C:\Windows\System32\FWPUCLNT.DLL
6/17/2008 9:56:41 PM 28672 32 C:\Windows\System32\FwRemoteSvr.dll
6/17/2008 9:56:28 PM 45568 32 C:\Windows\System32\g711codc.ax
6/17/2008 9:57:44 PM 50176 32 C:\Windows\System32\gacinstall.dll
6/17/2008 9:56:19 PM 12198 32 C:\Windows\System32\gatherWiredInfo.vbs
6/17/2008 9:56:18 PM 15181 32 C:\Windows\System32\gatherWirelessInfo.vbs
6/17/2008 9:56:36 PM 65024 32 C:\Windows\System32\getmac.exe
6/17/2008 9:57:00 PM 75264 32 C:\Windows\System32\gpapi.dll
6/17/2008 9:57:20 PM 936960 32 C:\Windows\System32\gpedit.dll
6/17/2008 9:57:22 PM 128000 32 C:\Windows\System32\gpresult.exe
6/17/2008 9:57:45 PM 574464 32 C:\Windows\System32\gpsvc.dll
6/17/2008 9:56:31 PM 16896 32 C:\Windows\System32\gpupdate.exe
6/17/2008 9:56:30 PM 56320 32 C:\Windows\System32\graftabl.com
6/17/2008 9:57:22 PM 16896 32 C:\Windows\System32\grb.rs
6/17/2008 9:56:32 PM 69120 32 C:\Windows\System32\GuidedHelp.dll
6/17/2008 9:56:26 PM 40960 32 C:\Windows\System32\hbaapi.dll
6/17/2008 9:57:32 PM 15872 32 C:\Windows\System32\hcrstco.dll
6/17/2008 9:56:42 PM 67072 32 C:\Windows\System32\HelpPaneProxy.dll
6/17/2008 9:57:03 PM 523776 32 C:\Windows\System32\hhctrl.ocx
6/17/2008 9:56:34 PM 83968 32 C:\Windows\System32\hlink.dll
7/6/2008 8:59:08 AM 4 32 C:\Windows\System32\hljwugsf.bin
6/17/2008 9:57:23 PM 289792 32 C:\Windows\System32\hnetcfg.dll
6/17/2008 9:56:26 PM 14848 32 C:\Windows\System32\hnetmon.dll
6/17/2008 9:56:28 PM 21504 32 C:\Windows\System32\HotStartUserAgent.dll
6/17/2008 9:57:41 PM 389632 32 C:\Windows\System32\html.iec
6/17/2008 9:56:44 PM 30720 32 C:\Windows\System32\httpapi.dll
6/17/2008 9:56:45 PM 18944 32 C:\Windows\System32\ias.dll
6/17/2008 9:57:06 PM 56832 32 C:\Windows\System32\iasacct.dll
6/17/2008 9:56:56 PM 54784 32 C:\Windows\System32\iasads.dll
6/17/2008 9:57:03 PM 44032 32 C:\Windows\System32\iasdatastore.dll
6/17/2008 9:57:20 PM 69120 32 C:\Windows\System32\iashlpr.dll
6/17/2008 9:57:21 PM 17408 32 C:\Windows\System32\iashost.exe
6/17/2008 9:57:49 PM 445952 32 C:\Windows\System32\IasMigPlugin.dll
6/17/2008 9:57:34 PM 147968 32 C:\Windows\System32\iasnap.dll
6/17/2008 9:56:53 PM 31744 32 C:\Windows\System32\iaspolcy.dll
6/17/2008 9:57:30 PM 156672 32 C:\Windows\System32\iasrad.dll
6/17/2008 9:57:03 PM 98304 32 C:\Windows\System32\iasrecst.dll
6/17/2008 9:57:39 PM 180224 32 C:\Windows\System32\iassam.dll
6/17/2008 9:57:26 PM 251392 32 C:\Windows\System32\iassdo.dll
6/17/2008 9:57:21 PM 74752 32 C:\Windows\System32\iassvcs.dll
6/17/2008 9:56:28 PM 15872 32 C:\Windows\System32\icaapi.dll
6/17/2008 9:56:49 PM 27136 32 C:\Windows\System32\icacls.exe
6/17/2008 9:58:01 PM 579584 32 C:\Windows\System32\icardagt.exe
6/17/2008 9:56:55 PM 63488 32 C:\Windows\System32\icardie.dll
6/17/2008 9:58:01 PM 11776 32 C:\Windows\System32\icardres.dll
6/17/2008 9:56:54 PM 87552 32 C:\Windows\System32\icfupgd.dll
6/17/2008 9:57:34 PM 215040 32 C:\Windows\System32\icm32.dll
6/17/2008 9:56:45 PM 142336 32 C:\Windows\System32\icsfiltr.dll
6/17/2008 9:56:28 PM 13824 32 C:\Windows\System32\icsunattend.exe
6/17/2008 9:56:22 PM 26112 32 C:\Windows\System32\idndl.dll
6/17/2008 9:57:16 PM 70656 32 C:\Windows\System32\ie4uinit.exe
6/17/2008 9:56:44 PM 153088 32 C:\Windows\System32\ieakeng.dll
6/17/2008 9:56:52 PM 230400 32 C:\Windows\System32\ieaksie.dll
6/17/2008 9:57:17 PM 383488 32 C:\Windows\System32\ieapfltr.dll
6/17/2008 9:57:18 PM 388096 32 C:\Windows\System32\iedkcs32.dll
6/17/2008 9:56:26 PM 78336 32 C:\Windows\System32\ieencode.dll
6/17/2008 9:58:07 PM 6068736 32 C:\Windows\System32\ieframe.dll
6/17/2008 9:56:52 PM 193024 32 C:\Windows\System32\iepeers.dll
6/17/2008 9:56:34 PM 44544 32 C:\Windows\System32\iernonce.dll
6/17/2008 9:57:19 PM 270336 32 C:\Windows\System32\iertutil.dll
6/17/2008 9:58:07 PM 69120 32 C:\Windows\System32\iesetup.dll
6/17/2008 9:56:54 PM 180736 32 C:\Windows\System32\ieui.dll
6/17/2008 9:56:46 PM 167936 32 C:\Windows\System32\iexpress.exe
6/17/2008 9:57:04 PM 29696 32 C:\Windows\System32\ifmon.dll
6/17/2008 9:56:59 PM 123392 32 C:\Windows\System32\ifsutil.dll
6/17/2008 9:57:56 PM 438272 32 C:\Windows\System32\IKEEXT.DLL
6/17/2008 9:56:58 PM 153088 32 C:\Windows\System32\imagehlp.dll
6/17/2008 9:58:12 PM 705536 32 C:\Windows\System32\imagesp1.dll
6/17/2008 9:56:37 PM 105984 32 C:\Windows\System32\imapi.dll
6/17/2008 9:57:25 PM 320512 32 C:\Windows\System32\imapi2.dll
6/17/2008 9:57:41 PM 496128 32 C:\Windows\System32\imapi2fs.dll
6/17/2008 9:56:36 PM 36352 32 C:\Windows\System32\imgutil.dll
6/17/2008 9:57:45 PM 882176 32 C:\Windows\System32\IMJP10.IME
6/17/2008 9:57:52 PM 729088 32 C:\Windows\System32\IMJP10K.DLL
6/17/2008 9:57:21 PM 413184 32 C:\Windows\System32\imkr80.ime
6/17/2008 9:56:47 PM 114688 32 C:\Windows\System32\imm32.dll
6/17/2008 9:57:25 PM 738304 32 C:\Windows\System32\inetcomm.dll
6/17/2008 9:57:37 PM 1827840 32 C:\Windows\System32\inetcpl.cpl
6/17/2008 9:56:44 PM 52736 32 C:\Windows\System32\inetmib1.dll
6/17/2008 9:56:57 PM 120832 32 C:\Windows\System32\inetpp.dll
6/17/2008 9:56:29 PM 15360 32 C:\Windows\System32\inetppui.dll
6/17/2008 9:56:26 PM 11776 32 C:\Windows\System32\InfDefaultInstall.exe
6/17/2008 9:57:33 PM 88576 32 C:\Windows\System32\infocardapi.dll
6/17/2008 9:56:58 PM 28160 32 C:\Windows\System32\infocardcpl.cpl
6/27/2008 9:52:01 PM 45 32 C:\Windows\System32\initdebug.nfo
6/17/2008 9:57:15 PM 217600 32 C:\Windows\System32\InkEd.dll
6/17/2008 9:56:56 PM 200704 32 C:\Windows\System32\input.dll
6/17/2008 9:56:41 PM 93696 32 C:\Windows\System32\inseng.dll
6/17/2008 9:56:47 PM 337408 32 C:\Windows\System32\intl.cpl
6/17/2008 9:57:16 PM 74240 32 C:\Windows\System32\IPBusEnum.dll
6/17/2008 9:56:36 PM 26624 32 C:\Windows\System32\ipconfig.exe
6/17/2008 9:57:20 PM 91648 32 C:\Windows\System32\IPHLPAPI.DLL
6/17/2008 9:57:42 PM 188416 32 C:\Windows\System32\iphlpsvc.dll
6/17/2008 9:57:03 PM 288256 32 C:\Windows\System32\ipnathlp.dll
6/17/2008 9:56:25 PM 8192 32 C:\Windows\System32\iprtprio.dll
6/17/2008 9:57:34 PM 252416 32 C:\Windows\System32\iprtrmgr.dll
6/17/2008 9:57:14 PM 758784 32 C:\Windows\System32\ipsecsnp.dll
6/17/2008 9:57:17 PM 361984 32 C:\Windows\System32\IPSECSVC.DLL
6/17/2008 9:57:18 PM 396288 32 C:\Windows\System32\ipsmsnap.dll
6/17/2008 9:56:32 PM 8192 32 C:\Windows\System32\iscsied.dll
6/17/2008 9:56:49 PM 111616 32 C:\Windows\System32\iscsiexe.dll
6/17/2008 9:56:21 PM 14848 32 C:\Windows\System32\iscsilog.dll
6/17/2008 9:56:34 PM 28160 32 C:\Windows\System32\iscsium.dll
6/17/2008 9:56:33 PM 64000 32 C:\Windows\System32\iscsiwmi.dll
6/17/2008 9:56:32 PM 141824 32 C:\Windows\System32\itss.dll
6/17/2008 9:56:37 PM 442368 32 C:\Windows\System32\joy.cpl
7/9/2008 12:22:52 PM 512000 32 C:\Windows\System32\jscript.dll
6/17/2008 9:55:23 PM 6656 32 C:\Windows\System32\kbd106.dll
6/17/2008 9:56:21 PM 10752 32 C:\Windows\System32\KBDJPN.DLL
6/17/2008 9:56:21 PM 10240 32 C:\Windows\System32\KBDKOR.DLL
6/17/2008 9:56:57 PM 19512 32 C:\Windows\System32\kdcom.dll
6/17/2008 9:56:59 PM 21560 32 C:\Windows\System32\kdusb.dll
6/17/2008 9:57:52 PM 497664 32 C:\Windows\System32\kerberos.dll
6/17/2008 9:57:56 PM 888320 32 C:\Windows\System32\kernel32.dll
6/17/2008 9:56:42 PM 157696 32 C:\Windows\System32\keymgr.dll
6/17/2008 9:57:17 PM 68096 32 C:\Windows\System32\KMSVC.DLL
6/17/2008 9:56:46 PM 42496 32 C:\Windows\System32\korwbrkr.dll
6/17/2008 9:56:41 PM 144384 32 C:\Windows\System32\ksproxy.ax
6/17/2008 9:56:31 PM 69120 32 C:\Windows\System32\kstvtune.ax
6/17/2008 9:56:30 PM 43520 32 C:\Windows\System32\ksxbar.ax
6/17/2008 9:56:42 PM 13824 32 C:\Windows\System32\ktmutil.exe
6/17/2008 9:56:37 PM 12288 32 C:\Windows\System32\ktmw32.dll
6/17/2008 9:56:31 PM 53760 32 C:\Windows\System32\l2gpstore.dll
6/17/2008 9:57:18 PM 47616 32 C:\Windows\System32\l2nacp.dll
6/17/2008 9:57:01 PM 126976 32 C:\Windows\System32\L2SecHC.dll
6/17/2008 9:56:26 PM 62464 32 C:\Windows\System32\l3codeca.acm
6/17/2008 9:56:41 PM 220672 32 C:\Windows\System32\l3codecp.acm
6/17/2008 9:56:28 PM 25600 32 C:\Windows\System32\LangCleanupSysprepAction.dll
6/17/2008 9:56:32 PM 41984 32 C:\Windows\System32\licmgr10.dll
6/17/2008 9:56:28 PM 31232 32 C:\Windows\System32\lltdapi.dll
6/17/2008 9:57:20 PM 188928 32 C:\Windows\System32\lltdsvc.dll
6/17/2008 9:56:53 PM 40448 32 C:\Windows\System32\lnkstub.exe
6/17/2008 9:57:24 PM 113664 32 C:\Windows\System32\loadperf.dll
6/17/2008 9:57:40 PM 3662296 32 C:\Windows\System32\locale.nls
6/17/2008 9:57:24 PM 429056 32 C:\Windows\System32\localsec.dll
6/17/2008 9:57:57 PM 634880 32 C:\Windows\System32\localspl.dll
6/17/2008 9:56:28 PM 13824 32 C:\Windows\System32\localui.dll
6/17/2008 9:56:54 PM 40448 32 C:\Windows\System32\lodctr.exe
6/17/2008 9:56:41 PM 94720 32 C:\Windows\System32\logagent.exe
6/17/2008 9:57:01 PM 69632 32 C:\Windows\System32\loghours.dll
6/17/2008 9:56:34 PM 56320 32 C:\Windows\System32\logman.exe
6/17/2008 9:56:31 PM 5714432 32 C:\Windows\System32\logon.scr
6/17/2008 9:56:25 PM 9216 32 C:\Windows\System32\LogonUI.exe
6/17/2008 9:56:48 PM 23552 32 C:\Windows\System32\lpk.dll
6/17/2008 9:57:31 PM 179712 32 C:\Windows\System32\lpksetup.exe
6/17/2008 9:57:58 PM 41472 32 C:\Windows\System32\lpremove.exe
6/17/2008 9:57:57 PM 1255936 32 C:\Windows\System32\lsasrv.dll
6/17/2008 9:56:48 PM 9728 32 C:\Windows\System32\lsass.exe
6/17/2008 9:57:42 PM 229888 32 C:\Windows\System32\lsm.exe
6/17/2008 9:56:43 PM 19968 32 C:\Windows\System32\lsmproxy.dll
6/17/2008 9:56:37 PM 101376 32 C:\Windows\System32\luainstall.dll
6/17/2008 9:56:43 PM 98304 32 C:\Windows\System32\makecab.exe
6/17/2008 9:57:06 PM 939008 32 C:\Windows\System32\mblctr.exe
6/17/2008 9:57:21 PM 275968 32 C:\Windows\System32\mcbuilder.exe
6/17/2008 9:57:41 PM 852992 32 C:\Windows\System32\mcmde.dll
6/17/2008 9:57:50 PM 376376 32 C:\Windows\System32\mcupdate_GenuineIntel.dll
6/17/2008 9:56:53 PM 53760 32 C:\Windows\System32\Mcx2Svc.dll
6/17/2008 9:56:34 PM 129024 32 C:\Windows\System32\McxDriv.dll
6/17/2008 9:56:36 PM 205312 32 C:\Windows\System32\mdminst.dll
6/17/2008 9:57:15 PM 128512 32 C:\Windows\System32\MdSched.exe
6/17/2008 9:56:46 PM 356864 32 C:\Windows\System32\MediaMetadataHandler.dll
6/17/2008 9:57:53 PM 2867712 32 C:\Windows\System32\mf.dll
6/17/2008 9:57:44 PM 1135104 32 C:\Windows\System32\mfc42.dll
6/17/2008 9:57:45 PM 1160704 32 C:\Windows\System32\mfc42u.dll
6/17/2008 9:56:30 PM 26624 32 C:\Windows\System32\mfcsubs.dll
6/17/2008 9:56:48 PM 208896 32 C:\Windows\System32\mfplat.dll
6/17/2008 9:56:38 PM 24576 32 C:\Windows\System32\mfpmp.exe
6/17/2008 9:56:41 PM 98816 32 C:\Windows\System32\mfps.dll
6/17/2008 9:56:33 PM 62464 32 C:\Windows\System32\mfvdsp.dll
6/17/2008 9:56:47 PM 614400 32 C:\Windows\System32\MFWMAAEC.DLL
6/17/2008 9:56:26 PM 17408 32 C:\Windows\System32\midimap.dll
6/17/2008 9:57:00 PM 94776 32 C:\Windows\System32\MigAutoPlay.exe
6/17/2008 9:56:36 PM 95232 32 C:\Windows\System32\migisol.dll
6/17/2008 9:57:49 PM 2011648 32 C:\Windows\System32\milcore.dll
6/17/2008 9:56:29 PM 35328 32 C:\Windows\System32\mimefilt.dll
6/17/2008 9:56:54 PM 187904 32 C:\Windows\System32\mlang.dll
6/17/2008 9:57:47 PM 1792512 32 C:\Windows\System32\mmc.exe
6/17/2008 9:56:55 PM 301056 32 C:\Windows\System32\mmcbase.dll
6/17/2008 9:57:52 PM 2167808 32 C:\Windows\System32\mmcndmgr.dll
6/17/2008 9:56:44 PM 127488 32 C:\Windows\System32\mmcshext.dll
6/17/2008 9:56:50 PM 45056 32 C:\Windows\System32\mmcss.dll
6/17/2008 9:57:27 PM 149504 32 C:\Windows\System32\MMDevAPI.dll
6/17/2008 9:57:33 PM 1102848 32 C:\Windows\System32\mmsys.cpl
6/17/2008 9:56:32 PM 95744 32 C:\Windows\System32\mobsync.exe
6/17/2008 9:56:34 PM 287744 32 C:\Windows\System32\modemui.dll
6/17/2008 9:56:44 PM 13312 32 C:\Windows\System32\mountvol.exe
6/17/2008 9:56:30 PM 84480 32 C:\Windows\System32\MP3DMOD.DLL
6/17/2008 9:56:36 PM 259584 32 C:\Windows\System32\MP43DECD.DLL
6/17/2008 9:56:42 PM 317952 32 C:\Windows\System32\MP4SDECD.DLL
6/17/2008 9:56:36 PM 177152 32 C:\Windows\System32\mpg2splt.ax
6/17/2008 9:56:36 PM 259584 32 C:\Windows\System32\MPG4DECD.DLL
6/17/2008 9:56:54 PM 68608 32 C:\Windows\System32\mpr.dll
6/17/2008 9:56:50 PM 97792 32 C:\Windows\System32\mprapi.dll
6/17/2008 9:57:31 PM 104960 32 C:\Windows\System32\mprddm.dll
6/17/2008 9:57:00 PM 68608 32 C:\Windows\System32\mprdim.dll
6/17/2008 9:57:01 PM 124928 32 C:\Windows\System32\mprmsg.dll
6/17/2008 9:57:51 PM 393216 32 C:\Windows\System32\MPSSVC.dll
7/10/2008 11:36:12 AM 118 32 C:\Windows\System32\MRT.INI
6/17/2008 9:56:54 PM 120320 32 C:\Windows\System32\msaatext.dll
6/17/2008 9:57:01 PM 160256 32 C:\Windows\System32\MSAC3ENC.DLL
6/17/2008 9:57:04 PM 71680 32 C:\Windows\System32\msacm32.dll
6/17/2008 9:56:30 PM 21504 32 C:\Windows\System32\msacm32.drv
6/17/2008 9:56:43 PM 218624 32 C:\Windows\System32\mscandui.dll
6/17/2008 9:56:53 PM 391168 32 C:\Windows\System32\mscms.dll
6/17/2008 9:57:26 PM 227840 32 C:\Windows\System32\msconfig.exe
6/17/2008 9:57:56 PM 282112 32 C:\Windows\System32\mscoree.dll
6/17/2008 9:57:21 PM 158720 32 C:\Windows\System32\mscorier.dll
6/17/2008 9:57:40 PM 84480 32 C:\Windows\System32\mscories.dll
6/17/2008 9:57:33 PM 806912 32 C:\Windows\System32\msctf.dll
6/17/2008 9:56:31 PM 19456 32 C:\Windows\System32\MsCtfMonitor.dll
6/17/2008 9:56:32 PM 84992 32 C:\Windows\System32\msctfui.dll
6/17/2008 9:56:43 PM 159744 32 C:\Windows\System32\msdadiag.dll
6/17/2008 9:56:31 PM 126976 32 C:\Windows\System32\msdart.dll
6/17/2008 9:55:28 PM 305152 32 C:\Windows\System32\msdelta.dll
6/17/2008 9:56:48 PM 30720 32 C:\Windows\System32\msdmo.dll
6/17/2008 9:57:19 PM 415232 32 C:\Windows\System32\msdri.dll
6/17/2008 9:57:37 PM 329216 32 C:\Windows\System32\msdrm.dll
6/17/2008 9:57:03 PM 212992 32 C:\Windows\System32\msdt.dll
6/17/2008 9:56:56 PM 162304 32 C:\Windows\System32\msdt.exe
6/17/2008 9:56:33 PM 105984 32 C:\Windows\System32\msdtc.exe
6/17/2008 9:57:45 PM 344576 32 C:\Windows\System32\msdtckrm.dll
6/17/2008 9:56:56 PM 89088 32 C:\Windows\System32\msdtclog.dll
6/17/2008 9:57:51 PM 557568 32 C:\Windows\System32\msdtcprx.dll
6/17/2008 9:57:53 PM 1052160 32 C:\Windows\System32\msdtctm.dll
6/17/2008 9:57:31 PM 215040 32 C:\Windows\System32\msdtcuiu.dll
6/17/2008 9:57:24 PM 20992 32 C:\Windows\System32\msdtcVSp1res.dll
6/17/2008 9:56:21 PM 4096 32 C:\Windows\System32\msdxm.ocx
6/17/2008 9:56:30 PM 344064 32 C:\Windows\System32\msexcl40.dll
6/17/2008 9:57:06 PM 458240 32 C:\Windows\System32\msfeeds.dll
6/17/2008 9:56:34 PM 52224 32 C:\Windows\System32\msfeedsbs.dll
6/17/2008 9:56:26 PM 12800 32 C:\Windows\System32\msfeedssync.exe
6/17/2008 9:57:01 PM 564224 32 C:\Windows\System32\msftedit.dll
6/17/2008 9:56:32 PM 45568 32 C:\Windows\System32\mshta.exe
6/17/2008 9:57:24 PM 476672 32 C:\Windows\System32\mshtmled.dll
6/17/2008 9:57:46 PM 2085888 32 C:\Windows\System32\msi.dll
6/17/2008 9:57:29 PM 475648 32 C:\Windows\System32\msidcrl30.dll
6/17/2008 9:56:31 PM 53248 32 C:\Windows\System32\msident.dll
6/17/2008 9:56:22 PM 8704 32 C:\Windows\System32\msidle.dll
6/17/2008 9:56:46 PM 296960 32 C:\Windows\System32\msieftp.dll
6/17/2008 9:56:41 PM 71680 32 C:\Windows\System32\msiexec.exe
6/17/2008 9:56:59 PM 332288 32 C:\Windows\System32\msihnd.dll
6/17/2008 9:56:41 PM 31232 32 C:\Windows\System32\msimtf.dll
6/17/2008 9:57:12 PM 408064 32 C:\Windows\System32\msinfo32.exe
6/17/2008 9:56:24 PM 19456 32 C:\Windows\System32\msisip.dll
6/17/2008 9:57:58 PM 1589248 32 C:\Windows\System32\msjet40.dll
6/17/2008 9:56:44 PM 368640 32 C:\Windows\System32\msjetoledb40.dll
6/17/2008 9:57:26 PM 299008 32 C:\Windows\System32\msjtes40.dll
6/17/2008 9:56:58 PM 156160 32 C:\Windows\System32\msls31.dll
6/17/2008 9:56:28 PM 245760 32 C:\Windows\System32\msltus40.dll
6/17/2008 9:56:24 PM 10752 32 C:\Windows\System32\msmmsp.dll
6/17/2008 9:57:51 PM 391680 32 C:\Windows\System32\MSMPEG2ADEC.DLL
6/17/2008 9:57:04 PM 506880 32 C:\Windows\System32\MSMPEG2ENC.DLL
6/17/2008 9:57:59 PM 588288 32 C:\Windows\System32\MSMPEG2VDEC.DLL
6/17/2008 9:56:52 PM 179712 32 C:\Windows\System32\msnetobj.dll
6/17/2008 9:56:26 PM 58880 32 C:\Windows\System32\msobjs.dll
6/17/2008 9:56:49 PM 205824 32 C:\Windows\System32\msoeacct.dll
6/17/2008 9:56:44 PM 87552 32 C:\Windows\System32\msoert2.dll
6/17/2008 9:56:42 PM 180224 32 C:\Windows\System32\msorcl32.dll
6/17/2008 9:56:58 PM 485376 32 C:\Windows\System32\mspaint.exe
6/17/2008 9:55:28 PM 35328 32 C:\Windows\System32\mspatcha.dll
6/17/2008 9:56:28 PM 376832 32 C:\Windows\System32\mspbde40.dll
6/17/2008 9:57:20 PM 464896 32 C:\Windows\System32\msra.exe
6/17/2008 9:56:48 PM 193024 32 C:\Windows\System32\msrating.dll
6/17/2008 9:56:54 PM 344064 32 C:\Windows\System32\msrd3x40.dll
6/17/2008 9:56:48 PM 160256 32 C:\Windows\System32\msrdc.dll
6/17/2008 9:57:36 PM 647168 32 C:\Windows\System32\msrepl40.dll
6/17/2008 9:56:29 PM 23552 32 C:\Windows\System32\msscb.dll
6/17/2008 9:56:33 PM 51200 32 C:\Windows\System32\msscntrs.dll
6/17/2008 9:57:24 PM 414208 32 C:\Windows\System32\msscp.dll
6/17/2008 9:56:43 PM 110592 32 C:\Windows\System32\msscript.ocx
6/17/2008 9:57:37 PM 169472 32 C:\Windows\System32\mssha.dll
6/17/2008 9:57:39 PM 248832 32 C:\Windows\System32\msshsq.dll
6/17/2008 9:56:52 PM 98304 32 C:\Windows\System32\mssitlb.dll
6/17/2008 9:57:35 PM 333824 32 C:\Windows\System32\mssph.dll
6/17/2008 9:57:32 PM 167936 32 C:\Windows\System32\mssphtb.dll
6/17/2008 9:56:29 PM 32256 32 C:\Windows\System32\mssprxy.dll
6/17/2008 9:57:56 PM 1400832 32 C:\Windows\System32\mssrch.dll
6/17/2008 9:56:37 PM 52224 32 C:\Windows\System32\msstrc.dll
6/17/2008 9:57:31 PM 1696768 32 C:\Windows\System32\mssvp.dll
6/17/2008 9:56:57 PM 206336 32 C:\Windows\System32\mstask.dll
6/17/2008 9:56:33 PM 282624 32 C:\Windows\System32\mstext40.dll
6/17/2008 9:57:33 PM 83968 32 C:\Windows\System32\mstlsapi.dll
6/17/2008 9:57:54 PM 677888 32 C:\Windows\System32\mstsc.exe
6/17/2008 9:58:10 PM 2061824 32 C:\Windows\System32\mstscax.dll
6/17/2008 9:57:00 PM 163328 32 C:\Windows\System32\msutb.dll
6/17/2008 9:57:42 PM 210432 32 C:\Windows\System32\msv1_0.dll
6/17/2008 9:57:53 PM 1386496 32 C:\Windows\System32\msvbvm60.dll
6/17/2008 9:57:50 PM 680448 32 C:\Windows\System32\msvcrt.dll
6/17/2008 9:56:36 PM 123904 32 C:\Windows\System32\msvfw32.dll
6/17/2008 9:56:28 PM 31232 32 C:\Windows\System32\msvidc32.dll
6/17/2008 9:57:46 PM 1544704 32 C:\Windows\System32\MSVidCtl.dll
6/17/2008 9:56:59 PM 312320 32 C:\Windows\System32\mswmdm.dll
6/17/2008 9:57:43 PM 223232 32 C:\Windows\System32\mswsock.dll
6/17/2008 9:56:29 PM 450560 32 C:\Windows\System32\msxbde40.dll
6/17/2008 9:57:58 PM 1190400 32 C:\Windows\System32\msxml3.dll
6/17/2008 9:57:58 PM 1332224 32 C:\Windows\System32\msxml6.dll
6/17/2008 9:56:43 PM 124928 32 C:\Windows\System32\mtstocom.exe
6/17/2008 9:57:47 PM 307712 32 C:\Windows\System32\mtxclu.dll
6/17/2008 9:56:30 PM 22016 32 C:\Windows\System32\mtxdm.dll
6/17/2008 9:56:31 PM 27136 32 C:\Windows\System32\mtxlegih.dll
6/17/2008 9:56:57 PM 105472 32 C:\Windows\System32\mtxoci.dll
6/17/2008 9:57:22 PM 66048 32 C:\Windows\System32\MuiUnattend.exe
6/17/2008 9:56:58 PM 229888 32 C:\Windows\System32\mycomput.dll
6/17/2008 9:56:31 PM 135680 32 C:\Windows\System32\mydocs.dll
6/17/2008 9:56:34 PM 221184 32 C:\Windows\System32\Mystify.scr
6/17/2008 9:57:00 PM 46080 32 C:\Windows\System32\NAPCRYPT.DLL
6/17/2008 9:56:31 PM 67584 32 C:\Windows\System32\napdsnap.dll
6/17/2008 9:57:04 PM 103936 32 C:\Windows\System32\NAPHLPR.DLL
6/17/2008 9:56:44 PM 50176 32 C:\Windows\System32\NapiNSP.dll
6/17/2008 9:56:42 PM 34304 32 C:\Windows\System32\napipsec.dll
6/17/2008 9:57:23 PM 153600 32 C:\Windows\System32\NAPMONTR.DLL
6/17/2008 9:57:11 PM 267264 32 C:\Windows\System32\NAPSTAT.EXE
7/10/2008 11:34:02 AM 801280 32 C:\Windows\System32\NaturalLanguage6.dll
6/17/2008 9:56:30 PM 15360 32 C:\Windows\System32\nbtstat.exe
6/17/2008 9:56:27 PM 19968 32 C:\Windows\System32\NcdProp.dll
6/17/2008 9:57:02 PM 74240 32 C:\Windows\System32\nci.dll
6/17/2008 9:56:54 PM 48128 32 C:\Windows\System32\ncobjapi.dll
6/17/2008 9:57:36 PM 204288 32 C:\Windows\System32\ncrypt.dll
6/17/2008 9:57:34 PM 445952 32 C:\Windows\System32\ncryptui.dll
6/17/2008 9:57:16 PM 93184 32 C:\Windows\System32\ncsi.dll
6/17/2008 9:56:43 PM 135168 32 C:\Windows\System32\ndfapi.dll
6/17/2008 9:56:30 PM 29184 32 C:\Windows\System32\ndfetw.dll
6/17/2008 9:56:36 PM 48128 32 C:\Windows\System32\net.exe
6/17/2008 9:57:03 PM 158720 32 C:\Windows\System32\net1.exe
6/17/2008 9:57:42 PM 466944 32 C:\Windows\System32\netapi32.dll
6/17/2008 9:56:32 PM 21504 32 C:\Windows\System32\netbtugc.exe
6/17/2008 9:57:15 PM 2225664 32 C:\Windows\System32\netcenter.dll
6/17/2008 9:56:48 PM 25600 32 C:\Windows\System32\netcfg.exe
6/17/2008 9:57:32 PM 386560 32 C:\Windows\System32\netcfgx.dll
6/17/2008 9:57:04 PM 112128 32 C:\Windows\System32\netcorehc.dll
6/17/2008 9:57:06 PM 112128 32 C:\Windows\System32\netdiagfx.dll
6/17/2008 9:56:30 PM 17920 32 C:\Windows\System32\netevent.dll
6/17/2008 9:57:15 PM 119808 32 C:\Windows\System32\netid.dll
6/17/2008 9:56:56 PM 102912 32 C:\Windows\System32\netiohlp.dll
6/17/2008 9:56:41 PM 22528 32 C:\Windows\System32\netiougc.exe
6/17/2008 9:57:50 PM 592384 32 C:\Windows\System32\netlogon.dll
6/17/2008 9:57:17 PM 274432 32 C:\Windows\System32\netman.dll
6/17/2008 9:56:44 PM 180736 32 C:\Windows\System32\netplwiz.dll
6/17/2008 9:56:28 PM 25600 32 C:\Windows\System32\Netplwiz.exe
6/17/2008 9:56:47 PM 669696 32 C:\Windows\System32\netprof.dll
6/17/2008 9:57:32 PM 237056 32 C:\Windows\System32\netprofm.dll
6/17/2008 9:57:18 PM 1086464 32 C:\Windows\System32\NetProjW.dll
6/17/2008 9:57:28 PM 3173376 32 C:\Windows\System32\netshell.dll
6/17/2008 9:56:46 PM 2226688 32 C:\Windows\System32\networkexplorer.dll
6/17/2008 9:56:32 PM 39936 32 C:\Windows\System32\networkitemfactory.dll
6/17/2008 9:56:49 PM 3072000 32 C:\Windows\System32\networkmap.dll
6/17/2008 9:56:58 PM 183808 32 C:\Windows\System32\newdev.dll
6/17/2008 9:56:35 PM 48128 32 C:\Windows\System32\nlaapi.dll
6/17/2008 9:57:36 PM 168448 32 C:\Windows\System32\nlasvc.dll
6/17/2008 9:56:35 PM 122368 32 C:\Windows\System32\nlhtml.dll
6/17/2008 9:57:49 PM 154624 32 C:\Windows\System32\nlmgp.dll
6/17/2008 9:56:25 PM 57856 32 C:\Windows\System32\nlsbres.dll
6/17/2008 9:56:55 PM 1523712 32 C:\Windows\System32\NlsData0000.dll
6/17/2008 9:57:07 PM 2599936 32 C:\Windows\System32\NlsData0001.dll
6/17/2008 9:57:07 PM 1965056 32 C:\Windows\System32\NlsData0002.dll
6/17/2008 9:57:07 PM 1965056 32 C:\Windows\System32\NlsData0003.dll
6/17/2008 9:57:15 PM 2243072 32 C:\Windows\System32\NlsData0007.dll
6/17/2008 9:57:27 PM 4875776 32 C:\Windows\System32\NlsData0009.dll
6/17/2008 9:57:13 PM 9847296 32 C:\Windows\System32\NlsData000a.dll
6/17/2008 9:57:15 PM 2643456 32 C:\Windows\System32\NlsData000c.dll
6/17/2008 9:57:07 PM 2342912 32 C:\Windows\System32\NlsData000d.dll
6/17/2008 9:57:12 PM 1965056 32 C:\Windows\System32\NlsData000f.dll
6/17/2008 9:57:10 PM 4495360 32 C:\Windows\System32\NlsData0010.dll
6/17/2008 9:57:14 PM 2657280 32 C:\Windows\System32\NlsData0011.dll
6/17/2008 9:57:07 PM 3466752 32 C:\Windows\System32\NlsData0013.dll
6/17/2008 9:57:12 PM 1965056 32 C:\Windows\System32\NlsData0018.dll
6/17/2008 9:57:10 PM 4497408 32 C:\Windows\System32\NlsData0019.dll
6/17/2008 9:57:12 PM 1965056 32 C:\Windows\System32\NlsData001a.dll
6/17/2008 9:57:12 PM 1965056 32 C:\Windows\System32\NlsData001b.dll
6/17/2008 9:57:10 PM 4495360 32 C:\Windows\System32\NlsData001d.dll
6/17/2008 9:57:11 PM 3104768 32 C:\Windows\System32\NlsData0020.dll
6/17/2008 9:57:11 PM 1801216 32 C:\Windows\System32\NlsData0021.dll
6/17/2008 9:57:11 PM 1801216 32 C:\Windows\System32\NlsData0022.dll
6/17/2008 9:57:08 PM 1965056 32 C:\Windows\System32\NlsData0024.dll
6/17/2008 9:57:08 PM 1965056 32 C:\Windows\System32\NlsData0026.dll
6/17/2008 9:57:07 PM 1966592 32 C:\Windows\System32\NlsData0027.dll
6/17/2008 9:57:11 PM 1801216 32 C:\Windows\System32\NlsData002a.dll
6/17/2008 9:57:11 PM 3104768 32 C:\Windows\System32\NlsData0039.dll
6/17/2008 9:57:11 PM 1801216 32 C:\Windows\System32\NlsData003e.dll
6/17/2008 9:57:13 PM 3104768 32 C:\Windows\System32\NlsData0045.dll
6/17/2008 9:57:14 PM 3104768 32 C:\Windows\System32\NlsData0046.dll
6/17/2008 9:57:14 PM 3104768 32 C:\Windows\System32\NlsData0047.dll
6/17/2008 9:57:13 PM 3104768 32 C:\Windows\System32\NlsData0049.dll
6/17/2008 9:57:14 PM 3104768 32 C:\Windows\System32\NlsData004a.dll
6/17/2008 9:57:14 PM 3104768 32 C:\Windows\System32\NlsData004b.dll
6/17/2008 9:57:13 PM 3104768 32 C:\Windows\System32\NlsData004c.dll
6/17/2008 9:57:13 PM 3104768 32 C:\Windows\System32\NlsData004e.dll
6/17/2008 9:57:12 PM 4495360 32 C:\Windows\System32\NlsData0414.dll
6/17/2008 9:57:12 PM 4495360 32 C:\Windows\System32\NlsData0416.dll
6/17/2008 9:57:11 PM 4495360 32 C:\Windows\System32\NlsData0816.dll
6/17/2008 9:57:07 PM 1965056 32 C:\Windows\System32\NlsData081a.dll
6/17/2008 9:57:12 PM 1965056 32 C:\Windows\System32\NlsData0c1a.dll
6/17/2008 9:56:22 PM 25088 32 C:\Windows\System32\Nlsdl.dll
7/10/2008 11:34:15 AM 12240896 32 C:\Windows\System32\NlsLexicons0007.dll
7/10/2008 11:34:12 AM 2644480 32 C:\Windows\System32\NlsLexicons0009.dll
6/17/2008 9:56:42 PM 151040 32 C:\Windows\System32\notepad.exe
6/17/2008 9:56:47 PM 23552 32 C:\Windows\System32\nshhttp.dll
6/17/2008 9:56:41 PM 352256 32 C:\Windows\System32\nshipsec.dll
6/17/2008 9:56:30 PM 8192 32 C:\Windows\System32\nsi.dll
6/17/2008 9:56:37 PM 18432 32 C:\Windows\System32\nsisvc.dll
6/17/2008 9:56:54 PM 82944 32 C:\Windows\System32\nslookup.exe
6/17/2008 9:57:57 PM 1203792 32 C:\Windows\System32\ntdll.dll
6/17/2008 9:57:12 PM 88576 32 C:\Windows\System32\ntdsapi.dll
7/9/2008 12:23:03 PM 3600952 32 C:\Windows\System32\ntkrnlpa.exe
6/17/2008 9:57:18 PM 63488 32 C:\Windows\System32\ntlanman.dll
6/17/2008 9:56:55 PM 121344 32 C:\Windows\System32\ntmarta.dll
7/9/2008 12:23:02 PM 3549240 32 C:\Windows\System32\ntoskrnl.exe
6/17/2008 9:57:28 PM 216064 32 C:\Windows\System32\ntprint.dll
6/17/2008 9:57:03 PM 296960 32 C:\Windows\System32\ntshrui.dll
6/17/2008 9:57:19 PM 520704 32 C:\Windows\System32\ntvdm.exe
7/14/2008 2:00:11 PM 188960 32 C:\Windows\System32\nvapps.xml
6/17/2008 9:57:35 PM 531456 32 C:\Windows\System32\objsel.dll
6/17/2008 9:56:53 PM 102912 32 C:\Windows\System32\occache.dll
6/17/2008 9:56:32 PM 35840 32 C:\Windows\System32\ocsetup.exe
6/17/2008 9:56:47 PM 409600 32 C:\Windows\System32\odbc32.dll
6/17/2008 9:56:30 PM 28672 32 C:\Windows\System32\odbcbcp.dll
6/17/2008 9:56:27 PM 40960 32 C:\Windows\System32\odbcconf.dll
6/17/2008 9:56:34 PM 114688 32 C:\Windows\System32\odbccp32.dll
6/17/2008 9:56:31 PM 77824 32 C:\Windows\System32\odbccr32.dll
6/17/2008 9:56:31 PM 77824 32 C:\Windows\System32\odbccu32.dll
6/17/2008 9:57:11 PM 319488 32 C:\Windows\System32\odbcjt32.dll
6/17/2008 9:56:32 PM 159744 32 C:\Windows\System32\odbctrac.dll
6/17/2008 9:56:48 PM 194560 32 C:\Windows\System32\offfilt.dll
6/17/2008 9:56:52 PM 1107456 32 C:\Windows\System32\ogldrv.dll
6/17/2008 9:57:50 PM 1315328 32 C:\Windows\System32\ole32.dll
6/17/2008 9:57:19 PM 215040 32 C:\Windows\System32\oleacc.dll
6/17/2008 9:57:43 PM 563200 32 C:\Windows\System32\oleaut32.dll
6/17/2008 9:56:37 PM 78848 32 C:\Windows\System32\olecli32.dll
6/17/2008 9:56:55 PM 101888 32 C:\Windows\System32\oledlg.dll
6/17/2008 9:57:01 PM 96768 32 C:\Windows\System32\oleprn.dll
6/17/2008 9:56:45 PM 88576 32 C:\Windows\System32\olepro32.dll
6/17/2008 9:56:33 PM 27648 32 C:\Windows\System32\olesvr32.dll
6/17/2008 9:56:33 PM 77824 32 C:\Windows\System32\olethk32.dll
6/17/2008 9:58:20 PM 1541120 32 C:\Windows\System32\onex.dll
6/17/2008 9:57:02 PM 261163 32 C:\Windows\System32\onex.tmf
6/17/2008 9:56:53 PM 2153472 32 C:\Windows\System32\oobefldr.dll
6/17/2008 9:56:28 PM 97280 32 C:\Windows\System32\OptionalFeatures.exe
6/17/2008 9:56:24 PM 19968 32 C:\Windows\System32\osbaseln.dll
6/17/2008 9:56:34 PM 42496 32 C:\Windows\System32\osblprov.dll
6/17/2008 9:57:01 PM 202240 32 C:\Windows\System32\P2P.dll
6/17/2008 9:56:52 PM 403968 32 C:\Windows\System32\p2pcollab.dll
6/17/2008 9:57:22 PM 336896 32 C:\Windows\System32\P2PGraph.dll
6/17/2008 9:56:42 PM 192000 32 C:\Windows\System32\p2phost.exe
6/17/2008 9:56:49 PM 134144 32 C:\Windows\System32\p2pnetsh.dll
6/17/2008 9:57:41 PM 658944 32 C:\Windows\System32\p2psvc.dll
7/9/2008 12:23:02 PM 15360 32 C:\Windows\System32\pacerprf.dll
6/17/2008 9:56:48 PM 26624 32 C:\Windows\System32\pcadm.dll
6/17/2008 9:56:41 PM 37888 32 C:\Windows\System32\pcasvc.dll
6/17/2008 9:57:39 PM 464384 32 C:\Windows\System32\pcaui.dll
6/17/2008 9:57:06 PM 242688 32 C:\Windows\System32\pdh.dll
6/17/2008 9:56:35 PM 46592 32 C:\Windows\System32\pdhui.dll
6/17/2008 9:57:18 PM 1248768 32 C:\Windows\System32\PerfCenterCPL.dll
6/17/2008 9:56:42 PM 120320 32 C:\Windows\System32\perfmon.exe
6/17/2008 9:56:16 PM 145455 32 C:\Windows\System32\perfmon.msc
6/17/2008 9:56:37 PM 19968 32 C:\Windows\System32\perfnet.dll
6/17/2008 9:56:44 PM 17408 32 C:\Windows\System32\perfts.dll
6/17/2008 9:57:32 PM 124928 32 C:\Windows\System32\phon.ime
6/17/2008 9:57:17 PM 412160 32 C:\Windows\System32\PhotoMetadataHandler.dll
6/17/2008 9:57:27 PM 704512 32 C:\Windows\System32\PhotoScreensaver.scr
6/17/2008 9:57:15 PM 291328 32 C:\Windows\System32\photowiz.dll
6/17/2008 9:58:10 PM 1107968 32 C:\Windows\System32\pidgenx.dll
6/17/2008 9:56:44 PM 15360 32 C:\Windows\System32\PING.EXE
6/17/2008 9:57:32 PM 89088 32 C:\Windows\System32\pintlgnt.ime
6/17/2008 9:55:43 PM 130560 32 C:\Windows\System32\PkgMgr.exe
6/17/2008 9:57:29 PM 1502208 32 C:\Windows\System32\pla.dll
6/17/2008 9:56:28 PM 17920 32 C:\Windows\System32\PlaySndSrv.dll
6/17/2008 9:56:49 PM 45056 32 C:\Windows\System32\pngfilt.dll
6/17/2008 9:57:26 PM 1823232 32 C:\Windows\System32\pnidui.dll
6/17/2008 9:56:54 PM 180736 32 C:\Windows\System32\pnpsetup.dll
6/17/2008 9:56:36 PM 10752 32 C:\Windows\System32\pnpts.dll
6/17/2008 9:56:53 PM 542208 32 C:\Windows\System32\pnpui.dll
6/17/2008 9:56:45 PM 58368 32 C:\Windows\System32\PnPUnattend.exe
6/17/2008 9:56:41 PM 32768 32 C:\Windows\System32\PnPutil.exe
6/17/2008 9:56:48 PM 69632 32 C:\Windows\System32\PNPXAssoc.dll
6/17/2008 9:56:48 PM 53248 32 C:\Windows\System32\PNPXAssocPrx.dll
6/17/2008 9:56:49 PM 62464 32 C:\Windows\System32\pnrpnsp.dll
6/17/2008 9:56:54 PM 272896 32 C:\Windows\System32\polstore.dll
6/17/2008 9:57:21 PM 272384 32 C:\Windows\System32\PortableDeviceApi.dll
6/17/2008 9:56:55 PM 94720 32 C:\Windows\System32\PortableDeviceClassExtension.dll
6/17/2008 9:56:56 PM 160768 32 C:\Windows\System32\PortableDeviceTypes.dll
6/17/2008 9:56:35 PM 124928 32 C:\Windows\System32\PortableDeviceWiaCompat.dll
6/17/2008 9:56:58 PM 196608 32 C:\Windows\System32\PortableDeviceWMDRM.dll
6/17/2008 9:56:41 PM 16896 32 C:\Windows\System32\pots.dll
6/17/2008 9:56:33 PM 163328 32 C:\Windows\System32\powercfg.cpl
6/17/2008 9:56:47 PM 723968 32 C:\Windows\System32\powercpl.dll
6/17/2008 9:56:41 PM 97280 32 C:\Windows\System32\powrprof.dll
6/17/2008 9:56:58 PM 106520 32 C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
6/17/2008 9:57:34 PM 350744 32 C:\Windows\System32\PresentationHost.exe
6/17/2008 9:57:22 PM 33304 32 C:\Windows\System32\PresentationHostProxy.dll
6/17/2008 9:58:07 PM 779800 32 C:\Windows\System32\PresentationNative_v0300.dll
6/17/2008 9:57:01 PM 160256 32 C:\Windows\System32\PresentationSettings.exe
6/17/2008 9:56:32 PM 26112 32 C:\Windows\System32\prevhost.exe
6/17/2008 9:56:43 PM 37888 32 C:\Windows\System32\printcom.dll
6/17/2008 9:56:52 PM 26112 32 C:\Windows\System32\printfilterpipelineprxy.dll
6/17/2008 9:57:49 PM 666112 32 C:\Windows\System32\printfilterpipelinesvc.exe
6/17/2008 9:57:35 PM 869888 32 C:\Windows\System32\printui.dll
6/17/2008 9:57:07 PM 551936 32 C:\Windows\System32\prnntfy.dll
6/17/2008 9:56:42 PM 119296 32 C:\Windows\System32\prntvpt.dll
6/17/2008 9:56:30 PM 7680 32 C:\Windows\System32\procinst.dll
6/17/2008 9:57:23 PM 29184 32 C:\Windows\System32\profprov.dll
6/17/2008 9:57:17 PM 153600 32 C:\Windows\System32\profsvc.dll
6/17/2008 9:56:37 PM 65536 32 C:\Windows\System32\propdefs.dll
6/17/2008 9:57:50 PM 750080 32 C:\Windows\System32\propsys.dll
6/17/2008 9:56:46 PM 191488 32 C:\Windows\System32\provthrd.dll
6/17/2008 9:56:29 PM 40448 32 C:\Windows\System32\psbase.dll
6/17/2008 9:58:13 PM 51768 32 C:\Windows\System32\PSHED.DLL
6/17/2008 9:56:57 PM 166400 32 C:\Windows\System32\puiapi.dll
6/17/2008 9:57:15 PM 300032 32 C:\Windows\System32\puiobj.dll
6/17/2008 9:57:34 PM 172544 32 C:\Windows\System32\QAGENT.DLL
6/17/2008 9:57:48 PM 302080 32 C:\Windows\System32\QAGENTRT.DLL
6/17/2008 9:56:44 PM 208896 32 C:\Windows\System32\qasf.dll
6/17/2008 9:56:44 PM 192000 32 C:\Windows\System32\qcap.dll
6/17/2008 9:56:45 PM 69632 32 C:\Windows\System32\QCLIPROV.DLL
6/17/2008 9:56:34 PM 281600 32 C:\Windows\System32\qdv.dll
6/17/2008 9:57:24 PM 497152 32 C:\Windows\System32\qdvd.dll
6/17/2008 9:56:49 PM 505344 32 C:\Windows\System32\qedit.dll
6/17/2008 9:57:32 PM 124928 32 C:\Windows\System32\qintlgnt.ime
6/17/2008 9:57:57 PM 758272 32 C:\Windows\System32\qmgr.dll
6/17/2008 9:57:21 PM 154112 32 C:\Windows\System32\QSHVHOST.DLL
6/17/2008 9:56:49 PM 81920 32 C:\Windows\System32\QSVRMGMT.DLL
6/17/2008 9:57:51 PM 1381376 32 C:\Windows\System32\Query.dll
6/17/2008 9:57:32 PM 124928 32 C:\Windows\System32\quick.ime
6/17/2008 9:57:03 PM 79360 32 C:\Windows\System32\QUTIL.DLL
6/17/2008 9:57:05 PM 243712 32 C:\Windows\System32\qwave.dll
6/17/2008 9:56:31 PM 20480 32 C:\Windows\System32\RacAgent.exe
6/17/2008 9:58:00 PM 889344 32 C:\Windows\System32\RacEngn.dll
6/17/2008 9:56:28 PM 9987 32 C:\Windows\System32\RacUR.xml
6/17/2008 9:56:17 PM 150 32 C:\Windows\System32\RacUREx.xml
6/17/2008 9:57:25 PM 286720 32 C:\Windows\System32\rasapi32.dll
6/17/2008 9:56:33 PM 90624 32 C:\Windows\System32\rasauto.dll
6/17/2008 9:57:01 PM 81408 32 C:\Windows\System32\rascfg.dll
6/17/2008 9:57:19 PM 281600 32 C:\Windows\System32\raschap.dll
6/17/2008 9:56:26 PM 15360 32 C:\Windows\System32\rasctrs.dll
6/17/2008 9:56:32 PM 52736 32 C:\Windows\System32\rasdiag.dll
6/17/2008 9:57:21 PM 825856 32 C:\Windows\System32\rasdlg.dll
6/17/2008 9:56:45 PM 161792 32 C:\Windows\System32\raserver.exe
6/17/2008 9:56:55 PM 642560 32 C:\Windows\System32\rasgcw.dll
6/17/2008 9:57:01 PM 71168 32 C:\Windows\System32\rasman.dll
6/17/2008 9:57:39 PM 260608 32 C:\Windows\System32\rasmans.dll
6/17/2008 9:56:46 PM 975360 32 C:\Windows\System32\RASMM.dll
6/17/2008 9:57:20 PM 155136 32 C:\Windows\System32\rasmontr.dll
6/17/2008 9:56:30 PM 39424 32 C:\Windows\System32\rasphone.exe
6/17/2008 9:56:38 PM 376832 32 C:\Windows\System32\rasplap.dll
6/17/2008 9:57:36 PM 259584 32 C:\Windows\System32\rasppp.dll
6/17/2008 9:56:54 PM 69632 32 C:\Windows\System32\rasqec.dll
6/17/2008 9:57:04 PM 69632 32 C:\Windows\System32\rastapi.dll
6/17/2008 9:57:35 PM 243712 32 C:\Windows\System32\rastls.dll
6/17/2008 9:56:23 PM 8704 32 C:\Windows\System32\rdpcfgex.dll
6/17/2008 9:57:23 PM 134656 32 C:\Windows\System32\rdpdd.dll
6/17/2008 9:57:22 PM 118272 32 C:\Windows\System32\RDPENCDD.dll
6/17/2008 9:57:59 PM 612864 32 C:\Windows\System32\rdpencom.dll
6/17/2008 9:57:37 PM 107008 32 C:\Windows\System32\rdpwsx.dll
6/17/2008 9:56:34 PM 30208 32 C:\Windows\System32\rdrleakdiag.exe
6/17/2008 9:57:56 PM 193024 32 C:\Windows\System32\recdisc.exe
6/17/2008 9:56:45 PM 60416 32 C:\Windows\System32\reg.exe
6/17/2008 9:56:58 PM 67584 32 C:\Windows\System32\regapi.dll
6/17/2008 9:56:32 PM 40960 32 C:\Windows\System32\RegCtrl.dll
6/17/2008 9:56:31 PM 44032 32 C:\Windows\System32\regini.exe
6/17/2008 9:57:19 PM 106496 32 C:\Windows\System32\regsvc.dll
6/17/2008 9:56:44 PM 42496 32 C:\Windows\System32\rekeywiz.exe
6/17/2008 9:57:06 PM 340992 32 C:\Windows\System32\RelMon.dll
6/17/2008 9:56:35 PM 58368 32 C:\Windows\System32\remotepg.dll
6/17/2008 9:56:37 PM 216576 32 C:\Windows\System32\RESAMPLEDMO.DLL
6/17/2008 9:56:47 PM 65536 32 C:\Windows\System32\resutils.dll
6/17/2008 9:56:32 PM 151552 32 C:\Windows\System32\rgb9rast.dll
6/17/2008 9:56:34 PM 220672 32 C:\Windows\System32\Ribbons.scr
6/17/2008 9:57:41 PM 456704 32 C:\Windows\System32\riched20.dll
6/17/2008 9:56:22 PM 8192 32 C:\Windows\System32\riched32.dll
6/17/2008 9:58:08 PM 510976 32 C:\Windows\System32\RMActivate.exe
6/17/2008 9:58:07 PM 523776 32 C:\Windows\System32\RMActivate_isv.exe
6/17/2008 9:58:00 PM 347136 32 C:\Windows\System32\RMActivate_ssp.exe
6/17/2008 9:57:59 PM 346624 32 C:\Windows\System32\RMActivate_ssp_isv.exe
6/17/2008 9:56:56 PM 87552 32 C:\Windows\System32\Robocopy.exe
6/17/2008 9:56:30 PM 17920 32 C:\Windows\System32\ROUTE.EXE
6/17/2008 9:57:24 PM 127488 32 C:\Windows\System32\rpchttp.dll
6/17/2008 9:56:37 PM 34816 32 C:\Windows\System32\RpcPing.exe
7/9/2008 12:23:03 PM 784896 32 C:\Windows\System32\rpcrt4.dll
6/17/2008 9:57:36 PM 547328 32 C:\Windows\System32\rpcss.dll
6/17/2008 9:56:42 PM 53248 32 C:\Windows\System32\rrinstaller.exe
6/17/2008 9:57:32 PM 242744 32 C:\Windows\System32\rsaenh.dll
6/17/2008 9:56:37 PM 43520 32 C:\Windows\System32\rshx32.dll
6/17/2008 9:56:50 PM 146944 32 C:\Windows\System32\RstrtMgr.dll
6/17/2008 9:56:32 PM 26624 32 C:\Windows\System32\rtffilt.dll
6/17/2008 9:57:00 PM 114688 32 C:\Windows\System32\rtm.dll
6/17/2008 9:56:37 PM 38400 32 C:\Windows\System32\runonce.exe
6/17/2008 9:56:57 PM 57344 32 C:\Windows\System32\samlib.dll
6/17/2008 9:57:45 PM 478720 32 C:\Windows\System32\samsrv.dll
6/17/2008 9:57:45 PM 322560 32 C:\Windows\System32\sbe.dll
6/17/2008 9:56:43 PM 153088 32 C:\Windows\System32\sbeio.dll
6/17/2008 9:56:27 PM 11776 32 C:\Windows\System32\sbunattend.exe
6/17/2008 9:57:00 PM 245760 32 C:\Windows\System32\scansetting.dll
6/17/2008 9:56:57 PM 95232 32 C:\Windows\System32\SCardSvr.dll
6/17/2008 9:56:58 PM 177152 32 C:\Windows\System32\scecli.dll
6/17/2008 9:56:53 PM 306176 32 C:\Windows\System32\scesrv.dll
6/17/2008 9:57:42 PM 268288 32 C:\Windows\System32\schannel.dll
6/17/2008 9:57:49 PM 596992 32 C:\Windows\System32\schedsvc.dll
6/17/2008 9:57:06 PM 151552 32 C:\Windows\System32\schtasks.exe
6/17/2008 9:57:32 PM 140288 32 C:\Windows\System32\scksp.dll
7/9/2008 12:22:52 PM 180224 32 C:\Windows\System32\scrobj.dll
7/9/2008 12:22:52 PM 172032 32 C:\Windows\System32\scrrun.dll
6/17/2008 9:56:36 PM 82944 32 C:\Windows\System32\sdchange.exe
6/17/2008 9:57:49 PM 1169408 32 C:\Windows\System32\sdclt.exe
6/17/2008 9:57:44 PM 730624 32 C:\Windows\System32\sdengin2.dll
6/17/2008 9:57:42 PM 183296 32 C:\Windows\System32\sdohlp.dll
6/17/2008 9:57:03 PM 104960 32 C:\Windows\System32\sdrsvc.dll
6/17/2008 9:56:56 PM 98816 32 C:\Windows\System32\sdshext.dll
6/17/2008 9:56:25 PM 6656 32 C:\Windows\System32\sdspres.dll
6/17/2008 9:56:49 PM 76800 32 C:\Windows\System32\SearchFilterHost.exe
6/17/2008 9:57:39 PM 302080 32 C:\Windows\System32\SearchIndexer.exe
6/17/2008 9:57:29 PM 179200 32 C:\Windows\System32\SearchProtocolHost.exe
6/17/2008 9:56:43 PM 35328 32 C:\Windows\System32\SecEdit.exe
6/17/2008 9:56:43 PM 19968 32 C:\Windows\System32\seclogon.dll
6/17/2008 9:58:07 PM 472064 32 C:\Windows\System32\secproc.dll
6/17/2008 9:58:02 PM 472576 32 C:\Windows\System32\secproc_isv.dll
6/17/2008 9:56:50 PM 151040 32 C:\Windows\System32\secproc_ssp.dll
6/17/2008 9:56:50 PM 151040 32 C:\Windows\System32\secproc_ssp_isv.dll
6/17/2008 9:57:11 PM 72704 32 C:\Windows\System32\secur32.dll
6/17/2008 9:56:37 PM 69632 32 C:\Windows\System32\sendmail.dll
6/17/2008 9:56:43 PM 47104 32 C:\Windows\System32\Sens.dll
6/17/2008 9:56:27 PM 15360 32 C:\Windows\System32\serialui.dll
6/17/2008 9:57:27 PM 279040 32 C:\Windows\System32\services.exe
6/17/2008 9:57:25 PM 84992 32 C:\Windows\System32\SessEnv.dll
6/17/2008 9:56:53 PM 626688 32 C:\Windows\System32\sethc.exe
6/17/2008 9:57:42 PM 1590272 32 C:\Windows\System32\setupapi.dll
6/17/2008 9:57:00 PM 41984 32 C:\Windows\System32\setupcl.exe
6/17/2008 9:56:31 PM 110592 32 C:\Windows\System32\setupcln.dll
6/17/2008 9:56:28 PM 13312 32 C:\Windows\System32\setupSNK.exe
6/17/2008 9:56:49 PM 85504 32 C:\Windows\System32\setupugc.exe
6/17/2008 9:56:35 PM 15872 32 C:\Windows\System32\sfc.exe
6/17/2008 9:56:37 PM 38912 32 C:\Windows\System32\sfc_os.dll
6/17/2008 9:56:42 PM 81920 32 C:\Windows\System32\shacct.dll
6/17/2008 9:57:30 PM 1067520 32 C:\Windows\System32\shdocvw.dll
7/9/2008 12:22:58 PM 11580416 32 C:\Windows\System32\shell32.dll
6/17/2008 9:56:37 PM 68608 32 C:\Windows\System32\shgina.dll
6/17/2008 9:56:43 PM 128000 32 C:\Windows\System32\shimgvw.dll
6/17/2008 9:57:49 PM 351744 32 C:\Windows\System32\shlwapi.dll
6/17/2008 9:57:20 PM 105984 32 C:\Windows\System32\shrink.dll
6/17/2008 9:56:37 PM 396288 32 C:\Windows\System32\shrpubw.exe
6/17/2008 9:57:04 PM 101376 32 C:\Windows\System32\shsetup.dll
6/17/2008 9:57:28 PM 247296 32 C:\Windows\System32\shsvcs.dll
6/17/2008 9:56:34 PM 29696 32 C:\Windows\System32\shutdown.exe
6/17/2008 9:56:46 PM 425472 32 C:\Windows\System32\shwebsvc.dll
6/17/2008 9:57:47 PM 225792 32 C:\Windows\System32\SLC.dll
6/17/2008 9:56:46 PM 777216 32 C:\Windows\System32\slcc.dll
6/17/2008 9:56:46 PM 137216 32 C:\Windows\System32\SLCExt.dll
6/17/2008 9:56:55 PM 42496 32 C:\Windows\System32\slcinst.dll
6/17/2008 9:57:22 PM 573440 32 C:\Windows\System32\SLCommDlg.dll
6/17/2008 9:56:33 PM 186368 32 C:\Windows\System32\SLLUA.exe
6/17/2008 9:56:54 PM 80047 32 C:\Windows\System32\slmgr.vbs
6/17/2008 9:58:20 PM 2623488 32 C:\Windows\System32\SLsvc.exe
6/17/2008 9:57:21 PM 354304 32 C:\Windows\System32\SLUI.exe
6/17/2008 9:56:56 PM 57856 32 C:\Windows\System32\SLUINotify.dll
6/17/2008 9:56:28 PM 12288 32 C:\Windows\System32\slwga.dll
6/17/2008 9:56:46 PM 35328 32 C:\Windows\System32\slwmi.dll
6/17/2008 9:57:22 PM 134144 32 C:\Windows\System32\SmartcardCredentialProvider.dll
6/17/2008 9:57:53 PM 83456 32 C:\Windows\System32\SMBHelperClass.dll
6/17/2008 9:55:49 PM 704512 32 C:\Windows\System32\SmiEngine.dll
6/17/2008 9:55:49 PM 139264 32 C:\Windows\System32\SmiInstaller.dll
6/17/2008 9:57:01 PM 64000 32 C:\Windows\System32\smss.exe
6/17/2008 9:56:55 PM 197632 32 C:\Windows\System32\SndVol.exe
6/17/2008 9:56:54 PM 275968 32 C:\Windows\System32\SnippingTool.exe
6/17/2008 9:56:34 PM 125440 32 C:\Windows\System32\softkbd.dll
6/17/2008 9:56:44 PM 127488 32 C:\Windows\System32\SoundRecorder.exe
6/17/2008 9:57:13 PM 64512 32 C:\Windows\System32\spbcd.dll
6/17/2008 9:57:33 PM 163840 32 C:\Windows\System32\spoolss.dll
6/17/2008 9:56:58 PM 125952 32 C:\Windows\System32\spoolsv.exe
6/17/2008 9:56:27 PM 15872 32 C:\Windows\System32\spopk.dll
6/17/2008 9:57:21 PM 142336 32 C:\Windows\System32\spp.dll
6/17/2008 9:56:43 PM 44544 32 C:\Windows\System32\sppnp.dll
6/17/2008 9:57:21 PM 348160 32 C:\Windows\System32\spwizeng.dll
6/17/2008 9:57:59 PM 8322048 32 C:\Windows\System32\spwizimg.dll
6/17/2008 9:56:20 PM 7680 32 C:\Windows\System32\spwizres.dll
6/17/2008 9:56:22 PM 7680 32 C:\Windows\System32\spwmp.dll
6/17/2008 9:57:42 PM 604160 32 C:\Windows\System32\sqlceqp30.dll
6/17/2008 9:57:39 PM 308224 32 C:\Windows\System32\sqlcese30.dll
6/17/2008 9:57:34 PM 520192 32 C:\Windows\System32\sqlsrv32.dll
6/17/2008 9:57:31 PM 129536 32 C:\Windows\System32\sqmapi.dll
6/17/2008 9:57:30 PM 258048 32 C:\Windows\System32\srchadmin.dll
6/17/2008 9:57:20 PM 274944 32 C:\Windows\System32\srrstr.dll
6/17/2008 9:57:24 PM 122880 32 C:\Windows\System32\srvsvc.dll
6/17/2008 9:56:30 PM 24064 32 C:\Windows\System32\srwmi.dll
6/17/2008 9:57:06 PM 8139264 32 C:\Windows\System32\ssBranded.scr
6/17/2008 9:56:57 PM 155648 32 C:\Windows\System32\ssdpsrv.dll
6/17/2008 9:57:50 PM 109056 32 C:\Windows\System32\SSShim.dll
6/17/2008 9:56:46 PM 294912 32 C:\Windows\System32\ssText3d.scr
6/17/2008 9:58:10 PM 116736 32 C:\Windows\System32\sstpsvc.dll
6/17/2008 9:56:34 PM 251904 32 C:\Windows\System32\sti_ci.dll
6/17/2008 9:57:03 PM 586752 32 C:\Windows\System32\stobject.dll
6/17/2008 9:57:17 PM 55808 32 C:\Windows\System32\Storprop.dll
6/17/2008 9:56:30 PM 100043 32 C:\Windows\System32\StructuredQuerySchema.bin
6/17/2008 9:56:57 PM 1224192 32 C:\Windows\System32\sud.dll
6/17/2008 9:56:46 PM 21504 32 C:\Windows\System32\svchost.exe
6/17/2008 9:57:47 PM 310784 32 C:\Windows\System32\swprv.dll
6/17/2008 9:56:33 PM 28160 32 C:\Windows\System32\sxproxy.dll
6/17/2008 9:57:17 PM 376832 32 C:\Windows\System32\sxs.dll
6/17/2008 9:56:28 PM 22016 32 C:\Windows\System32\sxsstore.dll
6/17/2008 9:56:42 PM 27136 32 C:\Windows\System32\sxstrace.exe
6/17/2008 9:56:58 PM 2204672 32 C:\Windows\System32\SyncCenter.dll
6/17/2008 9:57:26 PM 75776 32 C:\Windows\System32\synceng.dll
6/17/2008 9:56:46 PM 175616 32 C:\Windows\System32\syncui.dll
6/17/2008 9:57:18 PM 242688 32 C:\Windows\System32\sysdm.cpl
6/17/2008 9:56:44 PM 338944 32 C:\Windows\System32\SysFxUI.dll
6/17/2008 9:56:30 PM 27648 32 C:\Windows\System32\syskey.exe
6/17/2008 9:58:08 PM 574976 32 C:\Windows\System32\sysmain.dll
6/17/2008 9:56:57 PM 389632 32 C:\Windows\System32\sysmon.ocx
6/17/2008 9:56:54 PM 47104 32 C:\Windows\System32\syssetup.dll
6/17/2008 9:57:01 PM 842752 32 C:\Windows\System32\systemcpl.dll
6/17/2008 9:56:48 PM 76288 32 C:\Windows\System32\systeminfo.exe
6/17/2008 9:57:44 PM 132148 32 C:\Windows\System32\systemsf.ebd
6/17/2008 9:57:01 PM 155648 32 C:\Windows\System32\t2embed.dll
6/17/2008 9:56:29 PM 94208 32 C:\Windows\System32\Tabbtn.dll
6/17/2008 9:56:29 PM 52224 32 C:\Windows\System32\TabbtnEx.dll
6/17/2008 9:56:34 PM 61952 32 C:\Windows\System32\tabcal.exe
6/17/2008 9:56:47 PM 691200 32 C:\Windows\System32\TabletPC.cpl
6/17/2008 9:56:41 PM 51712 32 C:\Windows\System32\takeown.exe
6/17/2008 9:56:42 PM 98304 32 C:\Windows\System32\TapiMigPlugin.dll
6/17/2008 9:56:57 PM 242688 32 C:\Windows\System32\tapisrv.dll
6/17/2008 9:57:32 PM 270336 32 C:\Windows\System32\taskcomp.dll
6/17/2008 9:57:26 PM 169472 32 C:\Windows\System32\taskeng.exe
6/17/2008 9:56:46 PM 78848 32 C:\Windows\System32\taskkill.exe
6/17/2008 9:56:42 PM 80896 32 C:\Windows\System32\tasklist.exe
6/17/2008 9:56:45 PM 163840 32 C:\Windows\System32\taskmgr.exe
6/17/2008 9:57:33 PM 357376 32 C:\Windows\System32\taskschd.dll
6/17/2008 9:56:32 PM 11776 32 C:\Windows\System32\tbs.dll
6/17/2008 9:56:46 PM 56320 32 C:\Windows\System32\tbssvc.dll
6/17/2008 9:57:17 PM 170496 32 C:\Windows\System32\tcpipcfg.dll
6/17/2008 9:57:20 PM 135168 32 C:\Windows\System32\tcpmon.dll
6/17/2008 9:56:28 PM 60124 32 C:\Windows\System32\tcpmon.ini
6/17/2008 9:56:36 PM 66560 32 C:\Windows\System32\tdc.ocx
6/17/2008 9:57:25 PM 431104 32 C:\Windows\System32\tdh.dll
6/17/2008 9:56:57 PM 355328 32 C:\Windows\System32\termmgr.dll
6/17/2008 9:57:53 PM 448512 32 C:\Windows\System32\termsrv.dll
6/17/2008 9:57:35 PM 1152000 32 C:\Windows\System32\themecpl.dll
6/17/2008 9:56:55 PM 615424 32 C:\Windows\System32\themeui.dll
6/17/2008 9:57:41 PM 80384 32 C:\Windows\System32\thumbcache.dll
6/17/2008 9:56:56 PM 714240 32 C:\Windows\System32\timedate.cpl
6/17/2008 9:56:32 PM 43008 32 C:\Windows\System32\TimeDateMUICallback.dll
6/17/2008 9:57:32 PM 125952 32 C:\Windows\System32\tintlgnt.ime
6/17/2008 9:56:37 PM 1298432 32 C:\Windows\System32\TMM.dll
6/17/2008 9:56:34 PM 86528 32 C:\Windows\System32\TpmInit.exe
6/17/2008 9:57:55 PM 1505792 32 C:\Windows\System32\tquery.dll
6/17/2008 9:57:22 PM 337408 32 C:\Windows\System32\tracerpt.exe
6/17/2008 9:56:53 PM 75264 32 C:\Windows\System32\trkwks.dll
6/17/2008 9:56:36 PM 63488 32 C:\Windows\System32\tscupgrd.exe
6/17/2008 9:56:21 PM 14336 32 C:\Windows\System32\tsddd.dll
6/17/2008 9:57:30 PM 53248 32 C:\Windows\System32\tsgqec.dll
6/17/2008 9:57:05 PM 62464 32 C:\Windows\System32\TSpkg.dll
6/17/2008 9:56:35 PM 41984 32 C:\Windows\System32\TSTheme.exe
6/17/2008 9:57:56 PM 28672 32 C:\Windows\System32\TsWpfWrp.exe
6/17/2008 9:56:47 PM 89088 32 C:\Windows\System32\txflog.dll
6/17/2008 9:56:41 PM 10752 32 C:\Windows\System32\txfw32.dll
6/17/2008 9:56:32 PM 45568 32 C:\Windows\System32\ucsvc.exe
6/17/2008 9:57:30 PM 208384 32 C:\Windows\System32\uDWM.dll
6/17/2008 9:57:39 PM 56320 32 C:\Windows\System32\uexfat.dll
6/17/2008 9:56:33 PM 92672 32 C:\Windows\System32\ufat.dll
6/17/2008 9:56:36 PM 35840 32 C:\Windows\System32\UI0Detect.exe
6/17/2008 9:56:42 PM 152064 32 C:\Windows\System32\UIAutomationCore.dll
6/17/2008 9:56:45 PM 2588160 32 C:\Windows\System32\UIHub.dll
6/17/2008 9:56:53 PM 99840 32 C:\Windows\System32\ulib.dll
6/17/2008 9:57:16 PM 51712 32 C:\Windows\System32\umb.dll
6/17/2008 9:57:29 PM 221696 32 C:\Windows\System32\umpnpmgr.dll
6/17/2008 9:56:53 PM 201216 32 C:\Windows\System32\unattend.dll
6/17/2008 9:56:31 PM 28160 32 C:\Windows\System32\unattendedjoin.exe
6/17/2008 9:57:20 PM 736768 32 C:\Windows\System32\unbcl.dll
6/17/2008 9:56:41 PM 280064 32 C:\Windows\System32\unimdm.tsp
6/17/2008 9:56:54 PM 33792 32 C:\Windows\System32\unlodctr.exe
6/17/2008 9:56:36 PM 310784 32 C:\Windows\System32\unregmp2.exe
6/17/2008 9:57:39 PM 322560 32 C:\Windows\System32\untfs.dll
6/17/2008 9:56:45 PM 195584 32 C:\Windows\System32\upnp.dll
6/17/2008 9:56:30 PM 22528 32 C:\Windows\System32\upnpcont.exe
6/17/2008 9:57:01 PM 259072 32 C:\Windows\System32\upnphost.dll
6/17/2008 9:56:25 PM 105984 32 C:\Windows\System32\url.dll
6/17/2008 9:56:58 PM 34304 32 C:\Windows\System32\usbmon.dll
6/17/2008 9:56:27 PM 11264 32 C:\Windows\System32\usbperf.dll
6/17/2008 9:56:31 PM 83456 32 C:\Windows\System32\usbui.dll
6/17/2008 9:57:49 PM 627200 32 C:\Windows\System32\user32.dll
6/17/2008 9:56:48 PM 1123840 32 C:\Windows\System32\usercpl.dll
6/17/2008 9:57:16 PM 108032 32 C:\Windows\System32\userenv.dll
6/17/2008 9:56:42 PM 25088 32 C:\Windows\System32\userinit.exe
6/17/2008 9:57:44 PM 501760 32 C:\Windows\System32\usp10.dll
6/17/2008 9:56:34 PM 29696 32 C:\Windows\System32\utildll.dll
6/17/2008 9:56:53 PM 638976 32 C:\Windows\System32\Utilman.exe
6/17/2008 9:56:58 PM 130560 32 C:\Windows\System32\uudf.dll
6/17/2008 9:56:45 PM 28672 32 C:\Windows\System32\uxsms.dll
6/17/2008 9:57:25 PM 240128 32 C:\Windows\System32\uxtheme.dll
6/17/2008 9:57:16 PM 257024 32 C:\Windows\System32\VAN.dll
6/17/2008 9:56:47 PM 164864 32 C:\Windows\System32\VBICodec.ax
6/17/2008 9:56:27 PM 31232 32 C:\Windows\System32\vbisurf.ax
7/9/2008 12:22:53 PM 430080 32 C:\Windows\System32\vbscript.dll
6/17/2008 9:56:26 PM 17408 32 C:\Windows\System32\vdmdbg.dll
6/17/2008 9:56:34 PM 41984 32 C:\Windows\System32\vdmredir.dll
6/17/2008 9:57:55 PM 382976 32 C:\Windows\System32\vds.exe
6/17/2008 9:57:47 PM 152064 32 C:\Windows\System32\vdsbas.dll
6/17/2008 9:57:48 PM 507904 32 C:\Windows\System32\vdsdyn.dll
6/17/2008 9:56:55 PM 19968 32 C:\Windows\System32\vdsldr.exe
6/17/2008 9:57:41 PM 126976 32 C:\Windows\System32\vdsutil.dll
6/17/2008 9:56:34 PM 37888 32 C:\Windows\System32\vds_ps.dll
6/17/2008 9:56:50 PM 157696 32 C:\Windows\System32\verifier.dll
6/17/2008 9:56:56 PM 112640 32 C:\Windows\System32\verifier.exe
6/17/2008 9:56:37 PM 20480 32 C:\Windows\System32\version.dll
6/17/2008 9:56:30 PM 56832 32 C:\Windows\System32\vfwwdm32.dll
6/17/2008 9:56:20 PM 10752 32 C:\Windows\System32\vga.dll
6/17/2008 9:56:21 PM 56320 32 C:\Windows\System32\vga256.dll
6/17/2008 9:56:20 PM 21504 32 C:\Windows\System32\vga64k.dll
6/17/2008 9:56:31 PM 246272 32 C:\Windows\System32\VIDRESZR.DLL
6/17/2008 9:56:16 PM 599552 32 C:\Windows\System32\vsp1cln.exe
6/17/2008 9:56:58 PM 93696 32 C:\Windows\System32\vssadmin.exe
6/17/2008 9:58:08 PM 1076224 32 C:\Windows\System32\vssapi.dll
6/17/2008 9:57:18 PM 69120 32 C:\Windows\System32\vsstrace.dll
6/17/2008 9:58:07 PM 1054720 32 C:\Windows\System32\VSSVC.exe
6/17/2008 9:56:30 PM 26112 32 C:\Windows\System32\vss_ps.dll
6/17/2008 9:57:34 PM 282624 32 C:\Windows\System32\w32time.dll
6/17/2008 9:56:36 PM 65024 32 C:\Windows\System32\w32tm.exe
6/17/2008 9:56:34 PM 34816 32 C:\Windows\System32\waitfor.exe
6/17/2008 9:56:30 PM 46592 32 C:\Windows\System32\WavDest.dll
6/17/2008 9:56:33 PM 222720 32 C:\Windows\System32\wavemsp.dll
6/17/2008 9:55:53 PM 357888 32 C:\Windows\System32\wbemcomn.dll
6/17/2008 9:57:56 PM 412672 32 C:\Windows\System32\wcncsvc.dll
6/17/2008 9:57:53 PM 1532416 32 C:\Windows\System32\wcnwiz.dll
6/17/2008 9:57:18 PM 1020928 32 C:\Windows\System32\wdc.dll
6/17/2008 9:56:59 PM 73728 32 C:\Windows\System32\wdi.dll
6/17/2008 9:57:00 PM 168448 32 C:\Windows\System32\wdigest.dll
6/17/2008 9:57:03 PM 166912 32 C:\Windows\System32\wdmaud.drv
6/17/2008 9:55:43 PM 218624 32 C:\Windows\System32\wdscore.dll
6/17/2008 9:56:56 PM 233984 32 C:\Windows\System32\webcheck.dll
6/17/2008 9:57:35 PM 196608 32 C:\Windows\System32\WebClnt.dll
6/17/2008 9:57:20 PM 56320 32 C:\Windows\System32\wecapi.dll
6/17/2008 9:57:42 PM 145408 32 C:\Windows\System32\wecsvc.dll
6/17/2008 9:57:45 PM 163328 32 C:\Windows\System32\wecutil.exe
6/17/2008 9:57:48 PM 876032 32 C:\Windows\System32\wer.dll
6/17/2008 9:57:31 PM 1143296 32 C:\Windows\System32\wercon.exe
6/17/2008 9:56:49 PM 62976 32 C:\Windows\System32\wercplsupport.dll
6/17/2008 9:56:33 PM 30208 32 C:\Windows\System32\werdiagcontroller.dll
6/17/2008 9:57:16 PM 217088 32 C:\Windows\System32\WerFault.exe
6/17/2008 9:57:34 PM 860160 32 C:\Windows\System32\WerFaultSecure.exe
6/17/2008 9:56:52 PM 56320 32 C:\Windows\System32\wermgr.exe
6/17/2008 9:57:25 PM 125952 32 C:\Windows\System32\wersvc.dll
6/17/2008 9:56:20 PM 2048 32 C:\Windows\System32\wertargets.wtl
6/17/2008 9:57:40 PM 250368 32 C:\Windows\System32\wevtapi.dll
6/17/2008 9:57:39 PM 76288 32 C:\Windows\System32\wevtfwd.dll
6/17/2008 9:57:56 PM 1013760 32 C:\Windows\System32\wevtsvc.dll
6/17/2008 9:57:24 PM 163328 32 C:\Windows\System32\wevtutil.exe
6/17/2008 9:56:37 PM 64512 32 C:\Windows\System32\wextract.exe
6/17/2008 9:56:34 PM 17920 32 C:\Windows\System32\wfapigp.dll
6/17/2008 9:57:22 PM 175508 32 C:\Windows\System32\WFP.TMF
6/17/2008 9:57:39 PM 31232 32 C:\Windows\System32\whealogr.dll
6/17/2008 9:56:37 PM 88064 32 C:\Windows\System32\wiaacmgr.exe
6/17/2008 9:56:48 PM 547840 32 C:\Windows\System32\wiaaut.dll
6/17/2008 9:56:42 PM 415744 32 C:\Windows\System32\wiadefui.dll
6/17/2008 9:56:29 PM 112640 32 C:\Windows\System32\wiadss.dll
6/17/2008 9:56:30 PM 32768 32 C:\Windows\System32\wiarpc.dll
6/17/2008 9:56:49 PM 88064 32 C:\Windows\System32\wiascanprofiles.dll
6/17/2008 9:57:00 PM 452608 32 C:\Windows\System32\wiaservc.dll
6/17/2008 9:56:43 PM 443904 32 C:\Windows\System32\wiashext.dll
6/17/2008 9:57:35 PM 441344 32 C:\Windows\System32\win32spl.dll
6/17/2008 9:56:29 PM 218112 32 C:\Windows\System32\WindowsAnytimeUpgrade.exe
6/17/2008 9:57:50 PM 1524736 32 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
6/17/2008 9:57:22 PM 712192 32 C:\Windows\System32\WindowsCodecs.dll
6/17/2008 9:56:41 PM 346112 32 C:\Windows\System32\WindowsCodecsExt.dll
6/17/2008 9:56:41 PM 62464 32 C:\Windows\System32\winethc.dll
6/17/2008 9:56:59 PM 208384 32 C:\Windows\System32\WinFXDocObj.exe
6/17/2008 9:57:37 PM 376832 32 C:\Windows\System32\winhttp.dll
6/17/2008 9:57:21 PM 96768 32 C:\Windows\System32\wininit.exe
6/17/2008 9:56:25 PM 61440 32 C:\Windows\System32\winipsec.dll
6/17/2008 9:57:31 PM 314880 32 C:\Windows\System32\winlogon.exe
6/17/2008 9:57:27 PM 189952 32 C:\Windows\System32\winmm.dll
6/17/2008 9:56:31 PM 14848 32 C:\Windows\System32\winnsi.dll
6/17/2008 9:57:05 PM 195122 32 C:\Windows\System32\winrm.vbs
6/17/2008 9:57:11 PM 33792 32 C:\Windows\System32\winrs.exe
6/17/2008 9:58:09 PM 175104 32 C:\Windows\System32\winrscmd.dll
6/17/2008 9:56:42 PM 22016 32 C:\Windows\System32\winrshost.exe
6/17/2008 9:57:47 PM 215552 32 C:\Windows\System32\winrsmgr.dll
6/17/2008 9:57:41 PM 3216896 32 C:\Windows\System32\WinSAT.exe
6/17/2008 9:57:23 PM 383488 32 C:\Windows\System32\WinSATAPI.dll
6/17/2008 9:57:13 PM 115200 32 C:\Windows\System32\WinSCard.dll
6/17/2008 9:57:25 PM 258048 32 C:\Windows\System32\winspool.drv
6/17/2008 9:56:31 PM 16896 32 C:\Windows\System32\WINSRPC.DLL
6/17/2008 9:57:33 PM 375296 32 C:\Windows\System32\winsrv.dll
6/17/2008 9:57:32 PM 140800 32 C:\Windows\System32\winsta.dll
6/17/2008 9:56:55 PM 171520 32 C:\Windows\System32\wintrust.dll
6/17/2008 9:56:23 PM 16384 32 C:\Windows\System32\winusb.dll
6/17/2008 9:56:56 PM 244224 32 C:\Windows\System32\wisptis.exe
6/17/2008 9:57:24 PM 160256 32 C:\Windows\System32\wkssvc.dll
6/17/2008 9:58:00 PM 1675370 32 C:\Windows\System32\wlan.tmf
6/17/2008 9:57:23 PM 64512 32 C:\Windows\System32\wlanapi.dll
6/17/2008 9:57:24 PM 92160 32 C:\Windows\System32\wlancfg.dll
6/17/2008 9:57:17 PM 628224 32 C:\Windows\System32\WLanConn.dll
6/17/2008 9:56:58 PM 498688 32 C:\Windows\System32\wlandlg.dll
6/17/2008 9:56:44 PM 74240 32 C:\Windows\System32\wlanext.exe
6/17/2008 9:57:33 PM 399360 32 C:\Windows\System32\wlangpui.dll
6/17/2008 9:56:37 PM 120832 32 C:\Windows\System32\WLanHC.dll
6/17/2008 9:57:16 PM 68096 32 C:\Windows\System32\wlanhlp.dll
6/17/2008 9:57:17 PM 913408 32 C:\Windows\System32\WlanMM.dll
6/17/2008 9:56:29 PM 41472 32 C:\Windows\System32\WlanMmHC.dll
6/17/2008 9:57:24 PM 293376 32 C:\Windows\System32\wlanmsm.dll
6/17/2008 9:57:23 PM 1671680 32 C:\Windows\System32\wlanpref.dll
6/17/2008 9:57:31 PM 302592 32 C:\Windows\System32\wlansec.dll
6/17/2008 9:57:39 PM 513536 32 C:\Windows\System32\wlansvc.dll
6/17/2008 9:57:02 PM 202752 32 C:\Windows\System32\wlanui.dll
6/17/2008 9:57:30 PM 289280 32 C:\Windows\System32\Wldap32.dll
6/17/2008 9:57:02 PM 83456 32 C:\Windows\System32\wlgpclnt.dll
6/17/2008 9:57:23 PM 758784 32 C:\Windows\System32\WMADMOD.DLL
6/17/2008 9:56:37 PM 1118720 32 C:\Windows\System32\WMADMOE.DLL
6/17/2008 9:56:45 PM 223232 32 C:\Windows\System32\WMASF.DLL
6/17/2008 9:57:36 PM 418304 32 C:\Windows\System32\wmdrmdev.dll
6/17/2008 9:57:34 PM 347648 32 C:\Windows\System32\wmdrmnet.dll
6/17/2008 9:57:43 PM 533504 32 C:\Windows\System32\wmdrmsdk.dll
6/17/2008 9:57:28 PM 343040 32 C:\Windows\System32\wmicmiplugin.dll
6/17/2008 9:56:34 PM 154624 32 C:\Windows\System32\wmidx.dll
6/17/2008 9:56:41 PM 23040 32 C:\Windows\System32\wmiprop.dll
6/17/2008 9:57:03 PM 996352 32 C:\Windows\System32\WMNetMgr.dll
6/17/2008 9:57:54 PM 10620928 32 C:\Windows\System32\wmp.dll
6/17/2008 9:56:33 PM 22016 32 C:\Windows\System32\wmpcm.dll
6/17/2008 9:56:44 PM 310784 32 C:\Windows\System32\wmpdxm.dll
6/17/2008 9:56:49 PM 303616 32 C:\Windows\System32\wmpeffects.dll
6/17/2008 9:57:20 PM 1642496 32 C:\Windows\System32\WMPEncEn.dll
6/17/2008 9:56:54 PM 276992 32 C:\Windows\System32\WMPhoto.dll
6/17/2008 9:56:21 PM 8147456 32 C:\Windows\System32\wmploc.DLL
6/17/2008 9:57:41 PM 866816 32 C:\Windows\System32\wmpmde.dll
6/17/2008 9:56:36 PM 101376 32 C:\Windows\System32\wmpshell.dll
6/17/2008 9:56:43 PM 184320 32 C:\Windows\System32\wmpsrcwp.dll
6/17/2008 9:57:22 PM 604672 32 C:\Windows\System32\WMSPDMOD.DLL
6/17/2008 9:56:42 PM 1329152 32 C:\Windows\System32\WMSPDMOE.DLL
6/17/2008 9:57:35 PM 2386944 32 C:\Windows\System32\WMVCORE.DLL
6/17/2008 9:57:29 PM 1548288 32 C:\Windows\System32\WMVDECOD.DLL
6/17/2008 9:56:34 PM 153600 32 C:\Windows\System32\wmvdspa.dll
6/17/2008 9:56:49 PM 1575424 32 C:\Windows\System32\WMVENCOD.DLL
6/17/2008 9:57:26 PM 1382912 32 C:\Windows\System32\WMVSDECD.DLL
6/17/2008 9:56:43 PM 767488 32 C:\Windows\System32\WMVSENCD.DLL
6/17/2008 9:56:44 PM 657408 32 C:\Windows\System32\WMVXENCD.DLL
6/17/2008 9:57:04 PM 273920 32 C:\Windows\System32\wow32.dll
6/17/2008 9:57:00 PM 296960 32 C:\Windows\System32\Wpc.dll
6/17/2008 9:56:52 PM 532992 32 C:\Windows\System32\wpcao.dll
6/17/2008 9:56:55 PM 1580544 32 C:\Windows\System32\wpccpl.dll
6/17/2008 9:56:31 PM 72192 32 C:\Windows\System32\wpclsp.dll
6/17/2008 9:56:55 PM 140288 32 C:\Windows\System32\wpcsvc.dll
6/17/2008 9:56:41 PM 70144 32 C:\Windows\System32\wpdbusenum.dll
6/17/2008 9:57:18 PM 2537472 32 C:\Windows\System32\wpdshext.dll
6/17/2008 9:56:34 PM 30208 32 C:\Windows\System32\WPDShextAutoplay.exe
6/17/2008 9:56:49 PM 131584 32 C:\Windows\System32\WPDShServiceObj.dll
6/17/2008 9:56:49 PM 349184 32 C:\Windows\System32\WPDSp.dll
6/17/2008 9:56:42 PM 203776 32 C:\Windows\System32\wpdwcn.dll
6/17/2008 9:56:54 PM 613888 32 C:\Windows\System32\wpd_ci.dll
6/17/2008 9:56:33 PM 39424 32 C:\Windows\System32\wpnpinst.exe
6/17/2008 9:57:12 PM 179200 32 C:\Windows\System32\ws2_32.dll
6/17/2008 9:56:59 PM 33792 32 C:\Windows\System32\wscapi.dll
6/17/2008 9:57:26 PM 17408 32 C:\Windows\System32\wscisvif.dll
6/17/2008 9:56:42 PM 56320 32 C:\Windows\System32\wscmisetup.dll
6/17/2008 9:57:03 PM 224768 32 C:\Windows\System32\wscntfy.dll
6/17/2008 9:56:41 PM 9728 32 C:\Windows\System32\wscproxystub.dll
7/9/2008 12:22:52 PM 155648 32 C:\Windows\System32\wscript.exe
6/17/2008 9:57:26 PM 61440 32 C:\Windows\System32\wscsvc.dll
6/17/2008 9:57:23 PM 1689600 32 C:\Windows\System32\wscui.cpl
6/17/2008 9:57:48 PM 351232 32 C:\Windows\System32\WSDApi.dll
6/17/2008 9:57:39 PM 177664 32 C:\Windows\System32\WSDMon.dll
6/17/2008 9:57:22 PM 1295360 32 C:\Windows\System32\wsecedit.dll
6/17/2008 9:56:26 PM 27136 32 C:\Windows\System32\wsepno.dll
6/17/2008 9:56:28 PM 36864 32 C:\Windows\System32\wshcon.dll
7/9/2008 12:22:52 PM 90112 32 C:\Windows\System32\wshext.dll
6/17/2008 9:56:28 PM 9216 32 C:\Windows\System32\wship6.dll
7/9/2008 12:22:52 PM 135168 32 C:\Windows\System32\wshom.ocx
6/17/2008 9:56:28 PM 9216 32 C:\Windows\System32\WSHTCPIP.DLL
6/17/2008 9:56:53 PM 30720 32 C:\Windows\System32\WSManHTTPConfig.exe
6/17/2008 9:57:43 PM 188928 32 C:\Windows\System32\WSManMigrationPlugin.dll
6/17/2008 9:57:36 PM 123904 32 C:\Windows\System32\WsmAuto.dll
6/17/2008 9:56:34 PM 1536 32 C:\Windows\System32\WsmCl.dll
6/17/2008 9:57:17 PM 54784 32 C:\Windows\System32\WsmProv.dll
6/17/2008 9:56:28 PM 13312 32 C:\Windows\System32\WsmRes.dll
6/17/2008 9:58:09 PM 745472 32 C:\Windows\System32\WsmSvc.dll
6/17/2008 9:57:35 PM 175616 32 C:\Windows\System32\WsmWmiPl.dll
6/17/2008 9:56:34 PM 50688 32 C:\Windows\System32\wsnmp32.dll
6/17/2008 9:56:30 PM 15360 32 C:\Windows\System32\wsock32.dll
6/17/2008 9:57:23 PM 192000 32 C:\Windows\System32\wsqmcons.exe
6/17/2008 9:56:58 PM 169984 32 C:\Windows\System32\WSTPager.ax
6/17/2008 9:56:54 PM 26624 32 C:\Windows\System32\wtsapi32.dll
6/17/2008 9:57:51 PM 534016 32 C:\Windows\System32\wuapi.dll
6/17/2008 9:56:44 PM 31232 32 C:\Windows\System32\wuapp.exe
6/17/2008 9:56:48 PM 43008 32 C:\Windows\System32\wuauclt.exe
6/17/2008 9:58:10 PM 1695232 32 C:\Windows\System32\wuaueng.dll
6/17/2008 9:57:43 PM 1505280 32 C:\Windows\System32\wucltux.dll
6/17/2008 9:56:44 PM 87552 32 C:\Windows\System32\WUDFCoinstaller.dll
6/17/2008 9:57:16 PM 142336 32 C:\Windows\System32\WUDFHost.exe
6/17/2008 9:56:56 PM 181248 32 C:\Windows\System32\WUDFPlatform.dll
6/17/2008 9:56:43 PM 55296 32 C:\Windows\System32\WUDFSvc.dll
6/17/2008 9:57:24 PM 305152 32 C:\Windows\System32\WUDFx.dll
6/17/2008 9:57:04 PM 80384 32 C:\Windows\System32\wudriver.dll
6/17/2008 9:56:42 PM 23040 32 C:\Windows\System32\wups.dll
6/17/2008 9:56:52 PM 32768 32 C:\Windows\System32\wups2.dll
6/17/2008 9:57:16 PM 139776 32 C:\Windows\System32\wusa.exe
6/17/2008 9:57:24 PM 153088 32 C:\Windows\System32\wuwebv.dll
6/17/2008 9:57:05 PM 456704 32 C:\Windows\System32\wvc.dll
6/17/2008 9:56:43 PM 70144 32 C:\Windows\System32\wzcdlg.dll
6/17/2008 9:56:48 PM 95232 32 C:\Windows\System32\xactsrv.dll
6/17/2008 9:56:45 PM 36864 32 C:\Windows\System32\xcopy.exe
6/26/2008 4:10:46 PM 42320 32 C:\Windows\System32\xfcodec.dll
6/17/2008 9:56:53 PM 110592 32 C:\Windows\System32\xmlfilter.dll
6/17/2008 9:55:54 PM 183296 32 C:\Windows\System32\xmllite.dll
6/17/2008 9:56:32 PM 16384 32 C:\Windows\System32\xmlprovi.dll
6/17/2008 9:57:51 PM 38912 32 C:\Windows\System32\xolehlp.dll
6/17/2008 9:57:45 PM 574976 32 C:\Windows\System32\XPSSHHDR.dll
6/17/2008 9:58:01 PM 1675264 32 C:\Windows\System32\xpssvcs.dll
6/17/2008 9:56:48 PM 296448 32 C:\Windows\System32\xwizards.dll
6/17/2008 9:56:43 PM 95744 32 C:\Windows\System32\xwtpw32.dll
6/17/2008 9:57:36 PM 342016 32 C:\Windows\System32\zipfldr.dll

========= Temp Files Deleted ========

C:\Users\Ryan\AppData\Local\Temp\92194ff5-e0e9-4411-a7a9-4c9e79046d14.cab
C:\Users\Ryan\AppData\Local\Temp\browserview-3ee2b54.htm
C:\Users\Ryan\AppData\Local\Temp\browserview-3eee328.htm
C:\Users\Ryan\AppData\Local\Temp\browserview-3f71c64.htm
C:\Users\Ryan\AppData\Local\Temp\CC_Check.exe
C:\Users\Ryan\AppData\Local\Temp\CheckCfgWizCompleted.exe
C:\Users\Ryan\AppData\Local\Temp\CheckLicenseAttrib.exe
C:\Users\Ryan\AppData\Local\Temp\CreateKeyVal.exe
C:\Users\Ryan\AppData\Local\Temp\CreateMSKeyVal.exe
C:\Users\Ryan\AppData\Local\Temp\IView.exe
C:\Users\Ryan\AppData\Local\Temp\Ryan.bmp
C:\Users\Ryan\AppData\Local\Temp\System_Restore.exe

12 Files deleted


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:40:12 PM, on 7/16/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\hp\kbd\kbd.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
O16 - DPF: {4E73C07D-0A23-42DF-9E32-BBBB027D869A} - http://client2.tvtonic.com/install/3.2/install.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9030 bytes

#7 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 16 July 2008 - 04:19 PM

Ryan706

Looks good, just one minor file to remove.

Did you run Combofix on this PC?

Using Windows ExplorerRt Click the Start Buttton (The Vista Icon) ->> Explore, and you will see the "tree' of file folders in the left side of the window.
Click on the ">" next to any folder name to expand its contents
Locate and Delete the following fileC:\Windows\System32\hljwugsf.bin
Note: Vista sometimes likes to hide the System32 folder so if you dont see it in the tree of folders on the left just copy and paste C:\Windows\System32 into the explorer browser bar
Note Also The file names in Vista are arranged in columns in the folders, so the file names will appear in one column and the file extension will be listed under the file type column.
Examplehljwugsf will appear in the name column and .bin will appear in the type column
Close Windows Explorer ->> Reboot your PC.

And give me an update on how your PC is running now
Posted Image
Microsoft MVP - Windows Security

#8 Ryan706

Ryan706
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 17 July 2008 - 06:15 PM

So far, so good. Thank you so much for all your help. There should be more people like you. I will highly recommend this site to people in need. Thanks again!

#9 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 July 2008 - 08:34 AM

Ryan706

You are most welcome. Glad we could help

You may now remove/delete/uninstall the tools we used to clean your PC

Now that your log is clean

There are some final notes:

Lets create a clean System Restore point

Click Start (the Vista icon) ->> All Programs ->> Accessories ->> System Tools ->> System Restore

The System restore Window will open. Select Open System Protection

Another window will open Hilite The C:\ Drive in the window

Then Select Create. Yet another window will open type in todays date 05262008 (or what ever you would like to remind you of this Restore Point) in the Create a restore point window. Then Select Create. Windows will create a restore point.
Once done you will receive notification that a System Restore point has been Created.
Close all the open widows and you are done.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:Download the latest version of
Java Runtime Environment (JRE) 6.u6.
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u6-windowsi586-p.exe to install the newest version.
Update your Anti Virus Software

Visit Microsoft's Windows Update Site Frequently for critical updates

Backup your Important Documents and Files on a regular basisTo a disc or a USB key, not your Hardrive
You may want to read this article"So how did I get infected in the first place" by Tony Klein

surf safe
Posted Image
Microsoft MVP - Windows Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users