Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Downloader.zlob, various other malware! HJT inside.


  • Please log in to reply
24 replies to this topic

#1 redliner00

redliner00

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 26 October 2008 - 12:18 AM

Basically had a minor pre-existing virus, then someone used Limewire and downloaded an .exe file, and now the computer will not run in normal mode. Any ideas? I have tried running SpyBot, and HouseCall, and have to use selective startup to run the computer.

HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:45:25, on 1/1/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local
R3 - URLSearchHook: (no name) - {7EBBB9C7-C28D-9CCB-C22E-B59D5895B547} - backd.dll (file missing)
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxby.exe] C:\WINDOWS\system32\kdxby.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [f07e3c7e] rundll32.exe "C:\WINDOWS\system32\ussbxjcf.dll",b
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MySpaceIM] "C:\Program Files\MySpace\IM\MySpaceIM.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8387] command /c del "C:\WINDOWS\system32\kdxby.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6152] cmd /c del "C:\WINDOWS\system32\kdxby.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5C32347-9F98-4DB6-89F4-C6CA4EFD1244}: NameServer = 85.255.112.110;85.255.112.172
O20 - AppInit_DLLs: osizxq.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9544 bytes

BC AdBot (Login to Remove)

 


#2 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 26 October 2008 - 12:38 PM

anyone?

#3 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 26 October 2008 - 04:02 PM

Hello redliner00

Welcome to BleepingComputer :thumbsup:
========================
Before running a new scan let's clean out the temporary folders.

Download ATF Cleaner to your Desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:
  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:
  • Click Opera at the top and choose Select All from the list.
  • Close ALL Internet browsers (very important).
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
===========================================
Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  • In the Drivers section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - BotCheck
      File - Additional Folder Scans
      FIle - Lop check
      File - Purity Scan
      Under Basic scans:
      Rootkit Search -Yes
      Drivers -Non Microsoft
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Attach the information back here. I will review it when it comes in.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#4 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 27 October 2008 - 01:35 PM

Here it is (performed under Admin):

OTScanIt logfile created on: 10/19/2008 9:47:50 PM
OTScanIt by OldTimer - Version 1.0.19.0	 Folder = C:\Downloads\OTScanIt
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
511.36 Mb Total Physical Memory | 249.60 Mb Available Physical Memory | 48.81% Memory free
1.17 Gb Paging File | 1.01 Gb Available in Paging File | 85.98% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 21.83 Gb Free Space | 27.94% Space Free | Partition Type: NTFS
Drive D: | 36.36 Gb Total Space | 20.02 Gb Free Space | 55.06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STEVE-D2413BD9C
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Whitelist: On

[Processes - Non-Microsoft Only]
vsmon.exe -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 75304 bytes | Modified Date = 7/9/2008 9:05:18 AM | Attr =	]

[Win32 Services - Non-Microsoft Only]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 1/16/2006 11:51:27 PM | Attr =	]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Disabled | Stopped] -> %SystemRoot%\system32\ati2evxx.exe ->  [Ver =  | Size = 57344 bytes | Modified Date = 11/30/2000 1:30:40 PM | Attr =	]
(Macromedia Licensing Service) Macromedia Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macromedia Shared\Service\Macromedia Licensing.exe ->  [Ver = 2.42.000 | Size = 68096 bytes | Modified Date = 7/1/2005 10:06:01 PM | Attr =	]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 75304 bytes | Modified Date = 7/9/2008 9:05:18 AM | Attr =	]

[Driver Services - Non-Microsoft Only]
(Aspi32) Aspi32 [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\ASPI32.SYS -> Adaptec [Ver = 4.71 (0002) built by: WinDDK | Size = 16512 bytes | Modified Date = 7/16/2004 1:24:34 AM | Attr =	]
(Asushwio) Asushwio [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ASUSHWIO.SYS ->  [Ver =  | Size = 5824 bytes | Modified Date = 3/27/2003 12:48:27 AM | Attr =	]
(catchme) catchme [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\steve\LOCALS~1\Temp\catchme.sys -> File not found
(d347bus) d347bus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\d347bus.sys ->   [Ver = 3.47.0.0 built by: WinDDK | Size = 155136 bytes | Modified Date = 8/22/2004 5:31:10 PM | Attr =	]
(d347prt) d347prt [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\d347prt.sys ->   [Ver = 3.47.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 8/22/2004 5:31:48 PM | Attr =	]
(KLIF) KLIF [File_System | System | Stopped] -> %SystemRoot%\system32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.122 | Size = 127768 bytes | Modified Date = 7/19/2007 3:10:28 PM | Attr =	]
(Pcouffin) Low level access layer for CD devices [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Pcouffin.sys -> VSO Software [Ver = 1.35 | Size = 47360 bytes | Modified Date = 5/27/2006 4:57:08 PM | Attr =	]
(srescan) srescan [Kernel | Boot | Stopped] -> %SystemRoot%\system32\ZoneLabs\srescan.sys -> Zone Labs, LLC [Ver = 5, 0, 189, 0 | Size = 51176 bytes | Modified Date = 2/27/2008 3:10:44 AM | Attr =	]
(SSKBFD) Webroot Spy Sweeper Keylogger Shield Keyboard Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sskbfd.sys -> Webroot Software Inc (www.webroot.com) [Ver = 3.2.3.2132 | Size = 15360 bytes | Modified Date = 11/17/2006 5:05:50 PM | Attr =	]
(vsdatant) vsdatant [Kernel | System | Running] -> %SystemRoot%\system32\vsdatant.sys -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 394952 bytes | Modified Date = 7/9/2008 9:05:22 AM | Attr =	]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 39792 bytes | Modified Date = 1/11/2008 10:16:38 PM | Attr =	]
Adobe Version Cue CS2 -> %ProgramFiles%\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe ["c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"] -> Adobe Sytems Incorporated [Ver = 2, 0, 0, 0 | Size = 856064 bytes | Modified Date = 4/4/2005 7:58:30 PM | Attr =	]
C:\WINDOWS\system32\kdxby.exe -> %SystemRoot%\system32\kdxby.exe [C:\WINDOWS\system32\kdxby.exe] -> File not found
f07e3c7e -> %SystemRoot%\system32\dyiadurq.dll [rundll32.exe "C:\WINDOWS\system32\dyiadurq.dll",b] ->  [Ver =  | Size = 69120 bytes | Modified Date = 10/19/2008 9:44:18 PM | Attr =	]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\hpwuSchd2.exe ["C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"] -> Hewlett-Packard Company [Ver = 5, 0, 0, 0 | Size = 49152 bytes | Modified Date = 9/13/2004 4:49:00 PM | Attr =	]
InCD -> %ProgramFiles%\Ahead\InCD\InCD.exe [C:\Program Files\Ahead\InCD\InCD.exe] -> Ahead Software AG [Ver = 4, 2, 12, 1 | Size = 1400944 bytes | Modified Date = 9/7/2004 6:25:58 AM | Attr =	]
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 8.0.1.11 | Size = 289576 bytes | Modified Date = 10/1/2008 6:57:12 PM | Attr =	]
KernelFaultCheck ->  [%systemroot%\system32\dumprep 0 -k] -> File not found
NeroFilterCheck -> %SystemRoot%\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 12:50:42 PM | Attr =	]
NvCplDaemon -> %SystemRoot%\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 4841472 bytes | Modified Date = 7/28/2003 3:19:00 PM | Attr =	]
nwiz -> %SystemRoot%\system32\nwiz.exe [nwiz.exe /install] -> NVIDIA Corporation [Ver = 6.14.10.4523 | Size = 323584 bytes | Modified Date = 7/28/2003 3:19:00 PM | Attr =	]
QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> Apple Inc. [Ver = 7.5.5 (990.7) | Size = 413696 bytes | Modified Date = 9/6/2008 3:09:14 PM | Attr =	]
RemoteControl -> %ProgramFiles%\CyberLink DVD Solution\PowerDVD\PDVDServ.exe ["C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"] -> Cyberlink Corp. [Ver = 5.00.0000 | Size = 32768 bytes | Modified Date = 12/8/2003 6:35:14 PM | Attr =	]
SpySweeper -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeperUI.exe ["C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray] -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_02\bin\jusched.exe [C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe] -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 36975 bytes | Modified Date = 3/4/2005 3:36:46 AM | Attr =	]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> RealNetworks, Inc. [Ver = 0.1.0.3249 | Size = 180269 bytes | Modified Date = 3/31/2005 3:11:20 PM | Attr =	]
ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"] -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 919016 bytes | Modified Date = 7/9/2008 9:05:20 AM | Attr =	]
< Administrator.STEVE-D2413BD9C.000 Startup Folder > -> C:\Documents and Settings\Administrator.STEVE-D2413BD9C.000\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 3:06:48 PM | Attr =	]
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 3:06:48 PM | Attr =	]
%AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> Hewlett-Packard Co. [Ver = 45.4.157.000 | Size = 258048 bytes | Modified Date = 11/4/2004 8:28:24 PM | Attr =	]
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> 
cjkhab.dll -> %SystemRoot%\system32\cjkhab.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/19/2008 9:41:19 PM | Attr =	]
*MultiFile Done* -> -> 
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 1033728 bytes | Modified Date = 4/13/2008 5:12:19 PM | Attr =	]
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 26112 bytes | Modified Date = 4/13/2008 5:12:38 PM | Attr =	]
*MultiFile Done* -> -> 
*UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> 
logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 514560 bytes | Modified Date = 4/13/2008 5:12:24 PM | Attr =	]
*MultiFile Done* -> -> 
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> 
rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.5512 (xpsp.080413-2105) | Size = 8461312 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr =	]
Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2105) | Size = 300544 bytes | Modified Date = 4/13/2008 5:12:41 PM | Attr =	]
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
winjvd32 ->  -> File not found
WRNotifier -> %SystemRoot%\system32\WRLogonNtf.dll -> Webroot Software, Inc. [Ver = 3,2,3,2132 | Size = 209408 bytes | Modified Date = 11/17/2006 5:14:14 PM | Attr =	]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> 
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> 
Reg Error: Key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ not found. -> -> 
< CDROM Autorun Setting > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> ->
*DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> 
SCSI miniport ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2108) | Size = 62976 bytes | Modified Date = 4/13/2008 11:40:46 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> 
*AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> 
NEC	 MBR-7	->  -> File not found
NEC	 MBR-7.4  ->  -> File not found
PIONEER CHANGR DRM-1804X ->  -> File not found
PIONEER CD-ROM DRM-6324X ->  -> File not found
PIONEER CD-ROM DRM-624X  ->  -> File not found
TORiSAN CD-ROM CDR_C36 ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> 
< Drives with AutoRun files > ->  -> 
AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] ->  [Ver =  | Size = 0 bytes | Modified Date = 3/23/2005 9:37:59 PM | Attr =	]
autorun.inf [[autorun] | shellexecute="resycled\boot.com d:" | shell\Open\command="resycled\boot.com d:" | shell=Open | ] -> D:\autorun.inf [ NTFS ] ->  [Ver =  | Size = 103 bytes | Modified Date = 10/20/2008 1:37:41 PM | Attr = RHS]
< HOSTS File > (264263 bytes and 9193 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
First 25 entries...
127.0.0.1 localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	123topsearch.com
127.0.0.1	www.123topsearch.com
127.0.0.1	132.com
127.0.0.1	www.132.com
127.0.0.1	www.136136.net
127.0.0.1	136136.net
127.0.0.1	163ns.com
127.0.0.1	www.163ns.com
127.0.0.1	171203.com
127.0.0.1	17-plus.com
127.0.0.1	1800searchonline.com
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> 
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\Local Page -> C:\windows\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\Search Bar -> http://search.msn.com/spbasic.htm -> 
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.g2ic.com/ -> 
HKEY_CURRENT_USER\: ProxyEnable -> 0 -> 
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4864 domain(s) found. -> 
46 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4863 domain(s) found. -> 
45 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{016F259A-49AE-4EE1-B16F-2AE22EBFCC0c} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\pbqyikbb.dll [Reg Error: Value  does not exist or could not be read.] -> File not found
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{0ED6940B-9AB9-4683-80E6-12A8C69B0F6A} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\hgGwxXNf.dll [Reg Error: Value  does not exist or could not be read.] ->  [Ver =  | Size = 243712 bytes | Modified Date = 1/1/2002 12:09:04 AM | Attr =	]
{3852605a-fc7d-4380-9f38-9faf80508f6a} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\cjkhab.dll [Reg Error: Value  does not exist or could not be read.] ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/19/2008 9:41:19 PM | Attr =	]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 6, 2, 14 | Size = 1562960 bytes | Modified Date = 9/15/2008 2:25:44 PM | Attr = RHS]
{FBAA6233-7C65-4896-9F96-C0BD2BFA010C} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\pmnli.dll [Reg Error: Value  does not exist or could not be read.] -> File not found
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> 
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [ZoneAlarm Spy Blocker] -> ZoneAlarm [Ver = 2, 3, 0, 11 | Size = 262144 bytes | Modified Date = 10/23/2008 10:20:31 PM | Attr =	]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_02\bin\NPJPI150_02.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 69746 bytes | Modified Date = 3/4/2005 3:54:17 AM | Attr =	]
{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}:Exec -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> File not found
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [BitComet] -> File not found
{d9288080-1baa-4bc4-9cf8-a92d743db949}:Exec -> %SystemDrive%\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 2, 14 | Size = 1562960 bytes | Modified Date = 9/15/2008 2:25:44 PM | Attr = RHS]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_02\bin\NPJPI150_02.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.20.9 | Size = 69746 bytes | Modified Date = 3/4/2005 3:54:17 AM | Attr =	]
CmdMapping\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\PartyGaming\PartyPoker\RunApp.exe [PartyPoker.com] -> File not found
CmdMapping\\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} [HKEY_LOCAL_MACHINE] ->  [BitComet] -> File not found
CmdMapping\\{d9288080-1baa-4bc4-9cf8-a92d743db949} [HKEY_LOCAL_MACHINE] -> %SystemDrive%\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk [Run IMVU] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 6, 2, 14 | Size = 1562960 bytes | Modified Date = 9/15/2008 2:25:44 PM | Attr = RHS]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> 
SV1 ->  -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{5C7D86D4-6F27-42B4-A821-7495351F36AC} ->	() -> 
{D5C32347-9F98-4DB6-89F4-C6CA4EFD1244} -> 85.255.112.110;85.255.112.172   (NVIDIA nForce MCP Networking Adapter) -> 
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,5,11 | Size = 147456 bytes | Modified Date = 8/29/2008 9:53:50 AM | Attr =	]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{1F2F4C9E-6F09-47BC-970D-3C54734667FE}[HKEY_LOCAL_MACHINE] -> https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab[Reg Error: Key does not exist or could not be opened.] -> 
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}[HKEY_LOCAL_MACHINE] -> http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab[Symantec AntiVirus scanner] -> 
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\Yinsthelper.dll[Installation Support] -> 
{3451DEDE-631F-421C-8127-FD793AFC6CC8}[HKEY_LOCAL_MACHINE] -> https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab[Reg Error: Key does not exist or could not be opened.] -> 
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}[HKEY_LOCAL_MACHINE] -> http://office.microsoft.com/officeupdate/content/opuc2.cab[Office Update Installation Engine] -> 
{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}[HKEY_LOCAL_MACHINE] -> http://dl.tvunetworks.com/TVUAx.cab[CTVUAxCtrl Object] -> 
{44990200-3C9D-426D-81DF-AAB636FA4345}[HKEY_LOCAL_MACHINE] -> https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab[Reg Error: Key does not exist or could not be opened.] -> 
{44990301-3C9D-426D-81DF-AAB636FA4345}[HKEY_LOCAL_MACHINE] -> https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab[Reg Error: Key does not exist or could not be opened.] -> 
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}[HKEY_LOCAL_MACHINE] -> http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab[MSN Photo Upload Tool] -> 
{644E432F-49D3-41A1-8DD5-E099162EEEC5}[HKEY_LOCAL_MACHINE] -> http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[Symantec RuFSI Utility Class] -> 
{6A344D34-5231-452A-8A57-D064AC9B7862}[HKEY_LOCAL_MACHINE] -> https://webdl.symantec.com/activex/symdlmgr.cab[Symantec Download Manager] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab[Java Plug-in 1.5.0_02] -> 
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab[MessengerStatsClient Class] -> 
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> 
{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab[Java Plug-in 1.5.0_01] -> 
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab[Java Plug-in 1.5.0_02] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> 
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}[HKEY_LOCAL_MACHINE] -> http://chat.msn.com/bin/msnchat45.cab[MSN Chat Control 4.5] -> 
< Module Usage Keys [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniff.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniff.dll\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniff.dll\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniffdlgs.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniffdlgs.dll\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/avsniffdlgs.dll\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/AXXPEE.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/AXXPEE.dll\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/AXXPEE.dll\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ecmldr32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ecmldr32.dll\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ecmldr32.dll\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\\.Owner -> {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/LSSupCtl.dll\\{1F2F4C9E-6F09-47BC-970D-3C54734667FE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\\.Owner -> {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/messengerstatsclient.dll\\{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\.Owner -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MessengerStatsPAClient.dll\\{C3F79A2B-B9B4-4A66-B012-3EE46475B072} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\\.Owner -> {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MSNChat45.ocx\\{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MsnPUpld.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi.vxd\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi.vxd\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi.vxd\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi32.dll\\.Owner -> {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/navapi32.dll\\{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\.Owner -> {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/PURen-us.dll\\{4F1E5B1A-2A80-42CA-8532-2D05CB959537} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\\.Owner -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/rufsi.dll\\{644E432F-49D3-41A1-8DD5-E099162EEEC5} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\\.Owner -> {3451DEDE-631F-421C-8127-FD793AFC6CC8} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SymAData.dll\\{3451DEDE-631F-421C-8127-FD793AFC6CC8} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/symdlmgr.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/symdlmgr.dll\\.Owner -> {6A344D34-5231-452A-8A57-D064AC9B7862} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/symdlmgr.dll\\{6A344D34-5231-452A-8A57-D064AC9B7862} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\\.Owner -> {44990200-3C9D-426D-81DF-AAB636FA4345} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsi.dll\\{44990200-3C9D-426D-81DF-AAB636FA4345} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\.Owner -> {44990301-3C9D-426D-81DF-AAB636FA4345} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/tgctlsr.dll\\{44990301-3C9D-426D-81DF-AAB636FA4345} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/TVUAx.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/TVUAx.dll\\.Owner -> {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/TVUAx.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/opuc.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/opuc.dll\\.Owner -> {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/opuc.dll\\{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\\Createshare2 -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/danim.dll\\.Owner -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\\Createshare2 -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ddrawex.dll\\.Owner -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libcurl.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libcurl.dll\\.Owner -> {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libcurl.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libeay32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libeay32.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libeay32.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libexpatw.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libexpatw.dll\\.Owner -> {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/libexpatw.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp71.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp71.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcp71.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcr71.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcr71.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/msvcr71.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\\Createshare2 -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/quartz.dll\\.Owner -> Createshare2 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ssleay32.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ssleay32.dll\\.Owner -> Unknown Owner -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/ssleay32.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/zlib1.dll\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/zlib1.dll\\.Owner -> {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/zlib1.dll\\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} ->  -> 


[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\NONREDIST\\System.EnterpriseServices.Thunk.dll ->  -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\\DisableMonitoring -> 1 -> 
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> 
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 132608 bytes | Modified Date = 4/13/2008 5:12:00 PM | Attr =	]
C:\WINDOWS\system32\hgGwxXNf -> %SystemRoot%\system32\hgGwxXNf.dll ->  [Ver =  | Size = 243712 bytes | Modified Date = 1/1/2002 12:09:04 AM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> 0  [binary data] -> 
*Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 
kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 299520 bytes | Modified Date = 4/13/2008 5:11:56 PM | Attr =	]
msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 132608 bytes | Modified Date = 4/13/2008 5:12:00 PM | Attr =	]
schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 144384 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr =	]
wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 49152 bytes | Modified Date = 4/13/2008 5:12:08 PM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 920 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing ->  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> 
*Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> 
scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 181248 bytes | Modified Date = 4/13/2008 5:12:05 PM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> 
*ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> 
Windows NT Access Provider ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> %SystemRoot%\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2113) | Size = 118784 bytes | Modified Date = 4/13/2008 5:12:02 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> 8C 56 24 E3 45 58 E1 04 07 22 F9 DC 8F 10 C4 74 38 34 31 64 66 32 34 32 00 FD 07 00 69 46 00 00 34 FA 07 00 56 82 7C 75 20 FA 07 00 40 FD 07 00 4C FD 07 00 37 6E 1B 6C 6E 89 1D 92 F6 A3 62 84  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> 5A E3 15 EC DA 55 18 E6 DF  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> 88 34 64 0D 27 42  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\Auth132 -> %SystemRoot%\system32\iissuba.dll [IISSUBA] -> Microsoft Corporation [Ver = 6.0.2600.0 (xpclient.010817-1148) | Size = 9216 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminclientsec -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\\ntlmminserversec -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> 35 8C FD 26 7A 8A 65 D7 56 F2 85 A7 B1 88 C8 4B  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> C4 93 93 35 E7 27 C9 01  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> 00 54 CF 23 C4 9D C8 01  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> 00 DB 62 27 C4 9D C8 01  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> 00 08 94 28 C4 9D C8 01  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup ->  -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 14336 bytes | Modified Date = 4/13/2008 5:12:36 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 257 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 331264 bytes | Modified Date = 4/13/2008 5:11:55 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 141312 bytes | Modified Date = 4/13/2008 5:12:34 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 10/18/2007 12:34:02 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 558080 bytes | Modified Date = 4/13/2008 11:53:32 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %SystemRoot%\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 141312 bytes | Modified Date = 4/13/2008 5:12:34 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\eDonkey2000\edonkey2000.exe -> %ProgramFiles%\eDonkey2000\edonkey2000.exe [C:\Program Files\eDonkey2000\edonkey2000.exe:*:Enabled:edonkey2000] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YPager.exe -> %ProgramFiles%\Yahoo!\Messenger\YPager.exe [C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YServer.exe -> %ProgramFiles%\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> Yahoo! Inc. [Ver = 3, 0, 0, 1 | Size = 91376 bytes | Modified Date = 8/30/2007 5:43:18 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 10/18/2007 12:34:02 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> %SystemRoot%\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 558080 bytes | Modified Date = 4/13/2008 11:53:32 AM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP -> 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\5900:TCP -> 5900:TCP:*:Enabled:VNC -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{5C7D86D4-6F27-42B4-A821-7495351F36AC} -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{D5C32347-9F98-4DB6-89F4-C6CA4EFD1244} -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 4 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %SystemRoot%\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 14336 bytes | Modified Date = 4/13/2008 5:12:36 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> %SystemRoot%\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.5512 (xpsp.080413-0852) | Size = 6656 bytes | Modified Date = 4/13/2008 5:12:11 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Description -> Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. -> 
*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DependOnService -> 
RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2108) | Size = 399360 bytes | Modified Date = 4/13/2008 5:12:04 PM | Attr =	]
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\DisplayName -> Remote Registry -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ImagePath -> %SystemRoot%\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k LocalService] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 14336 bytes | Modified Date = 4/13/2008 5:12:36 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\ObjectName -> NT AUTHORITY\LocalService -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Group ->  -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Start -> 2 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\Type -> 32 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\\FailureActions -> 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 E0 AD 08 00 01 00 00 00 E8 03 00 00  [binary data] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Parameters\\ServiceDll -> %SystemRoot%\system32\regsvc.dll [%SystemRoot%\system32\regsvc.dll] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2111) | Size = 59904 bytes | Modified Date = 4/13/2008 5:12:04 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security\\Security -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\0 -> Root\LEGACY_REMOTEREGISTRY\0000 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\Count -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Enum\\NextInstance -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Type -> 16 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Start -> 4 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ErrorControl -> 1 -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ImagePath -> %SystemRoot%\system32\tlntsvr.exe [C:\WINDOWS\system32\tlntsvr.exe] -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-0852) | Size = 73216 bytes | Modified Date = 4/13/2008 5:12:38 PM | Attr =	]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DisplayName -> Telnet -> 
*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnService -> 
RPCSS -> %SystemRoot%\system32\rpcss.dll -> Microsoft Corporation [Ver = 5.1.2600.5512 (xpsp.080413-2108) | Size = 399360 bytes | Modified Date = 4/13/2008 5:12:04 PM | Attr =	]
TCPIP ->  -> File not found
NTLMSSP ->  -> File not found
*MultiFile Done* -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\DependOnGroup ->  -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\ObjectName -> LocalSystem -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\\Description -> Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\ -> -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\Security\\Security -> [Binary data over 100 bytes] -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> 


[Files/Folders - Created Within 30 days]
klif.sys -> %SystemRoot%\System32\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.122 | Size = 127768 bytes | Created Date = 10/23/2008 10:11:42 PM | Attr =	]
NAV -> %SystemRoot%\System32\drivers\NAV ->  [Folder | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
1000000.07D -> %SystemRoot%\System32\drivers\NAV\1000000.07D ->  [Folder | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
BHDrvx86.CAT -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.CAT ->  [Ver =  | Size = 10613 bytes | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
BHDrvx86.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.inf ->  [Ver =  | Size = 641 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
Cat.DB -> %SystemRoot%\System32\drivers\NAV\1000000.07D\Cat.DB ->  [Ver =  | Size = 607034 bytes | Created Date = 10/21/2008 11:04:25 PM | Attr =	]
isolate.ini -> %SystemRoot%\System32\drivers\NAV\1000000.07D\isolate.ini ->  [Ver =  | Size = 172 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
srtsp.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.cat ->  [Ver =  | Size = 10617 bytes | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
srtsp.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.inf ->  [Ver =  | Size = 1383 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
srtspx.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.cat ->  [Ver =  | Size = 10621 bytes | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
srtspx.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.inf ->  [Ver =  | Size = 1389 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
SymEFA.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.cat ->  [Ver =  | Size = 10659 bytes | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
SymEFA.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.inf ->  [Ver =  | Size = 3375 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
SymNet.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.cat ->  [Ver =  | Size = 13089 bytes | Created Date = 10/21/2008 10:53:37 PM | Attr =	]
SymNet.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.inf ->  [Ver =  | Size = 1611 bytes | Created Date = 10/21/2008 10:53:50 PM | Attr =	]
SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT ->  [Ver =  | Size = 10635 bytes | Created Date = 10/21/2008 10:55:08 PM | Attr =	]
SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF ->  [Ver =  | Size = 806 bytes | Created Date = 10/21/2008 10:55:08 PM | Attr =	]
aasoyf -> %SystemRoot%\System32\aasoyf ->  [Ver =  | Size = 25 bytes | Created Date = 10/18/2008 2:57:04 PM | Attr =	]
awgqiqxe.ini -> %SystemRoot%\System32\awgqiqxe.ini ->  [Ver =  | Size = 1408331 bytes | Created Date = 10/24/2008 9:32:20 PM | Attr =  HS]
bits -> %SystemRoot%\System32\bits ->  [Folder | Created Date = 10/6/2008 10:53:55 AM | Attr =	]
2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
cbpwkbjb.dll -> %SystemRoot%\System32\cbpwkbjb.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/20/2008 8:36:43 PM | Attr =	]
celaso -> %SystemRoot%\System32\celaso ->  [Ver =  | Size = 23 bytes | Created Date = 9/20/2008 12:31:52 PM | Attr =	]
cjkhab.dll -> %SystemRoot%\System32\cjkhab.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/19/2008 9:41:20 PM | Attr =	]
dbvwluut.ini -> %SystemRoot%\System32\dbvwluut.ini ->  [Ver =  | Size = 1372446 bytes | Created Date = 10/22/2008 10:23:26 PM | Attr =  HS]
dndiuo.dll -> %SystemRoot%\System32\dndiuo.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/20/2008 11:18:07 PM | Attr =	]
dsuctpsb.dll -> %SystemRoot%\System32\dsuctpsb.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/20/2008 11:18:04 PM | Attr =	]
dybdjbhh.exe -> %SystemRoot%\System32\dybdjbhh.exe ->  [Ver =  | Size = 2048 bytes | Created Date = 10/19/2008 9:47:16 PM | Attr =	]
dyiadurq.dll -> %SystemRoot%\System32\dyiadurq.dll ->  [Ver =  | Size = 69120 bytes | Created Date = 10/19/2008 9:44:18 PM | Attr =	]
egyast -> %SystemRoot%\System32\egyast ->  [Ver =  | Size = 25 bytes | Created Date = 9/20/2008 12:51:44 PM | Attr =	]
en -> %SystemRoot%\System32\en ->  [Folder | Created Date = 10/6/2008 10:53:56 AM | Attr =	]
en-us -> %SystemRoot%\System32\en-us ->  [Folder | Created Date = 10/6/2008 10:54:02 AM | Attr =	]
eogstrxv.dll -> %SystemRoot%\System32\eogstrxv.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/22/2008 10:25:05 PM | Attr =	]
exqiqgwa.dll -> %SystemRoot%\System32\exqiqgwa.dll ->  [Ver =  | Size = 68608 bytes | Created Date = 10/24/2008 9:32:15 PM | Attr =	]
fbvbqe.dll -> %SystemRoot%\System32\fbvbqe.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/20/2008 8:36:43 PM | Attr =	]
fcjxbssu.ini -> %SystemRoot%\System32\fcjxbssu.ini ->  [Ver =  | Size = 1408313 bytes | Created Date = 10/24/2008 11:54:09 PM | Attr =  HS]
ffkpoaml.ini -> %SystemRoot%\System32\ffkpoaml.ini ->  [Ver =  | Size = 1386257 bytes | Created Date = 10/23/2008 9:36:23 PM | Attr =  HS]
fmltal.dll -> %SystemRoot%\System32\fmltal.dll ->  [Ver =  | Size = 101376 bytes | Created Date = 10/23/2008 9:41:25 PM | Attr =	]
gnalagn -> %SystemRoot%\System32\gnalagn ->  [Ver =  | Size = 13 bytes | Created Date = 9/20/2008 1:16:16 PM | Attr =	]
GroupPolicy -> %SystemRoot%\System32\GroupPolicy ->  [Folder | Created Date = 10/24/2008 10:35:31 PM | Attr =  H ]
gvtebgwk.ini -> %SystemRoot%\System32\gvtebgwk.ini ->  [Ver =  | Size = 1386257 bytes | Created Date = 10/23/2008 9:29:09 PM | Attr =  HS]
icurfwrl.ini -> %SystemRoot%\System32\icurfwrl.ini ->  [Ver =  | Size = 1408313 bytes | Created Date = 10/24/2008 10:54:07 PM | Attr =  HS]
inesrol -> %SystemRoot%\System32\inesrol ->  [Ver =  | Size = 32 bytes | Created Date = 9/20/2008 1:23:08 PM | Attr =	]
irtart -> %SystemRoot%\System32\irtart ->  [Ver =  | Size = 17 bytes | Created Date = 9/20/2008 1:04:15 PM | Attr =	]
isuyckxn.dll -> %SystemRoot%\System32\isuyckxn.dll ->  [Ver =  | Size = 69120 bytes | Created Date = 10/21/2008 4:37:42 AM | Attr =	]
jjeayspy.dll -> %SystemRoot%\System32\jjeayspy.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 10:56:57 PM | Attr =	]
kwgbetvg.dll -> %SystemRoot%\System32\kwgbetvg.dll ->  [Ver =  | Size = 69632 bytes | Created Date = 10/23/2008 9:29:04 PM | Attr =	]
kyazej.dll -> %SystemRoot%\System32\kyazej.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/22/2008 10:25:08 PM | Attr =	]
lame_enc.dll -> %SystemRoot%\System32\lame_enc.dll ->  [Ver =  | Size = 175104 bytes | Created Date = 10/12/2008 11:37:16 PM | Attr =	]
libeay32_0.9.6l.dll -> %SystemRoot%\System32\libeay32_0.9.6l.dll ->  [Ver =  | Size = 796048 bytes | Created Date = 10/23/2008 10:11:01 PM | Attr =	]
lmaopkff.dll -> %SystemRoot%\System32\lmaopkff.dll ->  [Ver =  | Size = 69632 bytes | Created Date = 10/23/2008 9:36:17 PM | Attr =	]
lndvpx.dll -> %SystemRoot%\System32\lndvpx.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/21/2008 4:25:42 AM | Attr =	]
moreniu -> %SystemRoot%\System32\moreniu ->  [Ver =  | Size = 19 bytes | Created Date = 9/26/2008 5:37:56 PM | Attr =	]
nxkcyusi.ini -> %SystemRoot%\System32\nxkcyusi.ini ->  [Ver =  | Size = 1340598 bytes | Created Date = 10/21/2008 4:37:44 AM | Attr =  HS]
osizxq.dll -> %SystemRoot%\System32\osizxq.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 11:57:05 PM | Attr =	]
pmwvkmvg.dll -> %SystemRoot%\System32\pmwvkmvg.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 11:57:05 PM | Attr =	]
pvuesi.dll -> %SystemRoot%\System32\pvuesi.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 10:56:59 PM | Attr =	]
pyfhuluw.dll -> %SystemRoot%\System32\pyfhuluw.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/19/2008 9:41:16 PM | Attr =	]
qrudaiyd.ini -> %SystemRoot%\System32\qrudaiyd.ini ->  [Ver =  | Size = 1408313 bytes | Created Date = 10/19/2008 9:44:21 PM | Attr =  HS]
rebsin -> %SystemRoot%\System32\rebsin ->  [Ver =  | Size = 27 bytes | Created Date = 9/20/2008 12:56:12 PM | Attr =	]
rfhphmih.dll -> %SystemRoot%\System32\rfhphmih.dll ->  [Ver =  | Size = 101376 bytes | Created Date = 10/23/2008 9:41:23 PM | Attr =	]
scripting -> %SystemRoot%\System32\scripting ->  [Folder | Created Date = 10/6/2008 10:54:00 AM | Attr =	]
seasout -> %SystemRoot%\System32\seasout ->  [Ver =  | Size = 22 bytes | Created Date = 9/20/2008 12:54:15 PM | Attr =	]
sipktiyy.dll -> %SystemRoot%\System32\sipktiyy.dll ->  [Ver =  | Size = 69120 bytes | Created Date = 10/20/2008 11:15:04 PM | Attr =	]
trgqigac.dll -> %SystemRoot%\System32\trgqigac.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 9:35:27 PM | Attr =	]
tuulwvbd.dll -> %SystemRoot%\System32\tuulwvbd.dll ->  [Ver =  | Size = 68608 bytes | Created Date = 10/22/2008 10:23:20 PM | Attr =	]
ussbxjcf.dll -> %SystemRoot%\System32\ussbxjcf.dll ->  [Ver =  | Size = 69632 bytes | Created Date = 10/24/2008 11:54:05 PM | Attr =	]
vsconfig.xml -> %SystemRoot%\System32\vsconfig.xml ->  [Ver =  | Size = 352918 bytes | Created Date = 10/23/2008 10:10:15 PM | Attr =	]
vsdata.dll -> %SystemRoot%\System32\vsdata.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 83432 bytes | Created Date = 10/23/2008 10:07:27 PM | Attr =	]
vsdatant.sys -> %SystemRoot%\System32\vsdatant.sys -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 394952 bytes | Created Date = 10/23/2008 10:10:15 PM | Attr =	]
vsinit.dll -> %SystemRoot%\System32\vsinit.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 157160 bytes | Created Date = 10/23/2008 10:07:27 PM | Attr =	]
vsmonapi.dll -> %SystemRoot%\System32\vsmonapi.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 103912 bytes | Created Date = 10/23/2008 10:10:22 PM | Attr =	]
vspubapi.dll -> %SystemRoot%\System32\vspubapi.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 275944 bytes | Created Date = 10/23/2008 10:10:22 PM | Attr =	]
vsregexp.dll -> %SystemRoot%\System32\vsregexp.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 71144 bytes | Created Date = 10/23/2008 10:11:00 PM | Attr =	]
vsutil.dll -> %SystemRoot%\System32\vsutil.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 472552 bytes | Created Date = 10/23/2008 10:07:27 PM | Attr =	]
vswmi.dll -> %SystemRoot%\System32\vswmi.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 46568 bytes | Created Date = 10/23/2008 10:10:30 PM | Attr =	]
vsxml.dll -> %SystemRoot%\System32\vsxml.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 99816 bytes | Created Date = 10/23/2008 10:10:25 PM | Attr =	]
xeksaape.ini -> %SystemRoot%\System32\xeksaape.ini ->  [Ver =  | Size = 1341824 bytes | Created Date = 10/20/2008 8:34:27 PM | Attr =  HS]
ywkfnnce.dll -> %SystemRoot%\System32\ywkfnnce.dll ->  [Ver =  | Size = 101888 bytes | Created Date = 10/21/2008 4:25:42 AM | Attr =	]
yyitkpis.ini -> %SystemRoot%\System32\yyitkpis.ini ->  [Ver =  | Size = 1339261 bytes | Created Date = 10/20/2008 11:15:04 PM | Attr =  HS]
zhsi -> %SystemRoot%\System32\zhsi ->  [Ver =  | Size = 25 bytes | Created Date = 9/20/2008 12:39:15 PM | Attr =	]
zlcomm.dll -> %SystemRoot%\System32\zlcomm.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 83432 bytes | Created Date = 10/23/2008 10:10:53 PM | Attr =	]
zlcommdb.dll -> %SystemRoot%\System32\zlcommdb.dll -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 71144 bytes | Created Date = 10/23/2008 10:10:53 PM | Attr =	]
zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat ->  [Ver =  | Size = 4212 bytes | Created Date = 10/23/2008 10:13:32 PM | Attr =  H ]
zodc -> %SystemRoot%\System32\zodc ->  [Ver =  | Size = 22 bytes | Created Date = 9/20/2008 12:58:59 PM | Attr =	]
ZoneLabs -> %SystemRoot%\System32\ZoneLabs ->  [Folder | Created Date = 10/23/2008 10:10:23 PM | Attr =	]
zpeng24.dll -> %SystemRoot%\System32\zpeng24.dll -> Python Software Foundation [Ver = 2.4.2 | Size = 1086952 bytes | Created Date = 10/23/2008 10:10:27 PM | Attr =	]
zshosg.dll -> %SystemRoot%\System32\zshosg.dll ->  [Ver =  | Size = 102400 bytes | Created Date = 10/24/2008 9:35:29 PM | Attr =	]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ ->  [Folder | Created Date = 10/6/2008 10:34:21 AM | Attr =  H ]
7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
ERUNT -> %SystemRoot%\ERUNT ->  [Folder | Created Date = 9/19/2008 10:51:20 PM | Attr =	]
Internet Logs -> %SystemRoot%\Internet Logs ->  [Folder | Created Date = 10/23/2008 10:07:27 PM | Attr =	]
l2schemas -> %SystemRoot%\l2schemas ->  [Folder | Created Date = 10/6/2008 10:53:58 AM | Attr =	]
network diagnostic -> %SystemRoot%\network diagnostic ->  [Folder | Created Date = 10/6/2008 10:42:36 AM | Attr =	]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Created Date = 10/6/2008 12:11:09 PM | Attr =	]
ServicePackFiles -> %SystemRoot%\ServicePackFiles ->  [Folder | Created Date = 10/6/2008 10:46:53 AM | Attr =	]
zllsputility.exe -> %SystemRoot%\zllsputility.exe -> Zone Labs, LLC [Ver = 7.0.483.000 | Size = 75248 bytes | Created Date = 10/23/2008 10:13:00 PM | Attr =	]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
MailFrontier -> %AllUsersProfile%\Application Data\MailFrontier ->  [Folder | Created Date = 10/23/2008 10:13:43 PM | Attr =	]
Norton -> %AllUsersProfile%\Application Data\Norton ->  [Folder | Created Date = 10/20/2008 10:50:21 PM | Attr =	]
NortonInstaller -> %AllUsersProfile%\Application Data\NortonInstaller ->  [Folder | Created Date = 10/20/2008 10:50:17 PM | Attr =	]
PCSettings -> %AllUsersProfile%\Application Data\PCSettings ->  [Folder | Created Date = 10/20/2008 10:57:41 PM | Attr =	]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} ->  [Folder | Created Date = 10/7/2008 10:39:06 PM | Attr =	]
Norton AntiVirus.lnk -> %AllUsersProfile%\Desktop\Norton AntiVirus.lnk ->  [Ver =  | Size = 2091 bytes | Created Date = 10/21/2008 10:54:37 PM | Attr =	]
Adobe Gamma Loader.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ->  [Ver =  | Size = 1918 bytes | Created Date = 10/23/2008 9:30:13 PM | Attr =	]
Adobe Gamma.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Gamma.lnk ->  [Ver =  | Size = 988 bytes | Created Date = 10/23/2008 9:30:13 PM | Attr =	]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard ->  [Folder | Created Date = 10/23/2008 10:00:04 PM | Attr =	]
Audio Dictation Master -> %ProgramFiles%\Audio Dictation Master ->  [Folder | Created Date = 10/12/2008 11:37:14 PM | Attr =	]
Bonjour -> %ProgramFiles%\Bonjour ->  [Folder | Created Date = 10/7/2008 10:38:39 PM | Attr =	]
Incomplete -> %ProgramFiles%\Incomplete ->  [Folder | Created Date = 10/13/2008 3:52:37 PM | Attr =	]
Norton AntiVirus -> %ProgramFiles%\Norton AntiVirus ->  [Folder | Created Date = 10/20/2008 11:28:34 PM | Attr =	]
NortonInstaller -> %ProgramFiles%\NortonInstaller ->  [Folder | Created Date = 10/20/2008 10:50:17 PM | Attr =	]
QuickTime -> %ProgramFiles%\QuickTime ->  [Folder | Created Date = 10/7/2008 10:37:14 PM | Attr =	]
Symantec -> %ProgramFiles%\Symantec ->  [Folder | Created Date = 10/21/2008 10:55:07 PM | Attr =	]
Trend Micro -> %ProgramFiles%\Trend Micro ->  [Folder | Created Date = 10/22/2008 11:21:06 PM | Attr =	]
Windows Sidebar -> %ProgramFiles%\Windows Sidebar ->  [Folder | Created Date = 10/21/2008 10:53:32 PM | Attr =	]
Zone Labs -> %ProgramFiles%\Zone Labs ->  [Folder | Created Date = 10/23/2008 10:10:22 PM | Attr =	]
ZoneAlarmSB -> %ProgramFiles%\ZoneAlarmSB ->  [Folder | Created Date = 10/23/2008 10:20:30 PM | Attr =	]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini ->  [Ver =  | Size = 211 bytes | Modified Date = 10/26/2008 1:17:13 PM | Attr =  HS]
ntldr -> %SystemDrive%\ntldr ->  [Ver =  | Size = 250048 bytes | Modified Date = 10/6/2008 10:41:56 AM | Attr = RHS]
hosts -> %SystemRoot%\System32\drivers\etc\hosts ->  [Ver =  | Size = 264263 bytes | Modified Date = 10/25/2008 6:11:34 AM | Attr =	]
hosts.20081022-000625.backup -> %SystemRoot%\System32\drivers\etc\hosts.20081022-000625.backup ->  [Ver =  | Size = 686 bytes | Modified Date = 9/19/2008 10:54:58 PM | Attr =	]
hosts.bak -> %SystemRoot%\System32\drivers\etc\hosts.bak ->  [Ver =  | Size = 267035 bytes | Modified Date = 10/24/2008 10:18:38 PM | Attr =	]
BHDrvx86.CAT -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.CAT ->  [Ver =  | Size = 10613 bytes | Modified Date = 10/21/2008 10:53:37 PM | Attr =	]
BHDrvx86.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\BHDrvx86.inf ->  [Ver =  | Size = 641 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
isolate.ini -> %SystemRoot%\System32\drivers\NAV\1000000.07D\isolate.ini ->  [Ver =  | Size = 172 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
srtsp.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.cat ->  [Ver =  | Size = 10617 bytes | Modified Date = 10/21/2008 10:53:37 PM | Attr =	]
srtsp.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtsp.inf ->  [Ver =  | Size = 1383 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
srtspx.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.cat ->  [Ver =  | Size = 10621 bytes | Modified Date = 10/21/2008 10:53:37 PM | Attr =	]
srtspx.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\srtspx.inf ->  [Ver =  | Size = 1389 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
SymEFA.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.cat ->  [Ver =  | Size = 10659 bytes | Modified Date = 10/21/2008 10:53:37 PM | Attr =	]
SymEFA.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymEFA.inf ->  [Ver =  | Size = 3375 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
SymNet.cat -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.cat ->  [Ver =  | Size = 13089 bytes | Modified Date = 10/21/2008 10:53:37 PM | Attr =	]
SymNet.inf -> %SystemRoot%\System32\drivers\NAV\1000000.07D\SymNet.inf ->  [Ver =  | Size = 1611 bytes | Modified Date = 10/21/2008 10:53:50 PM | Attr =	]
SYMEVENT.CAT -> %SystemRoot%\System32\drivers\SYMEVENT.CAT ->  [Ver =  | Size = 10635 bytes | Modified Date = 10/21/2008 10:55:07 PM | Attr =	]
SYMEVENT.INF -> %SystemRoot%\System32\drivers\SYMEVENT.INF ->  [Ver =  | Size = 806 bytes | Modified Date = 10/21/2008 10:55:07 PM | Attr =	]
aasoyf -> %SystemRoot%\System32\aasoyf ->  [Ver =  | Size = 25 bytes | Modified Date = 10/18/2008 2:57:04 PM | Attr =	]
2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
awgqiqxe.ini -> %SystemRoot%\System32\awgqiqxe.ini ->  [Ver =  | Size = 1408331 bytes | Modified Date = 10/24/2008 10:33:34 PM | Attr =  HS]
cbpwkbjb.dll -> %SystemRoot%\System32\cbpwkbjb.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/20/2008 8:36:43 PM | Attr =	]
celaso -> %SystemRoot%\System32\celaso ->  [Ver =  | Size = 23 bytes | Modified Date = 9/20/2008 12:31:52 PM | Attr =	]
cjkhab.dll -> %SystemRoot%\System32\cjkhab.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/19/2008 9:41:19 PM | Attr =	]
dbvwluut.ini -> %SystemRoot%\System32\dbvwluut.ini ->  [Ver =  | Size = 1372446 bytes | Modified Date = 10/22/2008 11:18:56 PM | Attr =  HS]
dndiuo.dll -> %SystemRoot%\System32\dndiuo.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/20/2008 11:18:06 PM | Attr =	]
dsuctpsb.dll -> %SystemRoot%\System32\dsuctpsb.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/20/2008 11:18:06 PM | Attr =	]
dybdjbhh.exe -> %SystemRoot%\System32\dybdjbhh.exe ->  [Ver =  | Size = 2048 bytes | Modified Date = 10/19/2008 9:47:16 PM | Attr =	]
dyiadurq.dll -> %SystemRoot%\System32\dyiadurq.dll ->  [Ver =  | Size = 69120 bytes | Modified Date = 10/19/2008 9:44:18 PM | Attr =	]
egyast -> %SystemRoot%\System32\egyast ->  [Ver =  | Size = 25 bytes | Modified Date = 9/20/2008 12:51:44 PM | Attr =	]
eogstrxv.dll -> %SystemRoot%\System32\eogstrxv.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/22/2008 10:25:07 PM | Attr =	]
exqiqgwa.dll -> %SystemRoot%\System32\exqiqgwa.dll ->  [Ver =  | Size = 68608 bytes | Modified Date = 10/24/2008 9:32:16 PM | Attr =	]
fbvbqe.dll -> %SystemRoot%\System32\fbvbqe.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/20/2008 8:36:43 PM | Attr =	]
fcjxbssu.ini -> %SystemRoot%\System32\fcjxbssu.ini ->  [Ver =  | Size = 1408313 bytes | Modified Date = 10/24/2008 11:54:46 PM | Attr =  HS]
ffkpoaml.ini -> %SystemRoot%\System32\ffkpoaml.ini ->  [Ver =  | Size = 1386257 bytes | Modified Date = 10/23/2008 9:36:29 PM | Attr =  HS]
fmltal.dll -> %SystemRoot%\System32\fmltal.dll ->  [Ver =  | Size = 101376 bytes | Modified Date = 10/23/2008 9:41:25 PM | Attr =	]
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT ->  [Ver =  | Size = 200936 bytes | Modified Date = 10/16/2008 12:02:27 PM | Attr =	]
fNXxwGgh.ini -> %SystemRoot%\System32\fNXxwGgh.ini ->  [Ver =  | Size = 628730 bytes | Modified Date = 10/19/2008 9:48:27 PM | Attr =  HS]
fNXxwGgh.ini2 -> %SystemRoot%\System32\fNXxwGgh.ini2 ->  [Ver =  | Size = 628730 bytes | Modified Date = 10/19/2008 9:47:26 PM | Attr =  HS]
gnalagn -> %SystemRoot%\System32\gnalagn ->  [Ver =  | Size = 13 bytes | Modified Date = 9/20/2008 1:16:16 PM | Attr =	]
gvtebgwk.ini -> %SystemRoot%\System32\gvtebgwk.ini ->  [Ver =  | Size = 1386257 bytes | Modified Date = 10/23/2008 9:29:16 PM | Attr =  HS]
icurfwrl.ini -> %SystemRoot%\System32\icurfwrl.ini ->  [Ver =  | Size = 1408313 bytes | Modified Date = 10/24/2008 10:54:14 PM | Attr =  HS]
inesrol -> %SystemRoot%\System32\inesrol ->  [Ver =  | Size = 32 bytes | Modified Date = 9/20/2008 1:23:08 PM | Attr =	]
irtart -> %SystemRoot%\System32\irtart ->  [Ver =  | Size = 17 bytes | Modified Date = 9/20/2008 1:04:15 PM | Attr =	]
isuyckxn.dll -> %SystemRoot%\System32\isuyckxn.dll ->  [Ver =  | Size = 69120 bytes | Modified Date = 10/21/2008 4:37:42 AM | Attr =	]
jjeayspy.dll -> %SystemRoot%\System32\jjeayspy.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 10:56:59 PM | Attr =	]
kwgbetvg.dll -> %SystemRoot%\System32\kwgbetvg.dll ->  [Ver =  | Size = 69632 bytes | Modified Date = 10/23/2008 9:29:06 PM | Attr =	]
kyazej.dll -> %SystemRoot%\System32\kyazej.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/22/2008 10:25:07 PM | Attr =	]
lmaopkff.dll -> %SystemRoot%\System32\lmaopkff.dll ->  [Ver =  | Size = 69632 bytes | Modified Date = 10/23/2008 9:36:17 PM | Attr =	]
lndvpx.dll -> %SystemRoot%\System32\lndvpx.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/21/2008 4:25:42 AM | Attr =	]
moreniu -> %SystemRoot%\System32\moreniu ->  [Ver =  | Size = 19 bytes | Modified Date = 9/26/2008 5:37:56 PM | Attr =	]
nxkcyusi.ini -> %SystemRoot%\System32\nxkcyusi.ini ->  [Ver =  | Size = 1340598 bytes | Modified Date = 10/21/2008 4:37:50 AM | Attr =  HS]
osizxq.dll -> %SystemRoot%\System32\osizxq.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 11:57:05 PM | Attr =	]
pmwvkmvg.dll -> %SystemRoot%\System32\pmwvkmvg.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 11:57:05 PM | Attr =	]
pvuesi.dll -> %SystemRoot%\System32\pvuesi.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 10:56:59 PM | Attr =	]
pyfhuluw.dll -> %SystemRoot%\System32\pyfhuluw.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/19/2008 9:41:19 PM | Attr =	]
qrudaiyd.ini -> %SystemRoot%\System32\qrudaiyd.ini ->  [Ver =  | Size = 1408313 bytes | Modified Date = 10/19/2008 9:44:27 PM | Attr =  HS]
rebsin -> %SystemRoot%\System32\rebsin ->  [Ver =  | Size = 27 bytes | Modified Date = 9/20/2008 12:56:12 PM | Attr =	]
rfhphmih.dll -> %SystemRoot%\System32\rfhphmih.dll ->  [Ver =  | Size = 101376 bytes | Modified Date = 10/23/2008 9:41:25 PM | Attr =	]
seasout -> %SystemRoot%\System32\seasout ->  [Ver =  | Size = 22 bytes | Modified Date = 9/20/2008 12:54:15 PM | Attr =	]
sipktiyy.dll -> %SystemRoot%\System32\sipktiyy.dll ->  [Ver =  | Size = 69120 bytes | Modified Date = 10/20/2008 11:15:04 PM | Attr =	]
tmp.reg -> %SystemRoot%\System32\tmp.reg ->  [Ver =  | Size = 3852 bytes | Modified Date = 10/24/2008 10:18:45 PM | Attr =	]
trgqigac.dll -> %SystemRoot%\System32\trgqigac.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 9:35:29 PM | Attr =	]
tuulwvbd.dll -> %SystemRoot%\System32\tuulwvbd.dll ->  [Ver =  | Size = 68608 bytes | Modified Date = 10/22/2008 10:23:22 PM | Attr =	]
ussbxjcf.dll -> %SystemRoot%\System32\ussbxjcf.dll ->  [Ver =  | Size = 69632 bytes | Modified Date = 10/24/2008 11:54:05 PM | Attr =	]
wpa.dbl -> %SystemRoot%\System32\wpa.dbl ->  [Ver =  | Size = 13646 bytes | Modified Date = 10/19/2008 9:36:25 PM | Attr =	]
ywkfnnce.dll -> %SystemRoot%\System32\ywkfnnce.dll ->  [Ver =  | Size = 101888 bytes | Modified Date = 10/21/2008 4:25:42 AM | Attr =	]
yyitkpis.ini -> %SystemRoot%\System32\yyitkpis.ini ->  [Ver =  | Size = 1339261 bytes | Modified Date = 10/20/2008 11:15:09 PM | Attr =  HS]
zhsi -> %SystemRoot%\System32\zhsi ->  [Ver =  | Size = 25 bytes | Modified Date = 9/20/2008 12:39:15 PM | Attr =	]
zllictbl.dat -> %SystemRoot%\System32\zllictbl.dat ->  [Ver =  | Size = 4212 bytes | Modified Date = 10/23/2008 10:21:04 PM | Attr =  H ]
zodc -> %SystemRoot%\System32\zodc ->  [Ver =  | Size = 22 bytes | Modified Date = 9/20/2008 12:58:59 PM | Attr =	]
zshosg.dll -> %SystemRoot%\System32\zshosg.dll ->  [Ver =  | Size = 102400 bytes | Modified Date = 10/24/2008 9:35:29 PM | Attr =	]
7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 116 bytes | Modified Date = 10/20/2008 8:55:50 PM | Attr =	]
system.ini -> %SystemRoot%\system.ini ->  [Ver =  | Size = 313 bytes | Modified Date = 10/26/2008 1:17:12 PM | Attr =	]
win.ini -> %SystemRoot%\win.ini ->  [Ver =  | Size = 1494 bytes | Modified Date = 10/26/2008 1:17:12 PM | Attr =	]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx ->  [Ver =  | Size = 316640 bytes | Modified Date = 10/6/2008 12:11:40 PM | Attr =	]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job ->  [Ver =  | Size = 284 bytes | Modified Date = 10/7/2008 10:34:32 PM | Attr =	]
MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job ->  [Ver =  | Size = 330 bytes | Modified Date = 10/20/2008 1:44:03 AM | Attr =  H ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 10/26/2008 1:15:14 PM | Attr =  H ]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader ->  [Folder | Modified Date = 3/23/2005 9:55:41 PM | Attr =	]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat ->  [Ver =  | Size = 4646 bytes | Modified Date = 10/15/2008 10:36:37 PM | Attr =	]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ->  [Ver =  | Size = 4232 bytes | Modified Date = 10/15/2008 10:36:37 PM | Attr =	]
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA ->  [Folder | Modified Date = 3/25/2005 11:12:00 PM | Attr =	]
opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat ->  [Ver =  | Size = 8206 bytes | Modified Date = 3/25/2005 11:12:00 PM | Attr =	]
C:\WINDOWS\Temp\ -> C:\WINDOWS\Temp ->  [Folder | Modified Date = 1/1/2002 12:08:21 AM | Attr =	]
Perflib_Perfdata_1d8.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_1d8.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 10/26/2008 1:17:54 PM | Attr =	]
Perflib_Perfdata_2e4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_2e4.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 1/1/2002 12:02:20 AM | Attr =	]
Perflib_Perfdata_6cc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_6cc.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 10/23/2008 6:11:11 AM | Attr =	]
Perflib_Perfdata_7d4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7d4.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 10/24/2008 10:44:48 PM | Attr =	]
Perflib_Perfdata_7e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7e0.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 1/1/2002 12:21:43 AM | Attr =	]
Perflib_Perfdata_aa4.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_aa4.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 1/1/2002 1:46:29 AM | Attr =	]
Perflib_Perfdata_dc.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_dc.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 1/1/2002 12:26:33 PM | Attr =	]
Perflib_Perfdata_f60.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_f60.dat ->  [Ver =  | Size = 16384 bytes | Modified Date = 10/26/2008 1:24:22 PM | Attr =	]
41 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\ ->  [Folder | Modified Date = 9/19/2008 10:58:19 PM | Attr =   S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 3/26/2005 3:33:04 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6C6DJY2S\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6C6DJY2S ->  [Folder | Modified Date = 9/19/2008 10:58:19 PM | Attr =   S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6C6DJY2S\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 3/26/2005 3:33:04 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\EIY61Z3B\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\EIY61Z3B ->  [Folder | Modified Date = 9/19/2008 10:58:19 PM | Attr =   S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\EIY61Z3B\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 3/26/2005 3:33:04 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SQ39KB3G\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SQ39KB3G ->  [Folder | Modified Date = 9/19/2008 10:58:19 PM | Attr =   S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SQ39KB3G\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 3/26/2005 3:33:04 PM | Attr =  HS]
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\WE9SBQW4\ -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\WE9SBQW4 ->  [Folder | Modified Date = 9/19/2008 10:58:19 PM | Attr =   S]
desktop.ini -> C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\WE9SBQW4\desktop.ini ->  [Ver =  | Size = 67 bytes | Modified Date = 3/26/2005 3:33:04 PM | Attr =  HS]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db ->  [Ver =  | Size = 4240656 bytes | Modified Date = 10/26/2008 1:13:10 PM | Attr =  H ]
Norton AntiVirus.lnk -> %AllUsersProfile%\Desktop\Norton AntiVirus.lnk ->  [Ver =  | Size = 2091 bytes | Modified Date = 10/21/2008 10:54:37 PM | Attr =	]

[File - Lop Check: Additional Folder Scans - Non-Microsoft Only]
Application Data -> C:\Documents and Settings\Administrator.STEVE-D2413BD9C.000\Application Data ->  [Folder | Modified Date = 1/1/2002 12:24:33 PM | Attr = RH ]
Microsoft -> C:\Documents and Settings\Administrator.STEVE-D2413BD9C.000\Application Data\Microsoft ->  [Folder | Modified Date = 1/1/2002 12:12:15 AM | Attr =   S]
Application Data -> C:\Documents and Settings\All Users\Application Data ->  [Folder | Modified Date = 10/23/2008 10:13:43 PM | Attr = RH ]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} ->  [Folder | Modified Date = 10/7/2008 10:39:41 PM | Attr =	]
Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe ->  [Folder | Modified Date = 9/15/2008 2:23:44 PM | Attr =	]
Adobe Systems -> C:\Documents and Settings\All Users\Application Data\Adobe Systems ->  [Folder | Modified Date = 1/16/2006 11:55:47 PM | Attr =	]
Apple -> C:\Documents and Settings\All Users\Application Data\Apple ->  [Folder | Modified Date = 7/30/2007 2:16:31 PM | Attr =	]
Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer ->  [Folder | Modified Date = 5/26/2007 5:40:04 PM | Attr =	]
Autodesk -> C:\Documents and Settings\All Users\Application Data\Autodesk ->  [Folder | Modified Date = 12/13/2007 9:37:34 PM | Attr =	]
CyberLink -> C:\Documents and Settings\All Users\Application Data\CyberLink ->  [Folder | Modified Date = 3/23/2005 10:34:25 PM | Attr =	]
DVD Shrink -> C:\Documents and Settings\All Users\Application Data\DVD Shrink ->  [Folder | Modified Date = 8/23/2006 7:28:31 PM | Attr =	]
HP -> C:\Documents and Settings\All Users\Application Data\HP ->  [Folder | Modified Date = 10/30/2006 1:56:01 PM | Attr =	]
Kodak -> C:\Documents and Settings\All Users\Application Data\Kodak ->  [Folder | Modified Date = 7/16/2007 10:10:32 PM | Attr =	]
Last.fm -> C:\Documents and Settings\All Users\Application Data\Last.fm ->  [Folder | Modified Date = 6/14/2008 8:35:55 AM | Attr =	]
MailFrontier -> C:\Documents and Settings\All Users\Application Data\MailFrontier ->  [Folder | Modified Date = 10/23/2008 10:13:43 PM | Attr =	]
Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft ->  [Folder | Modified Date = 8/18/2006 9:18:33 PM | Attr =   S]
Norton -> C:\Documents and Settings\All Users\Application Data\Norton ->  [Folder | Modified Date = 10/21/2008 10:53:32 PM | Attr =	]
NortonInstaller -> C:\Documents and Settings\All Users\Application Data\NortonInstaller ->  [Folder | Modified Date = 10/20/2008 10:50:17 PM | Attr =	]
PCSettings -> C:\Documents and Settings\All Users\Application Data\PCSettings ->  [Folder | Modified Date = 10/20/2008 10:57:41 PM | Attr =	]
QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime ->  [Folder | Modified Date = 3/29/2005 6:33:51 PM | Attr =	]
Sony Corporation -> C:\Documents and Settings\All Users\Application Data\Sony Corporation ->  [Folder | Modified Date = 12/26/2005 6:05:41 PM | Attr =	]
Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy ->  [Folder | Modified Date = 10/22/2008 12:03:59 AM | Attr =	]
Trymedia -> C:\Documents and Settings\All Users\Application Data\Trymedia ->  [Folder | Modified Date = 4/28/2005 6:38:14 PM | Attr =	]
TVU Networks -> C:\Documents and Settings\All Users\Application Data\TVU Networks ->  [Folder | Modified Date = 8/9/2008 7:37:58 PM | Attr =	]
Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint ->  [Folder | Modified Date = 6/28/2005 6:01:35 PM | Attr =	]
Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage ->  [Folder | Modified Date = 8/1/2005 4:27:46 PM | Attr =	]
WLInstaller -> C:\Documents and Settings\All Users\Application Data\WLInstaller ->  [Folder | Modified Date = 3/1/2008 8:42:59 PM | Attr =	]
Yahoo! -> C:\Documents and Settings\All Users\Application Data\Yahoo! ->  [Folder | Modified Date = 6/13/2008 9:23:12 PM | Attr =	]
C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks ->  [Folder | Modified Date = 1/1/2002 12:24:25 PM | Attr =   S]
AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job ->  [Ver =  | Size = 284 bytes | Modified Date = 10/7/2008 10:34:32 PM | Attr =	]
desktop.ini -> C:\WINDOWS\Tasks\desktop.ini ->  [Ver =  | Size = 65 bytes | Modified Date = 8/4/2004 5:00:00 AM | Attr = RH ]
MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job ->  [Ver =  | Size = 330 bytes | Modified Date = 10/20/2008 1:44:03 AM | Attr =  H ]
SA.DAT -> C:\WINDOWS\Tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 10/26/2008 1:15:14 PM | Attr =  H ]
[File - Purity Scan: Additional Folder Scans - Non-Microsoft Only]
s?stem32 -> C:\WINDOWS\sуstem32 ->  [Folder | Modified Date = 6/28/2006 6:27:17 PM | Attr =	]
s?stem32 -> C:\WINDOWS\sуstem32\sуstem32 ->  [Folder | Modified Date = 6/28/2006 4:46:06 PM | Attr =	]
??sks -> C:\WINDOWS\Τаsks ->  [Folder | Modified Date = 8/18/2006 8:49:19 PM | Attr =	]
F?nts -> C:\WINDOWS\System32\Fοnts ->  [Folder | Modified Date = 6/28/2006 4:46:04 PM | Attr =	]

[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services & system hive ...
disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...
disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\Administrator.STEVE-D2413BD9C.000\ntuser.dat, 0
scanning hidden files ...
disk error: C:\WINDOWS\
please note that you need administrator rights to perform deep scan
< Document and Settings folder & sub folders >
scanning hidden files ...
disk error: C:\Documents and Settings\
please note that you need administrator rights to perform deep scan

< End of report >


#5 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 27 October 2008 - 08:02 PM

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#6 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 28 October 2008 - 12:41 AM

Thank you for taking the time to help me btw, Kahdah.

Here is the ComboFix log:

ComboFix 08-10-27.03 - steve 2008-10-27 22:22:02.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.338 [GMT -7:00]

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Documents\Adobe PDF\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Adobe PDF\Extras\Desktop_.ini
C:\Documents and Settings\All Users\Documents\Adobe PDF\Settings\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\My Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\000BF382\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\01D9931B\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Pictures\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Pictures\Kodak Pictures\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Desktop_.ini
C:\Documents and Settings\All Users\Documents\My Videos\Desktop_.ini
C:\install.exe
C:\WINDOWS\sks~1
C:\WINDOWS\sstem3~1
C:\WINDOWS\sstem3~1\s?stem32\
C:\WINDOWS\system32\awgqiqxe.ini
C:\WINDOWS\system32\cbpwkbjb.dll
C:\WINDOWS\system32\cjkhab.dll
C:\WINDOWS\system32\dao350.dll
C:\WINDOWS\system32\dbvwluut.ini
C:\WINDOWS\system32\dndiuo.dll
C:\WINDOWS\system32\domadjrh.dll
C:\WINDOWS\system32\drivers\TDSSmqct.sys
C:\WINDOWS\system32\drivers\TDSSpqxt.sys
C:\WINDOWS\system32\dsuctpsb.dll
C:\WINDOWS\system32\dybdjbhh.exe
C:\WINDOWS\system32\eogstrxv.dll
C:\WINDOWS\system32\eupjqr.dll
C:\WINDOWS\system32\exqiqgwa.dll
C:\WINDOWS\system32\fbvbqe.dll
C:\WINDOWS\system32\fcjxbssu.ini
C:\WINDOWS\system32\ffkpoaml.ini
C:\WINDOWS\system32\fmltal.dll
C:\WINDOWS\system32\fnts~1
C:\WINDOWS\system32\fNXxwGgh.ini
C:\WINDOWS\system32\fNXxwGgh.ini2
C:\WINDOWS\system32\grnpdlsj.ini
C:\WINDOWS\system32\gvtebgwk.ini
C:\WINDOWS\system32\hgGwxXNf.dll
C:\WINDOWS\system32\hrjdamod.ini
C:\WINDOWS\system32\icurfwrl.ini
C:\WINDOWS\system32\iohjvsjm.dll
C:\WINDOWS\system32\isuyckxn.dll
C:\WINDOWS\system32\jjeayspy.dll
C:\WINDOWS\system32\kwgbetvg.dll
C:\WINDOWS\system32\kyazej.dll
C:\WINDOWS\system32\ldcynp.dll
C:\WINDOWS\system32\ldedjbwk.ini
C:\WINDOWS\system32\lmaopkff.dll
C:\WINDOWS\system32\lndvpx.dll
C:\WINDOWS\system32\MabryObj.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nrahxovr.dll
C:\WINDOWS\system32\nxkcyusi.ini
C:\WINDOWS\system32\osizxq.dll
C:\WINDOWS\system32\otjwbogy.ini
C:\WINDOWS\system32\owflelqu.ini
C:\WINDOWS\system32\oxdyfmbo.dll
C:\WINDOWS\system32\pmwvkmvg.dll
C:\WINDOWS\system32\pvuesi.dll
C:\WINDOWS\system32\pyfhuluw.dll
C:\WINDOWS\system32\qrudaiyd.ini
C:\WINDOWS\system32\rfhphmih.dll
C:\WINDOWS\system32\rvoxharn.ini
C:\WINDOWS\system32\sipktiyy.dll
C:\WINDOWS\system32\sudmwdcs.ini
C:\WINDOWS\system32\TDSShrxr.dll
C:\WINDOWS\system32\TDSSlrvd.dat
C:\WINDOWS\system32\TDSSlxwp.dll
C:\WINDOWS\system32\TDSSnmxh.log
C:\WINDOWS\system32\TDSSoiqh.dll
C:\WINDOWS\system32\TDSSoiqh.log
C:\WINDOWS\system32\TDSSoiqt.dll
C:\WINDOWS\system32\TDSSpqxt.log
C:\WINDOWS\system32\TDSSrhyp.dll
C:\WINDOWS\system32\TDSSrtql.dll
C:\WINDOWS\system32\TDSSsahc.dll
C:\WINDOWS\system32\TDSSxfum.dll
C:\WINDOWS\system32\trgqigac.dll
C:\WINDOWS\system32\tuulwvbd.dll
C:\WINDOWS\system32\ussbxjcf.dll
C:\WINDOWS\system32\vdygxeen.exe
C:\WINDOWS\system32\wcpsvcc.exe
C:\WINDOWS\system32\wxsewacj.exe
C:\WINDOWS\system32\xeksaape.ini
C:\WINDOWS\system32\ywkfnnce.dll
C:\WINDOWS\system32\yyitkpis.ini
C:\WINDOWS\system32\zshosg.dll
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TDSSserv
-------\Legacy_TDSSserv
-------\Service_tdssserv.sys


((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-28 )))))))))))))))))))))))))))))))
.

2008-10-24 22:55 . 2008-10-25 06:16 <DIR> d-------- C:\Documents and Settings\steve\.housecall6.6
2008-10-24 22:35 . 2008-10-24 22:35 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-10-23 22:20 . 2008-10-23 22:20 <DIR> d-------- C:\Program Files\ZoneAlarmSB
2008-10-23 22:13 . 2008-10-23 22:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
2008-10-23 22:13 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-10-23 22:13 . 2008-10-23 22:21 4,212 --ah----- C:\WINDOWS\system32\zllictbl.dat
2008-10-23 22:10 . 2008-10-23 22:13 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-10-23 22:10 . 2008-10-23 22:10 <DIR> d-------- C:\Program Files\Zone Labs
2008-10-23 22:10 . 2008-07-09 09:05 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-10-23 22:10 . 2002-01-01 01:47 352,918 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-10-23 22:07 . 2008-10-27 19:59 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-10-23 22:00 . 2008-10-24 22:34 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-22 23:21 . 2008-10-22 23:21 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-21 23:03 . 2008-10-21 22:54 35,888 -ra--c--- C:\WINDOWS\system32\drivers\SymIM.sys
2008-10-21 22:55 . 2008-10-21 22:55 <DIR> d-------- C:\Program Files\Symantec
2008-10-21 22:55 . 2008-10-21 22:55 124,464 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-10-21 22:55 . 2008-10-21 22:55 60,808 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-10-21 22:55 . 2008-10-21 22:55 10,635 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-10-21 22:55 . 2008-10-21 22:55 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-10-21 22:53 . 2008-10-21 22:53 <DIR> d-------- C:\WINDOWS\system32\drivers\NAV
2008-10-21 22:53 . 2008-10-21 22:53 <DIR> d-------- C:\Program Files\Windows Sidebar
2008-10-20 23:28 . 2008-10-21 22:53 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-10-20 22:57 . 2008-10-20 22:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PCSettings
2008-10-20 22:50 . 2008-10-20 22:50 <DIR> d-------- C:\Program Files\NortonInstaller
2008-10-20 22:50 . 2008-10-20 22:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
2008-10-20 22:50 . 2008-10-21 22:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
2008-10-20 22:47 . 2008-10-20 22:47 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-10-18 14:57 . 2008-10-18 14:57 25 --a--c--- C:\WINDOWS\system32\aasoyf
2008-10-15 22:36 . 2008-09-15 05:12 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 22:36 . 2008-09-08 03:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 22:35 . 2008-08-14 03:11 2,189,184 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 22:35 . 2008-08-14 03:09 2,145,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 22:35 . 2008-08-14 02:33 2,066,048 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 22:35 . 2008-08-14 02:33 2,023,936 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-13 15:52 . 2008-10-20 13:38 <DIR> d-------- C:\Program Files\Incomplete
2008-10-12 23:37 . 2002-01-01 00:01 <DIR> d-------- C:\Program Files\Audio Dictation Master
2008-10-12 23:37 . 2004-07-29 02:19 175,104 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-10-07 22:39 . 2008-10-07 22:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-07 22:39 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\system32\GEARAspi.dll
2008-10-07 22:39 . 2008-04-17 13:12 15,464 --a--c--- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-10-07 22:38 . 2008-10-07 22:38 <DIR> d-------- C:\Program Files\Bonjour
2008-10-07 22:37 . 2008-10-07 22:38 <DIR> d-------- C:\Program Files\QuickTime
2008-10-06 10:54 . 2008-10-06 10:54 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\system32\en
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-06 10:46 . 2008-10-06 10:54 <DIR> d-------- C:\WINDOWS\ServicePackFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-26 19:37 --------- d-----w C:\Program Files\MySpace
2008-10-24 04:44 --------- d---a-w C:\Program Files\Norton Support
2008-10-23 06:31 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-22 07:04 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-22 07:03 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2008-10-20 20:38 --------- d-----w C:\Program Files\LimeWire
2008-10-08 05:39 --------- d-----w C:\Program Files\iTunes
2008-10-08 05:39 --------- d-----w C:\Program Files\iPod
2008-10-08 05:37 --------- d-----w C:\Program Files\Common Files\Apple
2008-10-08 05:34 --------- d-----w C:\Program Files\Apple Software Update
2008-10-08 05:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-18 23:25 --------- d-----w C:\Documents and Settings\steve\Application Data\MySpace
2008-09-08 10:41 333,824 -c--a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-04 00:24 --------- d-----w C:\Program Files\BitComet
2005-06-05 04:23 220 -csha-w C:\WINDOWS\system32\ss.drv
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704]
"NvMediaCenter"="C:\WINDOWS\system32\NVMCTRAY.DLL" [2003-07-28 49152]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-22 1871872]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB9094"="command" [X]
"SpybotDeletingD8143"="del" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-03-31 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-07-28 4841472]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-07 1400944]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"Adobe Version Cue CS2"="c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-13 169984]
"nwiz"="nwiz.exe" [2003-07-28 C:\WINDOWS\system32\nwiz.exe]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-05-24 113664]
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-05-24 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eupjqr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.G723"= G723.ACM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS\system32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebrootSpySweeperService"=2 (0x2)
"PACSPTISVR"=3 (0x3)
"ose"=3 (0x3)
"MSCSPTISRV"=3 (0x3)
"IDriverT"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"5900:TCP"= 5900:TCP:VNC

R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMEFA.SYS [2008-10-21 309296]
S1 BHDrvx86;Symantec Heuristics Driver;C:\WINDOWS\system32\drivers\NAV\1000000.07D\BHDrvx86.sys [2008-10-21 254512]
S1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\NAV\1000000.07D\ccHPx86.sys [2008-10-21 362544]
S1 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [2008-10-21 274808]
S2 Norton AntiVirus;Norton AntiVirus;C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe /s Norton AntiVirus /m C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll [ ]
S2 Parclass;Parclass;C:\WINDOWS\system32\Drivers\Parclass.sys [2000-04-04 19824]
S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2003-03-27 5824]
S3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2001-09-26 285088]
S3 ICAM3NT5;Intel® PC Camera CS331;C:\WINDOWS\system32\Drivers\ICAM3D2.SYS [2001-12-03 145184]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{7EBBB9C7-C28D-9CCB-C22E-B59D5895B547} - backd.dll
BHO-{016F259A-49AE-4EE1-B16F-2AE22EBFCC0c} - C:\WINDOWS\system32\pbqyikbb.dll
BHO-{a7f31c0c-337a-4c6e-bf5b-6caf855dd36e} - C:\WINDOWS\system32\eupjqr.dll
BHO-{B7F6753F-E18A-41CC-A790-13A454F211FB} - C:\WINDOWS\system32\hgGwxXNf.dll
BHO-{FBAA6233-7C65-4896-9F96-C0BD2BFA010C} - C:\WINDOWS\system32\pmnli.dll
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKLM-Run-C:\WINDOWS\system32\kdxby.exe - C:\WINDOWS\system32\kdxby.exe
HKLM-Run-SpySweeper - C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
HKLM-Run-f07e3c7e - C:\WINDOWS\system32\nrahxovr.dll
ShellExecuteHooks-{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B} - (no file)
SafeBoot-TDSSmqct.sys
MSConfigStartUp-kdxby - C:\WINDOWS\system32\kdxby.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\DOCUME~1\steve\APPLIC~1\Mozilla\Firefox\Profiles\dpufw8nh.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.g2ic.com
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-27 22:32:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
.
**************************************************************************
.
Completion time: 2008-10-27 22:38:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-28 05:38:45

Pre-Run: 23,239,884,800 bytes free
Post-Run: 23,288,410,112 bytes free

288 --- E O F --- 2008-10-16 18:55:47

#7 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 28 October 2008 - 04:46 AM

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
==================================
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#8 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 28 October 2008 - 10:38 PM

MBAM logfile:

Malwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 3

1/1/2002 7:33:12 AM
mbam-log-2002-01-01 (07-33-12).txt

Scan type: Quick Scan
Objects scanned: 61560
Time elapsed: 7 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{d5c32347-9f98-4db6-89f4-c6ca4efd1244}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.110;85.255.112.172 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\bljwjqda.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bxmvkqnt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kseucpkd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kwbjdedl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lbeitfys.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mzkarz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\polcgy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtdckl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yoxjqbdr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

#9 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 28 October 2008 - 10:46 PM

RSIT log file:

Logfile of random's system information tool 1.04 (written by random/random)
Run by steve at 2002-01-01 07:37:57
Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (27%) free of 80 GB
Total RAM: 511 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:38:07, on 1/1/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\steve\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.g2ic.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9094] command /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8143] cmd /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O20 - AppInit_DLLs: eupjqr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9458 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-10-23 262144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-03-31 180269]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-07-28 4841472]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152]
"Adobe Version Cue CS2"=c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [2005-04-04 856064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-10-22 1261200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-07-28 49152]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-22 1871872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB9094"=command /c del C:\WINDOWS\system32\dyiadurq.dll_old []
"SpybotDeletingD8143"=cmd /c del C:\WINDOWS\system32\dyiadurq.dll_old []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebrootSpySweeperService"=2
"PACSPTISVR"=3
"ose"=3
"MSCSPTISRV"=3
"IDriverT"=3
"Bonjour Service"=2
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\steve\Start Menu\Programs\Startup
Scheduler.lnk - C:\Program Files\SpyCatcher\Scheduler daemon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eupjqr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-11-17 209408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-04-03 81616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2008-10-27 21:45:15 ----SHD---- C:\RECYCLER
2008-10-27 21:38:50 ----A---- C:\ComboFix.txt
2008-10-27 21:15:10 ----A---- C:\WINDOWS\zip.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\VFIND.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWSC.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWREG.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\sed.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\grep.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\fdsv.exe
2008-10-27 21:15:00 ----D---- C:\WINDOWS\ERDNT
2008-10-27 21:15:00 ----D---- C:\Qoobox
2008-10-27 21:14:59 ----D---- C:\ComboFix
2008-10-24 21:35:31 ----HD---- C:\WINDOWS\system32\GroupPolicy
2008-10-23 21:20:30 ----D---- C:\Program Files\ZoneAlarmSB
2008-10-23 21:13:43 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-10-23 21:13:00 ----A---- C:\WINDOWS\zllsputility.exe
2008-10-23 21:11:01 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-10-23 21:11:00 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-10-23 21:10:53 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-23 21:10:53 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-23 21:10:30 ----AC---- C:\WINDOWS\system32\vswmi.dll
2008-10-23 21:10:27 ----A---- C:\WINDOWS\system32\zpeng24.dll
2008-10-23 21:10:25 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-10-23 21:10:23 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-23 21:10:22 ----D---- C:\Program Files\Zone Labs
2008-10-23 21:10:22 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-10-23 21:10:22 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-10-23 21:07:27 ----D---- C:\WINDOWS\Internet Logs
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-10-23 21:00:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-22 22:21:06 ----D---- C:\Program Files\Trend Micro
2008-10-21 21:55:08 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-10-21 21:55:07 ----D---- C:\Program Files\Symantec
2008-10-21 21:53:32 ----D---- C:\Program Files\Windows Sidebar
2008-10-20 22:28:34 ----D---- C:\Program Files\Norton AntiVirus
2008-10-20 21:57:41 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2008-10-20 21:50:21 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2008-10-20 21:50:17 ----D---- C:\Program Files\NortonInstaller
2008-10-20 21:50:17 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-10-16 10:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:55:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:52:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-16 10:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-13 14:52:37 ----D---- C:\Program Files\Incomplete
2008-10-12 22:37:16 ----A---- C:\WINDOWS\system32\lame_enc.dll
2008-10-12 22:37:14 ----D---- C:\Program Files\Audio Dictation Master
2008-10-07 21:39:44 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-07 21:39:06 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-07 21:38:39 ----D---- C:\Program Files\Bonjour
2008-10-07 21:37:14 ----D---- C:\Program Files\QuickTime
2008-10-06 22:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-06 11:11:09 ----D---- C:\WINDOWS\Prefetch
2008-10-06 10:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-10-06 10:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-06 10:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-06 10:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-06 10:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-06 10:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-10-06 10:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-06 10:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-06 10:00:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-10-06 10:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-06 10:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-06 09:54:02 ----D---- C:\WINDOWS\system32\en-us
2008-10-06 09:54:00 ----D---- C:\WINDOWS\system32\scripting
2008-10-06 09:53:58 ----D---- C:\WINDOWS\l2schemas
2008-10-06 09:53:56 ----D---- C:\WINDOWS\system32\en
2008-10-06 09:53:55 ----D---- C:\WINDOWS\system32\bits
2008-10-06 09:46:53 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-06 09:42:36 ----D---- C:\WINDOWS\network diagnostic
2008-10-06 09:34:21 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-24 08:56:48 ----D---- C:\Program Files\Google
2008-09-19 21:51:20 ----D---- C:\WINDOWS\ERUNT
2008-09-18 15:25:36 ----D---- C:\Documents and Settings\steve\Application Data\MySpace
2008-09-18 15:25:26 ----D---- C:\Program Files\MySpace
2008-09-10 22:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-02 19:59:01 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-09-02 19:58:55 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-09-02 19:58:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-09-02 19:58:47 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-02 19:58:47 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-02 19:58:26 ----A---- C:\WINDOWS\system32\tspkg.dll
2008-09-02 19:58:26 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-09-02 19:58:10 ----A---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-02 19:58:08 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-02 19:58:03 ----N---- C:\WINDOWS\slrundll.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slserv.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slgen.dll
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-09-02 19:58:02 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-09-02 19:57:55 ----A---- C:\WINDOWS\system32\setupn.exe
2008-09-02 19:57:40 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-09-02 19:57:37 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-02 19:57:33 ----A---- C:\WINDOWS\system32\rasqec.dll
2008-09-02 19:57:32 ----A---- C:\WINDOWS\system32\qutil.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qcliprov.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qagentrt.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qagent.dll
2008-09-02 19:57:26 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-02 19:57:20 ----A---- C:\WINDOWS\system32\onex.dll
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napstat.exe
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napmontr.dll
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napipsec.dll
2008-09-02 19:56:59 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-02 19:56:58 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-09-02 19:56:58 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-09-02 19:56:51 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-02 19:56:51 ----A---- C:\WINDOWS\system32\mssha.dll
2008-09-02 19:56:12 ----A---- C:\WINDOWS\system32\mmcperf.exe
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\mmcex.dll
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-02 19:55:55 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-02 19:55:29 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-02 19:55:28 ----A---- C:\WINDOWS\system32\kmsvc.dll
2008-09-02 19:55:26 ----A---- C:\WINDOWS\system32\kbdpash.dll
2008-09-02 19:55:26 ----A---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-02 19:55:25 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-02 19:55:25 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-02 19:55:04 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-09-02 19:55:03 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-09-02 19:54:52 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-09-02 19:54:35 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-02 19:54:17 ----A---- C:\WINDOWS\system32\faxpatch.exe
2008-09-02 19:54:17 ----A---- C:\WINDOWS\003181_.tmp
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapsvc.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapqec.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappprxy.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapphost.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappgnui.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappcfg.dll
2008-09-02 19:54:10 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-02 19:54:10 ----A---- C:\WINDOWS\system32\eapolqec.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3ui.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3svc.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3msm.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3api.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dimsroam.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-02 19:53:57 ----A---- C:\WINDOWS\system32\credssp.dll
2008-09-02 19:53:49 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-02 19:53:48 ----A---- C:\WINDOWS\system32\azroles.dll
2008-09-02 19:53:46 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-02 19:53:46 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-02 19:53:34 ----AC---- C:\WINDOWS\system32\aaclient.dll
2008-08-29 09:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-08-14 23:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-14 23:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-14 23:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 23:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-14 23:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 23:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-14 22:59:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-14 22:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
2008-08-09 18:37:58 ----D---- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-08-01 21:10:52 ----D---- C:\Program Files\ReflexiveArcade
2008-07-28 16:53:25 ----D---- C:\Decoz
2008-07-17 12:42:18 ----D---- C:\Documents and Settings\steve\Application Data\gtk-2.0
2008-07-10 09:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-08 23:07:32 ----D---- C:\Program Files\IMVU
2008-06-23 11:19:02 ----D---- C:\Documents and Settings\steve\Application Data\Move Networks
2008-06-20 15:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-06-15 14:46:18 ----D---- C:\Program Files\AstroMart
2008-06-14 22:00:58 ----D---- C:\Documents and Settings\steve\Application Data\SecondLife
2008-06-14 20:49:08 ----D---- C:\Program Files\Capricorn Astrology Software
2008-06-14 07:35:55 ----D---- C:\Documents and Settings\All Users\Application Data\Last.fm
2008-06-14 07:34:52 ----D---- C:\Program Files\Last.fm
2008-06-13 20:23:12 ----RHD---- C:\Documents and Settings\steve\Application Data\yahoo!
2008-06-13 20:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-13 20:02:04 ----A---- C:\YServer.txt
2008-06-13 20:01:30 ----D---- C:\Program Files\Yahoo!
2008-06-12 08:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-06-12 08:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-06-12 08:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950759_0$
2008-06-12 08:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-12 08:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2008-05-14 19:59:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-04-25 19:06:33 ----D---- C:\WINDOWS\system32\LogFiles
2008-04-10 09:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB948881$
2008-04-10 09:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB947864$
2008-04-10 09:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2008-04-10 09:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-04-10 09:16:01 ----HDC---- C:\WINDOWS\$NtUninstallKB944338$
2008-04-10 09:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-03-04 17:52:34 ----A---- C:\WINDOWS\system32\libcurl.dll
2008-03-03 10:45:59 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-02 11:09:03 ----A---- C:\WINDOWS\system32\muweb.dll
2008-03-02 11:09:02 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-03-02 11:09:02 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-03-01 19:43:42 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-01 19:43:15 ----D---- C:\Program Files\Windows Live
2008-03-01 19:42:59 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-13 08:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-02-13 08:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB944533$
2008-02-13 08:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-02-02 20:27:12 ----D---- C:\Documents and Settings\steve\Application Data\TVU networks
2008-02-02 20:27:02 ----D---- C:\Program Files\TVUPlayer
2008-01-09 08:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2008-01-09 08:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2007-12-21 08:26:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2007-12-12 19:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2007-12-12 19:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB942840$
2007-12-12 19:25:44 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2007-12-12 19:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2007-12-12 19:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
2007-12-12 19:19:58 ----HDC---- C:\WINDOWS\$NtUninstallKB942615$
2007-12-12 19:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2007-11-23 22:38:30 ----D---- C:\AFUDOS211
2007-11-14 09:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2007-11-07 07:03:18 ----A---- C:\install.res.3082.dll
2007-11-07 07:03:18 ----A---- C:\install.res.2052.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1042.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1041.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1040.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1036.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1033.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1031.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1028.dll
2007-11-07 07:00:40 ----A---- C:\install.ini
2007-11-07 07:00:40 ----A---- C:\globdata.ini
2007-11-07 07:00:40 ----A---- C:\eula.3082.txt
2007-11-07 07:00:40 ----A---- C:\eula.2052.txt
2007-11-07 07:00:40 ----A---- C:\eula.1042.txt
2007-11-07 07:00:40 ----A---- C:\eula.1041.txt
2007-11-07 07:00:40 ----A---- C:\eula.1040.txt
2007-11-07 07:00:40 ----A---- C:\eula.1036.txt
2007-11-07 07:00:40 ----A---- C:\eula.1033.txt
2007-11-07 07:00:40 ----A---- C:\eula.1031.txt
2007-11-07 07:00:40 ----A---- C:\eula.1028.txt
2007-10-31 08:39:54 ----A---- C:\WINDOWS\system32\zlib1.dll
2007-10-18 11:31:46 ----A---- C:\WINDOWS\system32\sirenacm.dll
2007-10-10 04:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2007-10-10 04:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB939653$
2007-10-10 04:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB941202$
2007-08-29 18:05:46 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2007-08-15 19:40:46 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$
2007-08-15 19:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2007-08-15 19:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB921503$
2007-08-15 19:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$
2007-08-15 19:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2007-08-15 19:38:03 ----HDC---- C:\WINDOWS\$NtUninstallKB937143$
2007-08-15 19:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2007-07-30 13:24:19 ----D---- C:\Program Files\iTunes
2007-07-30 13:16:35 ----D---- C:\Program Files\Common Files\Apple
2007-07-30 13:16:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2007-07-09 16:32:48 ----D---- C:\WINDOWS\system32\BWKDLogs
2007-07-09 16:28:46 ----D---- C:\Program Files\Kodak
2007-07-09 16:22:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak
2007-07-08 22:40:14 ----D---- C:\Program Files\DivX
2007-07-02 11:41:04 ----AC---- C:\WINDOWS\system32\ssldivx.dll
2007-07-02 11:41:04 ----AC---- C:\WINDOWS\system32\libdivx.dll
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2007-06-13 05:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB933566$
2007-06-13 05:31:29 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2007-06-13 05:31:18 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2007-06-13 05:31:13 ----AC---- C:\WINDOWS\system32\MRT.INI
2007-06-13 05:29:47 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2007-06-06 09:53:34 ----A---- C:\WINDOWS\system32\FM20.DLL
2007-05-30 09:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2007-05-26 16:40:05 ----D---- C:\Program Files\Apple Software Update
2007-05-17 12:58:10 ----A---- C:\WINDOWS\system32\libexpatw.dll
2007-05-15 07:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB931768$
2007-05-15 07:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2007-05-08 14:03:04 ----A---- C:\WINDOWS\system32\msxml4.dll
2007-05-06 19:22:38 ----D---- C:\Program Files\Common Files\Canon
2007-04-24 05:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2007-04-16 10:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2007-04-16 10:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2007-04-16 10:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2007-04-13 02:21:14 ----A---- C:\WINDOWS\system32\mscoree.dll
2007-04-10 20:10:46 ----D---- C:\Downloads
2007-04-07 10:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2007-03-22 18:17:04 ----A---- C:\WINDOWS\system32\FM20ENU.DLL
2007-03-15 20:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
2007-03-04 19:38:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2007-02-19 19:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2007-02-18 11:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2007-02-18 11:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2007-02-18 11:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2007-02-18 11:12:34 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
2007-02-18 11:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2007-02-18 11:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2007-02-18 11:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB928090$
2007-02-18 11:09:18 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2007-01-29 00:58:06 ----A---- C:\WINDOWS\system32\tzchange.exe
2007-01-11 19:09:45 ----HDC---- C:\WINDOWS\$NtUninstallKB929969$
2006-12-12 23:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB925454$
2006-12-12 23:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2006-12-12 23:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2006-12-12 23:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2006-12-12 23:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
2006-12-03 13:47:12 ----A---- C:\WINDOWS\system32\libeay32.dll
2006-12-03 13:47:11 ----A---- C:\WINDOWS\system32\ssleay32.dll
2006-12-03 13:11:13 ----A---- C:\WINDOWS\system32\WRLogonNtf.dll
2006-12-03 13:11:04 ----AC---- C:\WINDOWS\WRUninstall.dll
2006-11-21 11:53:06 ----AC---- C:\WINDOWS\system32\pxwma.dll
2006-11-21 11:53:04 ----A---- C:\WINDOWS\system32\PxWave.dll
2006-11-21 11:53:02 ----A---- C:\WINDOWS\system32\PxSFS.DLL
2006-11-21 11:53:02 ----A---- C:\WINDOWS\system32\PxMas.dll
2006-11-21 11:52:58 ----A---- C:\WINDOWS\system32\Px.dll
2006-11-19 13:26:07 ----A---- C:\WINDOWS\system32\tmp.txt
2006-11-18 23:37:25 ----D---- C:\Program Files\Common Files\NSV
2006-11-18 14:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2006-11-18 14:18:20 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2006-11-18 14:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2006-11-18 09:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB922760$
2006-11-13 20:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2006-11-13 20:59:43 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2006-11-13 20:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2006-11-13 20:59:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2006-11-13 20:59:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2006-11-01 00:02:00 ----A---- C:\WINDOWS\system32\pxdrv.dll
2006-10-30 12:56:01 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2006-10-30 12:54:50 ----D---- C:\Program Files\Common Files\HP
2006-10-30 12:50:17 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZisn12.dll
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZipt12.dll
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZipm12.exe
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2006-10-30 12:42:23 ----D---- C:\Program Files\HP
2006-10-18 01:32:38 ----AC---- C:\WINDOWS\system32\wmv9dmod.dll
2006-10-10 00:00:00 ----AC---- C:\WINDOWS\system32\VXBLOCK.dll
2006-10-09 09:51:06 ----A---- C:\rapport.txt
2006-10-09 09:10:20 ----D---- C:\Program Files\Enigma Software Group
2006-09-27 08:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2006-09-14 22:18:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2006-09-14 22:18:26 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2006-09-14 22:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2006-09-14 22:17:58 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2006-08-27 15:00:42 ----D---- C:\VundoFix Backups
2006-08-27 15:00:42 ----A---- C:\VundoFix.txt
2006-08-18 20:18:36 ----D---- C:\WINDOWS\system32\NtmsData
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CDDBUISony.dll
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CddbMusicIDSony.dll
2006-08-17 21:43:02 ----AC---- C:\WINDOWS\system32\CddbLinkSony.dll
2006-08-17 21:43:02 ----AC---- C:\WINDOWS\system32\CDDBControlSony.dll
2006-08-08 21:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920214$
2006-08-08 21:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2006-08-08 21:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2006-08-08 21:49:43 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2006-08-08 21:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB918899$
2006-08-08 21:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2006-08-08 21:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2006-08-08 21:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2006-07-23 14:15:17 ----D---- C:\Documents and Settings\steve\Application Data\VSO_HWE
2006-07-20 21:14:37 ----AC---- C:\WINDOWS\dp2_log.txt
2006-07-15 19:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2006-07-15 19:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2006-07-15 19:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2006-06-28 19:22:12 ----D---- C:\Documents and Settings\steve\Application Data\Tenebril
2006-06-28 19:20:53 ----D---- C:\WINDOWS\system32\tenarchlib
2006-06-27 22:48:42 ----D---- C:\Documents and Settings\steve\Application Data\Talkback
2006-06-19 15:20:42 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2006-06-19 15:19:26 ----AC---- C:\WINDOWS\system32\WgaTray.exe
2006-06-19 11:13:43 ----D---- C:\Program Files\Winamp
2006-06-17 08:18:38 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2006-06-17 08:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2006-06-17 08:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2006-06-17 08:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2006-06-17 08:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2006-06-17 08:16:33 ----HDC---- C:\WINDOWS\$NtUninstallKB916281$
2006-06-17 08:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2006-06-14 22:15:32 ----D---- C:\Documents and Settings\steve\Application Data\Apple Computer
2006-06-14 22:13:05 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-06-14 22:11:55 ----D---- C:\Program Files\iPod
2006-06-13 09:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2006-06-02 10:01:03 ----D---- C:\Program Files\Windows Defender
2006-05-27 15:57:46 ----AC---- C:\WINDOWS\system32\BASSMOD.dll
2006-05-27 15:57:17 ----D---- C:\Documents and Settings\steve\Application Data\Vso
2006-05-27 15:57:04 ----D---- C:\Program Files\vso
2006-05-27 15:00:34 ----D---- C:\DVD_VIDEO
2006-05-27 14:55:57 ----D---- C:\Program Files\DVD Decrypter
2006-05-27 14:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2006-05-27 14:55:36 ----D---- C:\Program Files\DVD Shrink
2006-04-26 09:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2006-04-15 21:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2006-04-15 21:41:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2006-04-15 21:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2006-04-15 21:39:22 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
2006-03-16 16:38:01 ----A---- C:\WINDOWS\system32\verclsid.exe
2006-02-28 22:58:29 ----D---- C:\Program Files\Xilisoft
2006-02-27 20:32:28 ----D---- C:\Program Files\Smart WAV Converter
2006-02-27 20:28:02 ----D---- C:\Program Files\FLAC
2006-02-16 01:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2006-02-15 10:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2006-02-15 10:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
2006-02-15 10:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
2006-02-06 21:25:51 ----D---- C:\Documents and Settings\steve\Application Data\Opera
2006-01-30 16:33:04 ----AC---- C:\WINDOWS\system32\rundll32.exe.Z-missing.txt
2006-01-22 10:28:33 ----AC---- C:\WINDOWS\Explorer.EXE.Z-missing.txt
2006-01-19 12:52:57 ----AC---- C:\WINDOWS\system32\lfpng13n.dll
2006-01-19 12:52:55 ----AC---- C:\WINDOWS\system32\lfgif13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltkrn13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltimg13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltfil13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltefx13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltdis13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\lfcmp13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\lfbmp13n.dll
2006-01-16 22:59:38 ----A---- C:\WINDOWS\system32\FileOps.exe
2006-01-16 22:55:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-01-11 20:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2006-01-08 21:21:37 ----D---- C:\Documents and Settings\steve\Application Data\dvdcss
2006-01-08 21:16:02 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2006-01-08 21:15:56 ----D---- C:\Program Files\ImTOO
2006-01-05 15:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2005-12-26 17:07:30 ----D---- C:\Program Files\Sony Corporation
2005-12-26 17:07:15 ----C---- C:\WINDOWS\snymsico.dll
2005-12-26 17:06:17 ----AC---- C:\WINDOWS\system32\CDDBUI.dll
2005-12-26 17:06:17 ----AC---- C:\WINDOWS\system32\CDDBControl.dll
2005-12-26 17:05:41 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2005-12-26 17:05:02 ----D---- C:\Program Files\Sony
2005-12-26 17:04:25 ----D---- C:\Documents and Settings\steve\Application Data\Sony Corporation
2005-12-26 17:04:24 ----D---- C:\Program Files\Common Files\Sony Shared
2005-12-17 14:19:06 ----D---- C:\Documents and Settings\steve\Application Data\vlc
2005-12-17 14:17:37 ----D---- C:\Program Files\VideoLAN
2005-12-16 17:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2005-12-16 17:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB905915$
2005-11-15 12:12:08 ----AC---- C:\WINDOWS\system32\hashlib.dll
2005-11-15 12:12:08 ----AC---- C:\WINDOWS\system32\GCCollection.dll
2005-11-15 12:12:06 ----AC---- C:\WINDOWS\system32\gcUnCompress.dll
2005-11-08 15:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2005-11-02 14:32:06 ----AC---- C:\WINDOWS\aktyupgrade.ini
2005-11-02 14:32:06 ----AC---- C:\WINDOWS\akty.ini
2005-11-02 14:30:06 ----D---- C:\Program Files\Infinite Solutions
2005-11-02 14:16:48 ----D---- C:\ASTROLOG
2005-11-02 13:28:46 ----D---- C:\Program Files\Borland
2005-10-15 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2005-10-15 10:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2005-10-15 10:18:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896688$
2005-10-15 10:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB899589$
2005-10-15 10:18:06 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2005-10-15 10:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2005-10-15 10:17:41 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2005-10-15 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2005-10-14 21:00:03 ----D---- C:\Program Files\BitComet
2005-10-10 11:29:51 ----D---- C:\Program Files\Alambik
2005-09-23 06:28:56 ----A---- C:\WINDOWS\system32\netfxperf.dll
2005-09-23 06:28:52 ----A---- C:\WINDOWS\system32\mscories.dll
2005-09-23 06:28:52 ----A---- C:\WINDOWS\system32\mscorier.dll
2005-09-23 06:28:38 ----A---- C:\WINDOWS\system32\dfshim.dll
2005-09-06 11:31:26 ----D---- C:\Documents and Settings\steve\Application Data\Leadertech
2005-08-13 08:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2005-08-13 08:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2005-08-13 08:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2005-08-13 08:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2005-08-13 08:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB896727$
2005-08-13 08:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB899588$
2005-08-13 08:52:21 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2005-08-01 15:27:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2005-07-13 21:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2005-07-13 21:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB903235$
2005-07-12 17:04:22 ----AC---- C:\WINDOWS\system32\LegitCheckControl.dll
2005-07-12 17:04:22 ----AC---- C:\WINDOWS\system32\GWFSPidGen.dll
2005-07-06 23:18:39 ----AC---- C:\WINDOWS\system32\msdaokg.dll
2005-07-06 23:16:57 ----D---- C:\Program Files\ScreenFlash
2005-07-01 21:30:23 ----D---- C:\Program Files\Autodesk
2005-07-01 21:26:43 ----D---- C:\Documents and Settings\steve\Application Data\Autodesk
2005-07-01 21:26:43 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2005-07-01 21:23:14 ----RSD---- C:\WINDOWS\assembly
2005-07-01 21:23:14 ----D---- C:\WINDOWS\Microsoft.NET
2005-07-01 21:23:11 ----D---- C:\WINDOWS\system32\URTTemp
2005-07-01 21:06:01 ----D---- C:\Program Files\Common Files\Macromedia Shared
2005-07-01 20:59:55 ----D---- C:\Program Files\Common Files\Macromedia
2005-07-01 20:57:40 ----D---- C:\Program Files\Macromedia
2005-06-29 12:50:11 ----D---- C:\WINDOWS\system32\PreInstall
2005-06-29 12:50:11 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2005-06-29 12:50:09 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2005-06-28 17:08:44 ----D---- C:\Program Files\MsnMusic
2005-06-28 17:08:44 ----AC---- C:\WINDOWS\system32\unicows.dll
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxinsi64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxinsa64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxcpyi64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxcpya64.exe
2005-06-22 06:41:57 ----AC---- C:\WINDOWS\fnawiz.ini
2005-06-22 06:41:57 ----AC---- C:\WINDOWS\fna32.dll
2005-06-22 06:41:31 ----AC---- C:\WINDOWS\system32\ppmon.dll
2005-06-22 06:41:31 ----A---- C:\WINDOWS\system32\ppmon.exe
2005-06-22 06:41:15 ----AC---- C:\WINDOWS\system32\ciaXPRegSvr20.dll
2005-06-22 06:41:12 ----AC---- C:\WINDOWS\system32\vbar332.dll
2005-06-21 21:01:56 ----A---- C:\WINDOWS\uninst.exe
2005-06-20 00:11:24 ----AC---- C:\WINDOWS\impborl.dll
2005-06-20 00:11:24 ----AC---- C:\WINDOWS\flashax.exe
2005-06-18 00:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB896422$
2005-06-18 00:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB883939$
2005-06-18 00:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2005-06-18 00:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2005-06-18 00:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2005-06-14 23:07:18 ----AC---- C:\WINDOWS\Renew.exe
2005-06-14 23:07:18 ----AC---- C:\WINDOWS\mickey32.dll
2005-06-12 14:24:49 ----D---- C:\Documents and Settings\steve\Application Data\AdobeUM
2005-06-10 19:10:28 ----D---- C:\Documents and Settings\steve\Application Data\Axialis
2005-06-06 14:49:08 ----AC---- C:\WINDOWS\FFINI.ini
2005-06-05 14:41:50 ----AC---- C:\WINDOWS\system32\xmlparse.dll
2005-06-05 14:41:50 ----AC---- C:\WINDOWS\system32\msxml3a.dll
2005-06-05 14:41:50 ----A---- C:\WINDOWS\system32\xmltok.dll
2005-06-05 14:41:50 ----A---- C:\WINDOWS\system32\xmlinst.exe
2005-06-04 20:23:09 ----AC---- C:\WINDOWS\system32\APIGUIDE.DLL
2005-06-04 20:23:09 ----AC---- C:\WINDOWS\system32\apigid32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vpep3235.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vpdf32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vchart3235.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\leon3_32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\Dav3_32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\BarVisD.dll
2005-06-04 20:23:05 ----AC---- C:\WINDOWS\system32\dwStg.dll
2005-06-04 20:23:00 ----AC---- C:\WINDOWS\WB3USER.INI
2005-05-26 03:16:30 ----A---- C:\WINDOWS\system32\wups2.dll
2005-05-24 21:38:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2005-05-24 21:35:59 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2005-05-22 01:16:59 ----D---- C:\Documents and Settings\steve\Application Data\Ahead
2005-05-22 01:06:10 ----AC---- C:\WINDOWS\iPlayer.INI
2005-05-21 23:57:12 ----D---- C:\Program Files\InterActual
2005-05-19 00:37:45 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2005-05-17 18:11:35 ----D---- C:\Adobe Albums
2005-05-16 16:25:35 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2005-05-14 22:23:21 ----D---- C:\Documents and Settings\steve\Application Data\CyberLink
2005-05-12 00:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2005-05-10 23:44:00 ----A---- C:\WINDOWS\system32\javaws.exe
2005-05-10 23:43:59 ----A---- C:\WINDOWS\system32\javaw.exe
2005-05-10 23:43:59 ----A---- C:\WINDOWS\system32\java.exe
2005-05-10 11:35:15 ----D---- C:\Program Files\LimeWire
2005-05-10 11:22:38 ----D---- C:\Program Files\Common Files\Java
2005-05-06 19:21:54 ----AC---- C:\WINDOWS\system32\Icam3EXT.dll
2005-05-06 19:21:54 ----A---- C:\WINDOWS\system32\Icam3com.dll
2005-05-06 19:21:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2005-05-06 19:17:17 ----D---- C:\temp
2005-04-28 17:38:14 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2005-04-27 23:36:53 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2005-04-16 05:25:15 ----D---- C:\Documents and Settings\steve\Application Data\WeatherBug
2005-04-15 21:36:49 ----D---- C:\Documents and Settings\steve\Application Data\Aim
2005-04-15 21:35:50 ----D---- C:\Program Files\Viewpoint
2005-04-15 21:35:50 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2005-04-15 21:35:45 ----A---- C:\WINDOWS\system32\msvcr71.dll
2005-04-13 14:08:51 ----HDC---- C:\WINDOWS\$NtUninstallKB893066$
2005-04-13 14:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB890923$
2005-04-13 14:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB893086$
2005-04-13 14:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2005-04-13 14:07:53 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803$
2005-04-07 13:41:02 ----D---- C:\WINDOWS\RegisteredPackages
2005-04-05 21:29:09 ----N---- C:\WINDOWS\Setup1.exe
2005-04-05 21:29:08 ----A---- C:\WINDOWS\ST6UNST.EXE
2005-03-31 14:11:32 ----D---- C:\Program Files\Common Files\xing shared
2005-03-31 14:11:29 ----AC---- C:\WINDOWS\system32\rmoc3260.dll
2005-03-31 14:11:22 ----A---- C:\WINDOWS\system32\pndx5032.dll
2005-03-31 14:11:22 ----A---- C:\WINDOWS\system32\pndx5016.dll
2005-03-31 14:11:21 ----AC---- C:\WINDOWS\system32\pncrt.dll
2005-03-31 14:11:19 ----D---- C:\Program Files\Real
2005-03-31 14:11:19 ----D---- C:\Program Files\Common Files\Real
2005-03-31 14:10:57 ----D---- C:\Documents and Settings\steve\Application Data\Real
2005-03-30 15:06:57 ----AC---- C:\WINDOWS\system32\ssprn32.dll
2005-03-30 15:06:56 ----AC---- C:\WINDOWS\system32\ffJmpWeb.dll
2005-03-30 15:06:55 ----AC---- C:\WINDOWS\system32\Vb5db.dll
2005-03-30 15:06:55 ----AC---- C:\WINDOWS\system32\Msjet35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msrepl35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\msrd2x35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msjter35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msjint35.dll
2005-03-29 17:32:39 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2005-03-28 20:34:11 ----D---- C:\Documents and Settings\steve\Application Data\Yahoo! Messenger
2005-03-27 20:51:55 ----D---- C:\Program Files\WinRAR
2005-03-27 16:35:10 ----AC---- C:\WINDOWS\winamp.ini
2005-03-26 21:55:01 ----AC---- C:\WINDOWS\OpPrintServer.INI
2005-03-26 21:52:32 ----D---- C:\Program Files\Canon
2005-03-26 21:46:19 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2005-03-26 21:46:18 ----A---- C:\WINDOWS\system32\ptpusd.dll
2005-03-26 20:53:16 ----A---- C:\WINDOWS\NeroDigital.ini
2005-03-26 15:34:51 ----HD---- C:\WINDOWS\PIF
2005-03-26 12:24:19 ----D---- C:\WINDOWS\Sun
2005-03-26 12:24:19 ----D---- C:\Documents and Settings\steve\Application Data\Sun
2005-03-25 23:19:05 ----A---- C:\WINDOWS\system32\sporder.dll
2005-03-25 23:14:09 ----D---- C:\Program Files\MSN Messenger
2005-03-25 23:06:03 ----D---- C:\Program Files\D-Tools
2005-03-25 23:00:06 ----D---- C:\Documents and Settings\steve\Application Data\Macromedia
2005-03-25 22:52:42 ----D---- C:\sj646
2005-03-25 22:27:12 ----AC---- C:\WINDOWS\system32\capicom.dll
2005-03-25 22:15:41 ----D---- C:\Program Files\Common Files\Symantec Shared
2005-03-25 19:17:02 ----AC---- C:\WINDOWS\UninstallFirefox.exe
2005-03-25 19:16:47 ----D---- C:\Documents and Settings\steve\Application Data\Mozilla
2005-03-25 19:16:44 ----D---- C:\Program Files\Mozilla Firefox
2005-03-25 19:11:32 ----D---- C:\Documents and Settings\steve\Application Data\Google
2005-03-25 17:04:46 ----D---- C:\Program Files\Common Files\SWF Studio
2005-03-25 17:03:51 ----D---- C:\Documents and Settings\steve\Application Data\Help
2005-03-25 17:03:06 ----D---- C:\Program Files\Microsoft.NET
2005-03-25 17:03:03 ----D---- C:\Program Files\Microsoft ActiveSync
2005-03-25 17:02:34 ----D---- C:\Program Files\Common Files\DESIGNER
2005-03-25 17:02:20 ----D---- C:\WINDOWS\system32\appmgmt
2005-03-25 17:02:12 ----D---- C:\WINDOWS\Downloaded Installations
2005-03-25 17:01:56 ----D---- C:\WINDOWS\InCD
2005-03-25 16:46:36 ----D---- C:\Config.Msi
2005-03-25 16:23:09 ----SHD---- C:\WINDOWS\CSC
2005-03-25 16:23:04 ----AC---- C:\WINDOWS\ntbtlog.txt
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ltkrn70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ltfil70n.DLL
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lftif70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfpng70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfpcx70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\Lfkodak.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfgif70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lffpx70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\Lffpx7.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lffax70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\LFCMP70n.DLL
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipeistor12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipebase12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipeapi12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\hpsj32.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\hpgreg32.dll
2005-03-25 15:01:14 ----RAC---- C:\WINDOWS\system32\hpgmatk.dll
2005-03-25 15:01:14 ----AC---- C:\WINDOWS\system32\hpsjvset.dll
2005-03-25 15:01:14 ----AC---- C:\WINDOWS\system32\hpgmastr.dll
2005-03-25 15:01:14 ----A---- C:\WINDOWS\system32\hpgmausd.dll
2005-03-24 21:46:35 ----AC---- C:\WINDOWS\system32\Iyvu9_32.dll
2005-03-24 21:46:35 ----AC---- C:\WINDOWS\system32\ir50_lcs.dll
2005-03-24 21:46:35 ----A---- C:\WINDOWS\system32\iacenc.dll
2005-03-24 21:46:28 ----AC---- C:\WINDOWS\system32\OLEMSG32.DLL
2005-03-24 21:46:28 ----AC---- C:\WINDOWS\system32\GAPI32.DLL
2005-03-24 21:46:23 ----D---- C:\Galleries
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTTWN80N.DLL
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTKRN80N.DLL
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTIMG80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LTFIL80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LTEFX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFTIF80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFMSP80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFLMB80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFLMA80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFFPX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFFAX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFCMP80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFCAL80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFBMP80N.DLL
2005-03-24 21:46:19 ----A---- C:\WINDOWS\system32\Scale_en.dll
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\SmtpX.DLL
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\MimeX.dll
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\EncodeX.dll
2005-03-24 21:45:35 ----C---- C:\WINDOWS\h263test.ini
2005-03-24 21:44:40 ----AC---- C:\WINDOWS\system32\inetwh32.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLPX.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLP6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLP5.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLM6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLM5.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLA6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPL.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\ijl15.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\Cpuinf32.dll
2005-03-24 21:43:58 ----AC---- C:\WINDOWS\wplog.txt
2005-03-24 21:43:57 ----D---- C:\Program Files\Web Publish
2005-03-24 21:43:53 ----A---- C:\WINDOWS\system32\LMRTREND.dll
2005-03-24 21:43:51 ----AC---- C:\WINDOWS\system32\wmpns.dll
2005-03-24 21:43:51 ----AC---- C:\WINDOWS\system32\dxtmsft3.dll
2005-03-24 21:43:50 ----A---- C:\WINDOWS\system32\unam4ie.exe
2005-03-24 21:43:48 ----AC---- C:\WINDOWS\system32\vidx16.dll
2005-03-24 21:43:48 ----AC---- C:\WINDOWS\system32\qcut.dll
2005-03-24 21:32:44 ----D---- C:\Program Files\Java
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\npplg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lttwn10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltthk10w.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltkrn10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltisi10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltimg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltfil10N.DLL
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltefx10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltdlg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\LTDIS10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltann10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfwmf10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lftif10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpsd10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpng10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpcd10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfgif10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\PLUGIN.DLL
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lffax10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\LFCMP10N.DLL
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfbmp10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfawd10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfavi10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\ioRdyRes.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\Iordy.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\ECircles.dll
2005-03-24 21:24:55 ----A---- C:\WINDOWS\system32\SfClientDLL.dll
2005-03-24 21:10:56 ----D---- C:\Program Files\OfficeUpdate11
2005-03-24 21:06:58 ----A---- C:\WINDOWS\system32\mdimon.dll
2005-03-24 21:05:41 ----D---- C:\WINDOWS\SHELLNEW
2005-03-24 20:49:59 ----AC---- C:\WINDOWS\ODBC.INI
2005-03-24 20:48:21 ----D---- C:\Program Files\Microsoft Office
2005-03-24 20:46:02 ----RHD---- C:\MSOCache
2005-03-24 19:27:02 ----N---- C:\Log.txt
2005-03-24 19:26:52 ----D---- C:\Program Files\Hewlett-Packard
2005-03-24 19:19:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2005-03-24 19:19:32 ----D---- C:\Program Files\Spybot - Search & Destroy
2005-03-24 19:19:21 ----AC---- C:\WINDOWS\system32\gcmd5query.dll
2005-03-24 19:19:05 ----D---- C:\Program Files\Microsoft AntiSpyware
2005-03-24 19:18:38 ----D---- C:\Documents and Settings\steve\Application Data\Lavasoft
2005-03-23 21:38:20 ----D---- C:\WINDOWS\system32\Adobe
2005-03-23 21:38:20 ----D---- C:\Program Files\Common Files\Adobe
2005-03-23 21:38:20 ----D---- C:\Program Files\Adobe
2005-03-23 21:38:20 ----D---- C:\Documents and Settings\steve\Application Data\Adobe
2005-03-23 21:38:15 ----A---- C:\WINDOWS\IsUninst.exe
2005-03-23 21:36:38 ----AC---- C:\WINDOWS\system32\TwnLib20.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\TwnLib4.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\ImagXRA7.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\ImagXR7.dll
2005-03-23 21:36:35 ----A---- C:\WINDOWS\system32\ImagXpr7.dll
2005-03-23 21:36:35 ----A---- C:\WINDOWS\system32\ImagX7.dll
2005-03-23 21:36:33 ----AC---- C:\WINDOWS\system32\picn20.dll
2005-03-23 21:36:28 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2005-03-23 21:35:46 ----N---- C:\WINDOWS\NuNinst.exe
2005-03-23 21:35:44 ----D---- C:\Program Files\Common Files\Ahead
2005-03-23 21:35:43 ----D---- C:\Program Files\Ahead
2005-03-23 21:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2005-03-23 21:34:21 ----D---- C:\Program Files\CyberLink
2005-03-23 21:34:12 ----HD---- C:\Program Files\InstallShield Installation Information
2005-03-23 21:34:12 ----D---- C:\Program Files\CyberLink DVD Solution
2005-03-23 21:28:17 ----D---- C:\WINDOWS\pss
2005-03-23 21:24:37 ----AC---- C:\WINDOWS\system32\wpa.bak
2005-03-23 21:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB887742$
2005-03-23 21:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB885250$
2005-03-23 21:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2005-03-23 21:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB888113$
2005-03-23 21:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB867282$
2005-03-23 21:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2005-03-23 21:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2005-03-23 21:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB890047$
2005-03-23 21:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2005-03-23 21:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2005-03-23 21:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB890175$
2005-03-23 21:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2005-03-23 21:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2005-03-23 21:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2005-03-23 21:03:53 ----A---- C:\WINDOWS\system32\spmsg.dll
2005-03-23 21:03:47 ----D---- C:\WINDOWS\nview
2005-03-23 20:56:04 ----HD---- C:\WINDOWS\$hf_mig$
2005-03-23 20:50:54 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2005-03-23 20:47:30 ----A---- C:\WINDOWS\system32\NVNFINST.DLL
2005-03-23 20:46:43 ----AC---- C:\WINDOWS\system32\ALut.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\OpenAL32.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvopenal.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvasio.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvack.dll
2005-03-23 20:46:40 ----A---- C:\WINDOWS\system32\ksuser.dll
2005-03-23 20:46:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2005-03-23 20:46:01 ----D---- C:\Program Files\Common Files\InstallShield
2005-03-23 20:44:14 ----D---- C:\Documents and Settings\steve\Application Data\Identities
2005-03-23 20:43:58 ----SHC---- C:\Documents and Settings\steve\Application Data\desktop.ini
2005-03-23 20:43:58 ----SD---- C:\Documents and Settings\steve\Application Data\Microsoft
2005-03-23 20:41:54 ----D---- C:\WINDOWS\SoftwareDistribution
2005-03-23 20:41:52 ----SD---- C:\WINDOWS\system32\Microsoft
2005-03-23 20:41:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2005-03-23 20:38:21 ----D---- C:\WINDOWS\system32\xircom
2005-03-23 20:38:21 ----D---- C:\Program Files\xerox
2005-03-23 20:38:21 ----D---- C:\Program Files\microsoft frontpage
2005-03-23 20:37:59 ----N---- C:\AUTOEXEC.BAT
2005-03-23 20:37:59 ----AC---- C:\WINDOWS\control.ini
2005-03-23 20:37:41 ----AC---- C:\WINDOWS\OEWABLog.txt
2005-03-23 20:37:37 ----A---- C:\WINDOWS\system32\mapi32.dll
2005-03-23 20:36:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2005-03-23 20:36:29 ----RD---- C:\WINDOWS\Offline Web Pages
2005-03-23 20:36:29 ----RAHC---- C:\WINDOWS\system32\logonui.exe.manifest
2005-03-23 20:36:21 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2005-03-23 20:36:16 ----HD---- C:\Program Files\WindowsUpdate
2005-03-23 20:35:50 ----D---- C:\WINDOWS\system32\DirectX
2005-03-23 20:35:26 ----AC---- C:\WINDOWS\system32\atrace.dll
2005-03-23 20:35:23 ----AC---- C:\WINDOWS\system32\desktop.ini
2005-03-23 20:35:23 ----A---- C:\WINDOWS\desktop.ini
2005-03-23 20:35:16 ----AC---- C:\WINDOWS\system32\nmevtmsg.dll
2005-03-23 20:35:14 ----D---- C:\Program Files\Common Files\Services
2005-03-23 20:35:14 ----AC---- C:\WINDOWS\system32\acctres.dll
2005-03-23 20:35:11 ----SD---- C:\WINDOWS\Tasks
2005-03-23 20:35:11 ----AC---- C:\WINDOWS\system32\icfgnt5.dll
2005-03-23 20:35:09 ----D---- C:\Program Files\Common Files\MSSoap
2005-03-23 20:35:05 ----D---- C:\WINDOWS\srchasst
2005-03-23 20:35:04 ----D---- C:\WINDOWS\system32\Macromed
2005-03-23 20:35:01 ----AC---- C:\WINDOWS\system32\wuweb.dll
2005-03-23 20:35:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wups.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wuaueng1.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wuaueng.dll
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauserv.dll
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauclt.exe
2005-03-23 20:34:59 ----AC---- C:\WINDOWS\system32\wuapi.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\qmgr.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2005-03-23 20:34:54 ----D---- C:\Program Files\Movie Maker
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrdm.dll
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2005-03-23 20:34:49 ----A---- C:\WINDOWS\system32\racpldlg.dll
2005-03-23 20:34:44 ----D---- C:\WINDOWS\system32\Restore
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\srsvc.dll
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\srrstr.dll
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\fltmc.exe
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\fltlib.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\srclient.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\ils.dll
2005-03-23 20:34:42 ----AC---- C:\WINDOWS\system32\mnmsrvc.exe
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\msconf.dll
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\mnmdd.dll
2005-03-23 20:34:39 ----D---- C:\Program Files\NetMeeting
2005-03-23 20:34:39 ----A---- C:\WINDOWS\system32\msoert2.dll
2005-03-23 20:34:39 ----A---- C:\WINDOWS\system32\msoeacct.dll
2005-03-23 20:34:38 ----A---- C:\WINDOWS\system32\inetres.dll
2005-03-23 20:34:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2005-03-23 20:34:35 ----D---- C:\Program Files\Outlook Express
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\schedsvc.dll
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\mstinit.exe
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\mstask.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\isign32.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\inetcfg.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\icwphbk.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\icwdial.dll
2005-03-23 20:34:27 ----D---- C:\Program Files\Common Files\System
2005-03-23 20:34:26 ----D---- C:\Program Files\Internet Explorer
2005-03-23 20:33:44 ----D---- C:\Program Files\ComPlus Applications
2005-03-23 20:33:41 ----AC---- C:\WINDOWS\vbaddin.ini
2005-03-23 20:33:41 ----AC---- C:\WINDOWS\vb.ini
2005-03-23 20:33:35 ----D---- C:\WINDOWS\Registration
2005-03-23 20:33:26 ----D---- C:\Program Files\Windows Media Player
2005-03-23 20:33:19 ----D---- C:\Program Files\Messenger
2005-03-23 20:33:15 ----D---- C:\Program Files\MSN Gaming Zone
2005-03-23 20:33:15 ----A---- C:\WINDOWS\system32\write.exe
2005-03-23 20:33:04 ----A---- C:\WINDOWS\system32\sndvol32.exe
2005-03-23 20:33:04 ----A---- C:\WINDOWS\system32\hticons.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avwav.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avtapi.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avmeter.dll
2005-03-23 20:33:02 ----A---- C:\WINDOWS\system32\winchat.exe
2005-03-23 20:32:54 ----AC---- C:\WINDOWS\system32\getuname.dll
2005-03-23 20:32:54 ----A---- C:\WINDOWS\system32\charmap.exe
2005-03-23 20:32:54 ----A---- C:\WINDOWS\system32\calc.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\winmine.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\sol.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\mshearts.exe
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\usrlogon.cmd
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\tslabels.ini
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\rdpcfgex.dll
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tskill.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tscon.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\shadow.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\rwinsta.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\reset.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\regini.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\freecell.exe
2005-03-23 20:32:51 ----AC---- C:\WINDOWS\system32\msdtcprf.ini
2005-03-23 20:32:51 ----AC---- C:\WINDOWS\system32\cdmodem.dll
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\qwinsta.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\msg.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\logoff.exe
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxex.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\comrepl.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2005-03-23 20:32:49 ----A---- C:\WINDOWS\system32\stclient.dll
2005-03-23 20:32:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2005-03-23 20:32:44 ----AC---- C:\WINDOWS\system32\wmimgmt.msc
2005-03-23 20:32:31 ----D---- C:\Program Files\MSN
2005-03-23 20:32:30 ----AC---- C:\WINDOWS\system32\accwiz.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2005-03-23 20:32:28 ----D---- C:\Program Files\Windows NT
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\spider.exe
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2005-03-23 20:32:26 ----AC---- C:\WINDOWS\system32\sessmgr.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2005-03-23 20:32:25 ----D---- C:\WINDOWS\system32\MsDtc
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2005-03-23 20:32:23 ----AC---- C:\WINDOWS\system32\msdtc.exe
2005-03-23 20:32:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2005-03-23 20:32:22 ----D---- C:\WINDOWS\system32\Com
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\colbact.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrv.dll
2005-03-23 20:32:21 ----A---- C:\WINDOWS\system32\comuid.dll
2005-03-23 20:32:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2005-03-23 20:32:20 ----A---- C:\WINDOWS\system32\clbcatq.dll
2005-03-23 20:32:13 ----AC---- C:\WINDOWS\system32\licwmi.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\servdeps.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\mmfutil.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\cmprops.dll
2005-03-23 12:31:04 ----AC---- C:\WINDOWS\system32\h323log.txt
2005-03-23 12:25:55 ----SHC---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2005-03-23 12:25:50 ----RAC---- C:\WINDOWS\SET2B.tmp
2005-03-23 12:25:47 ----RAC---- C:\WINDOWS\SET1F.tmp
2005-03-23 12:25:45 ----RAC---- C:\WINDOWS\SET1C.tmp
2005-03-23 12:25:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2005-03-23 12:25:02 ----D---- C:\WINDOWS\Minidump
2005-03-23 12:22:21 ----AC---- C:\WINDOWS\system32\nv4_disp.dll
2005-03-23 12:22:00 ----A---- C:\WINDOWS\system32\usbui.dll
2005-03-23 12:20:45 ----A---- C:\WINDOWS\imsins.BAK
2005-03-23 12:20:42 ----SHD---- C:\WINDOWS\Installer
2005-03-23 12:20:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2005-03-23 12:20:41 ----D---- C:\Program Files\Common Files\ODBC
2005-03-23 12:20:41 ----AC---- C:\WINDOWS\ODBCINST.INI
2005-03-23 12:20:38 ----D---- C:\Program Files\Common Files\SpeechEngines
2005-03-23 12:20:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2005-03-23 12:20:37 ----D---- C:\Program Files\Common Files
2005-03-23 12:20:37 ----AD---- C:\Program Files
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdtuq.dll
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdtuf.dll
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdazel.dll
2005-03-23 12:20:32 ----RAC---- C:\WINDOWS\system32\kbdmon.dll
2005-03-23 12:20:32 ----RAC---- C:\WINDOWS\system32\kbdkyr.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdycc.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbduzb.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdur.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdtat.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdru1.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdru.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdkaz.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdbu.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdblr.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdaze.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhept.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhela2.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhe220.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdgkl.dll
2005-03-23 12:20:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2005-03-23 12:20:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2005-03-23 12:20:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlv1.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlv.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlt1.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlt.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdest.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdycl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdsl1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdsl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdro.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdpl1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdpl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdhu1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdhu.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz2.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcr.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\KBDAL.DLL
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\spxcoins.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\irclass.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\EqnClass.Dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\dgsetup.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\dgrpsetu.dll
2005-03-23 12:20:18 ----AC---- C:\WINDOWS\TASKMAN.EXE
2005-03-23 12:20:18 ----AC---- C:\WINDOWS\system32\CONFIG.TMP
2005-03-23 12:20:18 ----A---- C:\WINDOWS\system32\batt.dll
2005-03-23 12:20:17 ----A---- C:\WINDOWS\notepad.exe
2005-03-23 12:20:16 ----A---- C:\WINDOWS\system32\storprop.dll
2005-03-23 12:20:02 ----RAC---- C:\WINDOWS\SET8.tmp
2005-03-23 12:19:59 ----RAC---- C:\WINDOWS\SET4.tmp
2005-03-23 12:19:57 ----RAC---- C:\WINDOWS\SET3.tmp
2005-03-23 12:19:51 ----D---- C:\WINDOWS\system32\CatRoot2
2005-03-23 12:19:51 ----D---- C:\WINDOWS\system32\CatRoot
2005-03-23 12:19:23 ----AC---- C:\WINDOWS\setuplog.txt
2005-03-23 12:19:20 ----D---- C:\Documents and Settings
2005-03-23 12:19:19 ----SHD---- C:\System Volume Information
2005-03-23 12:18:34 ----SH---- C:\boot.ini
2005-03-23 12:11:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2005-03-23 12:11:33 ----RSD---- C:\WINDOWS\Fonts
2005-03-23 12:11:33 ----RD---- C:\WINDOWS\Web
2005-03-23 12:11:33 ----HD---- C:\WINDOWS\inf
2005-03-23 12:11:33 ----D---- C:\WINDOWS\WinSxS
2005-03-23 12:11:33 ----D---- C:\WINDOWS\twain_32
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Temp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\wins
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\wbem
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\usmt
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\spool
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ShellExt
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\Setup
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ras
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\oobe
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\npp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\mui
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\inetsrv
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\IME
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\icsxml
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ias
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\export
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\drivers
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\dhcp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\config
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\3com_dmi
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\3076
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\2052
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1054
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1042
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1041
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1037
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1033
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1031
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1028
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1025
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system
2005-03-23 12:11:33 ----D---- C:\WINDOWS\security
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Resources
2005-03-23 12:11:33 ----D---- C:\WINDOWS\repair
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Provisioning
2005-03-23 12:11:33 ----D---- C:\WINDOWS\PeerNet
2005-03-23 12:11:33 ----D---- C:\WINDOWS\pchealth
2005-03-23 12:11:33 ----D---- C:\WINDOWS\mui
2005-03-23 12:11:33 ----D---- C:\WINDOWS\msapps
2005-03-23 12:11:33 ----D---- C:\WINDOWS\msagent
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Media
2005-03-23 12:11:33 ----D---- C:\WINDOWS\java
2005-03-23 12:11:33 ----D---- C:\WINDOWS\ime
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Help
2005-03-23 12:11:33 ----D---- C:\WINDOWS\ehome
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Driver Cache
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Debug
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Cursors
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Connection Wizard
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Config
2005-03-23 12:11:33 ----D---- C:\WINDOWS\AppPatch
2005-03-23 12:11:33 ----D---- C:\WINDOWS\addins
2005-03-23 12:11:33 ----D---- C:\WINDOWS
2005-02-03 19:59:48 ----A---- C:\WINDOWS\system32\metaflac.exe
2005-02-03 19:59:44 ----A---- C:\WINDOWS\system32\flac.exe
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdtrace.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdsp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtpus.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtpdr.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdconns.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpd_ci.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMVADVE.DLL
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wmpsrcwp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wmpencen.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMDRMNet.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMDRMdev.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wdfmgr.exe
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wdfapi.dll
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\wmvadvd.dll
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\uwdf.exe
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\Audiodev.dll
2005-01-18 01:07:18 ----A---- C:\WINDOWS\opuc.dll
2004-12-14 08:07:46 ----AC---- C:\WINDOWS\system32\hpotiop.dll
2004-12-14 08:07:46 ----A---- C:\WINDOWS\system32\hpgwiamd.dll
2004-12-14 08:07:44 ----AC---- C:\WINDOWS\system32\hpzcon12.dll
2004-12-14 08:07:44 ----AC---- C:\WINDOWS\system32\hpzcoi12.dll
2004-12-14 08:07:42 ----A---- C:\WINDOWS\system32\HPZc3212.dll
2004-10-11 14:37:16 ----AC---- C:\WINDOWS\system32\NVCOAD.DLL
2004-09-06 12:56:54 ----ASC---- C:\WINDOWS\system32\archlib.dll
2004-08-22 17:04:56 ----AC---- C:\WINDOWS\daemon.dll
2004-08-19 23:26:54 ----AC---- C:\WINDOWS\Twunk_32.dll
2004-08-19 23:26:54 ----AC---- C:\WINDOWS\Twunk_16.dll
2004-08-04 04:00:00 ----RSH---- C:\NTDETECT.COM
2004-08-04 04:00:00 ----RC---- C:\WINDOWS\system32\rsop.msc
2004-08-04 04:00:00 ----RC---- C:\WINDOWS\system32\perfmon.msc
2004-08-04 04:00:00 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\riched32.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\oleaut32.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\msvcrt40.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\expsrv.dll
2004-08-04 04:00:00 ----C---- C:\WINDOWS\system32\comcat.dll
2004-08-04 04:00:00 ----C---- C:\WINDOWS\system32\asycfilt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\winhelp.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\vmmreg32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twunk_32.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twunk_16.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twain.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\xenroll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshnetbs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshisn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshatm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowexec.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmvdmoe2.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmspdmoe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmsdmoe2.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmploc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpdxm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpcore.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpcd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmiscmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmiprop.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmidx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmerrenu.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmadmoe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winstrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winnls.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winfax.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wifeman.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\webhits.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\webcheck.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\w32topl.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vwipxspx.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vwipxspx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vssvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vss_ps.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vjoy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vga64k.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vga256.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vfpodbc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ver.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vcdex.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\userinit.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ureg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ups.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\umdmxfrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ufat.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tsd32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tlntsvr.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tcpmon.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapiui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapiperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\t2embed.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sysinv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sysedit.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\swprv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\svcpack.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sqlwoa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sqlwid.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprestrt.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\spoolsv.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\softpub.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\smlogsvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\slbrccsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\slbcsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sisbkup.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\share.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sfmapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sfcfiles.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\setver.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\setupdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\serwvdrv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\services.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\serialui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\senscfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\secpol.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sdpblb.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scriptpw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scredir.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sclgntfy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sccbase.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scardsvr.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scardssp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rundll32.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rtm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvpperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvpmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvp.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvp.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsfsaps.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rpcns4.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\routetab.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rnr20.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rend.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasser.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasrad.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasmxs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasmontr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasctrs.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasctrs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\qosname.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pubprn.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\psnppagn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pschdprf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pschdprf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prodspec.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnqctl.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnport.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnmngr.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnjobs.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prndrvr.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prncnfg.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prflbmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\plustab.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pifmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfwci.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfts.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfos.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfnw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perffilt.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfci.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\panmap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pagefileconfig.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\oleaccrc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\oleacc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\odbc16gt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwevent.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwcfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwapi16.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nw16.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntvdm.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsoprq.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsevt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntlanui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntdsbcli.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\notepad.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nlsfunc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\neth.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netevent.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netdde.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ncxpnt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\narrhook.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msxml2r.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvfw32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvcrt20.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvcp50.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvbvm60.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvbvm50.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msswch.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mssip32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mssign32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\MSSCP.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrecr40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrclr40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrating.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msratelc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msr2cenu.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msr2c.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msports.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mspatcha.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msobjs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msnetobj.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msiexec.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mshtmler.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msencode.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mscat32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msaudite.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msaatext.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqperf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqgentr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqcertui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprddm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\modex.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmutilse.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmdrv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmcshext.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_qic.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_mtf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_hp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mfc40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mem.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mdhcp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mciole32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mciole16.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mchgrcoi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mcdsrv32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mcd32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mapistub.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mag_hook.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lzexpand.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lusrmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lprmonui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\logonui.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\login.cmd
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\loghours.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\locator.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\loadfix.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\licdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\laprxy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\langwrbk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\krnl386.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusl.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdus.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbduk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdpo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdno.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdne.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdmac.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdla.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdit142.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdit.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdir.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdic.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgr1.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgae.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdes.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbddv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdda.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdcan.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdca.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbene.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kb16.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jobexec.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgsh400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgsd400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgmd400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgaw400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jet500.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iuengine.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxsap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxrtmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxrip.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxpromn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxmontr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iprtprio.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iprop.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iologmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\infosoft.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\inetcplc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\imapi.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iissuba.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ifsutil.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ieakui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassvcs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassdo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassam.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasrecst.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iaspolcy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasnap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iashlpr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasads.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasacct.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\hnetmon.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\hhsetup.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\graphics.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gpedit.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\glmf32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gdi.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gcdef.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ftsrch.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fsusd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fsmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fmifs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fastopen.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\exe2bin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventvwr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventquery.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventcls.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eula.txt
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esentprf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esentprf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esent97.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\es.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\edlin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\edit.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\duser.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dsauth.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ds16gt.dLL
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drwatson.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drmv2clt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drmstor.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpwsock.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpserial.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpnwsock.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpnmodem.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dplay.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpcdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmocx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmintf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmdskres.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmconfig.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmadmin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dllhost.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\diskmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dimap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\diactfrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dhcpsapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\devmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\debug.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dbnetlib.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dxof.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3drm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dpmesh.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dim.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\csseqchk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\crtdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\console.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\compmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\command.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cnvfat.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cnetcfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cmpbk32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\clipsrv.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\clb.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cisvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ciadv.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ciadmin.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cfgmgr32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cewmdm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\certmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ccfgnt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\blackbox.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\autodisc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\autochk.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atmpvcno.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atmfd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atkctrs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\asferror.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\append.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\apcups.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\alg.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\advpack.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\adsnds.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\adptif.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\aaaamon.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\6to4svc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\msdfmap.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\winhlp32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\win.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\twain_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpob2res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xcopy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xactsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wstdecod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshrm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wship6.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshcon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshbth.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsecedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscntfy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wpabaln.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wow32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmvcore.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmstream.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmpshell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmpasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmerror.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\WMDMPS.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\WMDMLOG.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmadmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wlnotify.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wldap32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wkssvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winver.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wintrust.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsta.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winspool.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsock.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winshfhc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winscard.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winrnr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winntbbu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winmsd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winmm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winlogon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winipsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wininet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winhttp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winhlp32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winbrand.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win87em.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win32spl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiavusd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiavideo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiashext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiaservc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiascr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiadss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiadefui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wextract.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\webvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\webclnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wdigest.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wavemsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w3ssl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w32tm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w32time.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vssapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vssadmin.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vga.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\version.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\verifier.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\verifier.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vdmredir.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vbajet32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\uxtheme.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\utilman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\utildll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usp10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\userenv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\user32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\user.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usbmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\url.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnpui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnphost.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnpcont.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\untfs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\unlodctr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\uniplat.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\unimdmat.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\umandlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ulib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\udhisapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\typeperf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\typelib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\txflog.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\twext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tsddd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\trkwks.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tree.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\traffic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracert6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracert.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracerpt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tourstart.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\toolhelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntsess.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\themeui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tftp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\termmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\telnet.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tasklist.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskkill.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapisrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapi3.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\systray.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\systeminfo.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syssetup.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syskey.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syncui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\synceng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syncapp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sxs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\svchost.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\subst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\strmfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\strmdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\storage.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\stobject.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\stimon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sti_ci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sti.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\srvsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spoolss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spnpinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spiisupd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sort.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\snmpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smss.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smbinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\slbiop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\slayerxp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\skeys.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\skdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sigverif.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sigtab.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shutdown.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shsvcs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shscrap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shrpubw.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shmgrate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shmedia.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shlwapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shimgvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shimeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shgina.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shfolder.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shellstyle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shell32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shdocvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shdoclc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc_os.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\setupapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\setup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sethc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\services.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sensapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sens.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sendmail.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\security.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\secur32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\seclogon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\secedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sdbinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scrrun.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scrobj.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\schtasks.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\schannel.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scesrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scecli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sccsccp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scarddlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sbeio.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sbe.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\savedump.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\samsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\samlib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\runonce.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\runas.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtutils.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtcshare.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsopprov.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsnotify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmui.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmsink.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmps.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rshx32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsaenh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rpcss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\routemon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\route.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\riched20.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rexec.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\resutils.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\replace.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\relog.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regwizc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regwiz.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regsvr32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regedt32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\reg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\redir.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\recover.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rdpdd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcimlby.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rastls.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rastapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rassapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasppp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasphone.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasmans.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasdial.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\raschap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasautou.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasauto.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\query.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\quartz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qedwipes.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qdvd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qdv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qcap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pstorec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\psbase.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\psapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\proxycfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\proquota.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\progman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\profmap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\printui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\print.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\powrprof.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\powercfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\polstore.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pngfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pmspl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ping6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ping.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pidgen.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\photowiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfproc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfmon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfdisk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfctrs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pentnt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pdh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pautoenr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pathping.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\packager.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2psvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2p.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osuninst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osuninst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osk.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\opengl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\openfiles.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olethk32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olesvr32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olesvr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olepro32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oleprn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oledlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecnv32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecli32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2nls.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2disp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\offfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odtext32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odpdx32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odfox32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odexl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oddbse32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbctrac.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcji32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcint.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccu32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccr32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccp32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcconf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcconf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcad32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbc32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ocmanage.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\occache.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\objsel.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oakley.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwwks.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwprovau.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntshrui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntsd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntprint.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmarta.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlanman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntbackup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nslookup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\npptools.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nlhtml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\newdev.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui0.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netstat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netshell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netsh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netrap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netplwiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netlogon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netcfgx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\net1.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\net.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddenb32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddeapir.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddeapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nbtstat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\narrator.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mydocs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mycomput.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mtxclu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxmlr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml3r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml3.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxbde40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswstr10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswsock.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MSWMDM.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswdat10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msw3prt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvideo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvidctl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvidc32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcp60.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcirt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msutb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstext40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msswchx.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mssap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrle32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrepl40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msprivs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MsPMSP.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mspbde40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msorcl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msorc32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msnsspc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msltus40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msls31.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mslbui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjtes40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjter40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjint40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjet40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msisip.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimtf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimsg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msihnd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msieftp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msidntld.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msidle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msident.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshtmled.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshtml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshta.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msgsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msgina.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msftedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msexcl40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msexch40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdmo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdart.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdadiag.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msctfp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msctf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscms.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msasn1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msapsspc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msafd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msacm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msacm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mrinfo.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqtrig.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsvc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqqm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqoa.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqise.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqdscli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqbkup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqad.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mprdim.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mprapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpnotify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mountvol.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\moricons.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\more.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\modemui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mode.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mobsync.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mobsync.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmsystem.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmcbase.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mlang.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mimefilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\migpwd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\miglibnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\midimap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc42u.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc42.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc40u.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mf3216.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mdminst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciwave.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciseq.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mcicda.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciavi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mcastmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\makecab.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\magnify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lz32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lsass.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lprhelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpq.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\logman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\logagent.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lodctr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localspl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\loadperf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lnkstub.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lmrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\linkinfo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lights.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\licmgr10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\label.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\keymgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kernel32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kerberos.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kdcom.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kd1394.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdukx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdno1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdnec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinben.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jsproxy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jgpl400.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jgdw400.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ixsso.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\itss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\itircl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir32_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipxwan.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipxroute.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipv6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsec6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ippromon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipmontr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipconfig.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inseng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\input.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\initpki.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetppui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetpp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetmib1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imgutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imeshare.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imagehlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ifmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iexpress.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iesetup.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iernonce.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieencode.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieaksie.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieakeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\idq.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icmui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icmp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iccvid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iasrad.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\htui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\httpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hotplug.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hostname.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hlink.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\help.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hccoin.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\HAL.DLL
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\h323msp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\grpconv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\graftabl.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpupdate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gptext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpresult.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\glu32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\getmac.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gdi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fwcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ftp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fsutil.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fsquirt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\framebuf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\format.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\forcedos.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontview.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontsub.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fixmapi.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\finger.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\findstr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\find.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\filemgmt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\feclient.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fdeploy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fde.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\faultrep.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\exts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\extrac32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\extmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\expand.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventvwr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventlog.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventcreate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eudcedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\esentutl.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\esent.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ersvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\encdec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\encapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\els.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\efsadu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxtrans.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxmasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxdiag.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dx8vb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dx7vb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dwwin.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dumprep.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dswave.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsuiext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dssenh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dssec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsquery.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsprpres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsprop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsound3d.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsound.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dskquoui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dskquota.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsdmo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ds32gt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drprov.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drmclien.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\driverquery.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvvox.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvoice.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvacm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dplayx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dosx.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\doskey.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\docprop2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\docprop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dnsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmusic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmsynth.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmstyle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmserver.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmremote.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmloader.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmcompos.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmband.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dispex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskperf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskpart.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcopy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcopy.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcomp.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dinput8.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dinput.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\digest.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diantz.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dgnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrg.msc
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\devmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\devenum.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskperf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskadp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\defrag.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddrawex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddraw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddeshare.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddeml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dciman32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbghelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbgeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\davclnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\datime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dataclen.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\danim.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3dramp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3dim700.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d9.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d8.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ctfmon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\csrss.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\csrsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\crypt32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\credui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\corpol.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\convert.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\control.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\conime.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\confmsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compstui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compobj.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compatui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compact.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\commdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comdlg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comctl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmstp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmmon32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmdl32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmdial32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\clusapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cliconfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cliconfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ckcnv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cipher.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ciodm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cidaemon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chkntfs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chkdsk.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chcp.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\certmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\certcli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdosys.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdfview.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cards.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\capesnpn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\camocx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cacls.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cabview.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cabinet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\btpanui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bthserv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bthci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browsewm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browseui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browser.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browselc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootvid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootok.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootcfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\blastcln.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bidispl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\batmeter.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\basesrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avifile.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avifil32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avicap32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avicap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autolfn.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autofmt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autoconv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\authz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\auditusr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\audiosrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\attrib.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atmlib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atmadm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\at.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\arp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\appmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\appmgmts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\apphelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\amstream.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\alrsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ahui.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\advapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsnw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsmsext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsldpc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsldp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\admparse.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\actxprxy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\actmovie.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\activeds.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\aclui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\acledit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\regedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\hh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\explorer.exe
2004-08-03 16:56:48 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2004-08-03 16:56:48 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2004-08-03 16:56:46 ----AC---- C:\WINDOWS\system32\pid.dll
2004-08-03 16:56:46 ----A---- C:\WINDOWS\system32\pjlmon.dll
2004-08-03 16:56:46 ----A---- C:\WINDOWS\system32\msyuv.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\hid.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\dmutil.dll
2004-08-03 16:56:42 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2004-08-03 14:59:00 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2004-06-14 14:56:26 ----AC---- C:\WINDOWS\system32\XceedZip.dll
2004-06-11 13:27:32 ----RAC---- C:\WINDOWS\system32\HPODXPAT.DLL
2003-11-19 14:59:36 ----AC---- C:\WINDOWS\system32\XceedCry.dll
2003-08-04 23:28:34 ----AC---- C:\WINDOWS\system32\RTCRES.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrszht.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrszhc.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrstr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssv.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssk.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsru.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsptb.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrspt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrspl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsno.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsnl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsko.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsja.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsit.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrshu.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrshe.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsfr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsfi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsesm.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrses.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrseng.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsel.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsde.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsda.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrscs.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsar.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwddi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvsvc32.exe
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrszht.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrszhc.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrstr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssv.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssk.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsru.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsptb.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrspt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrspl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsno.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsnl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsko.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsja.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsit.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrshu.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrshe.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsfr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsfi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsesm.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrses.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrseng.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsel.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsde.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsda.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrscs.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsar.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvoglnt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvmctray.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nviewimg.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nview.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvinstnt.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\keystone.exe
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\dmcpl.exe
2003-04-18 15:29:26 ----A---- C:\WINDOWS\system32\msxml4r.dll
2003-03-18 21:19:59 ----A---- C:\WINDOWS\system32\MFC71.dll
2003-03-18 21:14:52 ----RA---- C:\WINDOWS\system32\msvcp71.dll
2003-03-18 20:44:38 ----AC---- C:\WINDOWS\system32\MFC71KOR.DLL
2003-03-18 20:44:38 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71ITA.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71ESP.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71CHT.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71CHS.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71JPN.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71FRA.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71DEU.DLL
2003-03-18 20:05:50 ----RA---- C:\WINDOWS\system32\atl71.dll
2003-03-18 13:12:12 ----AC---- C:\WINDOWS\system32\mfc71u.dll
2003-01-07 15:05:08 ----AC---- C:\WINDOWS\system32\OUTLPERF.INI
2002-08-21 05:13:12 ----A---- C:\WINDOWS\system32\WISPTIS.EXE
2002-08-21 05:10:16 ----A---- C:\WINDOWS\system32\INKED.DLL
2002-07-10 07:54:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2002-01-04 20:48:16 ----AC---- C:\WINDOWS\system32\mfc70.dll
2002-01-04 20:36:38 ----AC---- C:\WINDOWS\system32\mfc70u.dll
2002-01-04 19:40:20 ----AC---- C:\WINDOWS\system32\msvcp70.dll
2002-01-04 19:38:38 ----AC---- C:\WINDOWS\system32\msvci70.dll
2002-01-04 19:37:28 ----AC---- C:\WINDOWS\system32\msvcr70.dll
2002-01-04 18:18:20 ----AC---- C:\WINDOWS\system32\atl70.dll
2002-01-01 11:50:17 ----AD---- C:\Program Files\Norton Support
2002-01-01 07:37:57 ----D---- C:\rsit
2002-01-01 07:34:38 ----D---- C:\Avenger
2002-01-01 07:34:38 ----A---- C:\avenger.txt
2002-01-01 07:23:35 ----D---- C:\Documents and Settings\steve\Application Data\Malwarebytes
2002-01-01 07:23:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2002-01-01 07:23:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2002-01-01 00:00:43 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2001-12-31 23:25:42 ----A---- C:\WINDOWS\wininit.ini
2001-12-31 23:14:29 ----A---- C:\WINDOWS\system32\ztwanl.dll
2001-12-31 23:14:28 ----A---- C:\WINDOWS\system32\uprvyogr.dll
2001-12-31 23:13:44 ----ASH---- C:\WINDOWS\system32\isxaiadn.ini
2001-12-31 23:09:19 ----AC---- C:\WINDOWS\system32\fb5df800-.txt
2001-12-31 23:07:34 ----A---- C:\WINDOWS\system32\xgsvqn.dll
2001-12-31 23:07:33 ----A---- C:\WINDOWS\system32\sjqjhvuc.dll
2001-12-31 23:07:20 ----A---- C:\WINDOWS\system32\xzhpuq.dll
2001-12-31 23:07:20 ----A---- C:\WINDOWS\system32\prasennd.dll
2001-12-31 23:02:51 ----A---- C:\WINDOWS\system32\scdwmdus.dll
2001-12-31 23:02:12 ----A---- C:\WINDOWS\system32\uqlelfwo.dll

======List of files/folders modified in the last 1 months======

2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowfaxui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowfax.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrvpa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrvoica.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrv80a.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrv42a.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrsvpia.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrsdpia.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrrtosa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrlbva.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrfaxa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrdtea.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrdpa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrcoina.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrcntra.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprio800.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprio600.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\spnike.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\paqsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mdwmdmsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrshuta.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrprbda.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\streamci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dvdplay.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-22 80896]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2006-11-17 15360]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-21 35888]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
S1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\ccHPx86.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys []
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
S1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SRTSPX.SYS []
S1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMTDI.SYS []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-16 16512]
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2005-05-02 8413]
S2 Parclass;Parclass; C:\WINDOWS\System32\Drivers\Parclass.sys [2000-04-04 19824]
S2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2001-09-26 285088]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 ICAM3NT5;Intel® PC Camera CS331; C:\WINDOWS\System32\Drivers\ICAM3D2.SYS [2001-12-03 145184]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.023\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.023\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
S3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-10-22 53376]
S3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-10-22 413824]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-05-27 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SRTSP.SYS []
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2006-02-09 71368]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMDNS.SYS []
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMFW.SYS []
S3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMIDS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-21 35888]
S3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMNDIS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S2 Adobe Version Cue CS2;Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [2005-04-04 163840]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
S2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [2008-10-21 115560]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-07-28 77824]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-07-01 68096]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-04-27 49241]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-04-27 69718]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2000-11-30 57344]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-04-27 53337]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 WinDefend;Windows Defender Service; C:\Program Files\Windows Defender\MsMpEng.exe [2006-04-03 14032]

-----------------EOF-----------------







RSIT info file:
info.txt logfile of random's system information tool 1.04 2002-01-01 07:38:34

======Uninstall list======

-->"C:\Program Files\Intel\Createshare\Inetcam\uninstall.exe" /s
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->msiexec /i {46548E80-0409-0000-7E8A-45000F855001}
-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpfull.inf,WebPostUninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe ActiveShare 1.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3C7CA81-27EB-11D4-A59C-00E02C071F5C}\setup.exe" UNINSTALL
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2-->C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=c:\program files\bitcomet\downloads\adobe.cs2.tda.repack.to.dvd\adobe_cs2\adobe creative suite 2.0/lang=0409
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop Album 2.0 Starter Edition-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{47813E93-F2A0-484A-838E-47EC1B28D190}
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
BitComet 1.04-->C:\Program Files\BitComet\uninst.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon PhotoRecord-->MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
ConvertXtoDVD 2.0.9-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
CS5-->"C:\Program Files\Common Files\Intel Shared\IP Video Telephony\Setup.exe" uninstall webclient clientid="CS5" clientpath="C:\Program Files\Intel\Createshare\VideoPhone\" inf="VSDKWSetup.inf"
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
FLAC Installer 1.1.2a (remove only)-->C:\Program Files\FLAC\uninstall.exe
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Extended Capabilities 4.7-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Express-->MsiExec.exe /X{8F7A4D82-B168-4F89-99C2-B9873EC877AF}
HP PrecisionScan LTX-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\Uninst.isu" -c"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\HPUninstallIs.dll"
HP Share-to-Web-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" -uninst
HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Intel® Video Phone-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68DC5968-0278-11D5-8EAA-00062973342B}\setup.exe"
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Last.fm 1.5.1.30182-->"C:\Program Files\Last.fm\unins000.exe"
LimeWire 4.8.1-->"C:\Program Files\LimeWire\uninstall.exe"
Macromedia Flash MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\16.0.0.125\InstStub.exe /X
NVIDIA Drivers-->C:\WINDOWS\system32\nvuaudio.exe UninstallGUI
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
NVIDIA Windows 2000/XP nForce Drivers-->rundll32.exe C:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
OpenMG AAC Add-on Module 1.0.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3} UNINSTALL
OpenMG Limited Patch 4.5-06-05-12-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.5-06-05-12-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.5.01-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{3633BA28-67CE-4AC8-A677-3406CA84C3D8} UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Smart WAV Converter-->"C:\Program Files\Smart WAV Converter\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Suite Specific-->MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
TVUPlayer 2.3.7.1-->C:\Program Files\TVUPlayer\uninst.exe
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.4a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Manager (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
VNC Free Edition 4.1.1-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Defender Signatures-->MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Defender-->MsiExec.exe /I{B2D7CE29-614A-4ACC-8BFE-009EB3A244C9}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: Norton AntiVirus
FW: ZoneAlarm Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
"tvdumpflags"=8
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

#10 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 29 October 2008 - 04:46 AM

1. Please open Notepad
  • Click Start , then Run
  • type in notepad in the Run Box then hit ok.
2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
:\WINDOWS\system32\ztwanl.dll
C:\WINDOWS\system32\uprvyogr.dll
C:\WINDOWS\system32\isxaiadn.ini
C:\WINDOWS\system32\fb5df800-.txt
C:\WINDOWS\system32\xgsvqn.dll
C:\WINDOWS\system32\sjqjhvuc.dll
C:\WINDOWS\system32\xzhpuq.dll
C:\WINDOWS\system32\prasennd.dll
C:\WINDOWS\system32\scdwmdus.dll
C:\WINDOWS\system32\uqlelfwo.dll

Registry::
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB9094"=-
"SpybotDeletingD8143"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=""


3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new HijackThis log.

Edited by kahdah, 29 October 2008 - 05:06 AM.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#11 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 29 October 2008 - 10:50 PM

ComboFix log:

ComboFix 08-10-27.03 - steve 2008-10-29 20:37:48.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.327 [GMT -7:00]
Running from: C:\Documents and Settings\steve\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\steve\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
:\WINDOWS\system32\ztwanl.dll
C:\WINDOWS\system32\fb5df800-.txt
C:\WINDOWS\system32\isxaiadn.ini
C:\WINDOWS\system32\prasennd.dll
C:\WINDOWS\system32\scdwmdus.dll
C:\WINDOWS\system32\sjqjhvuc.dll
C:\WINDOWS\system32\uprvyogr.dll
C:\WINDOWS\system32\uqlelfwo.dll
C:\WINDOWS\system32\xgsvqn.dll
C:\WINDOWS\system32\xzhpuq.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\fb5df800-.txt
C:\WINDOWS\system32\isxaiadn.ini
C:\WINDOWS\system32\prasennd.dll
C:\WINDOWS\system32\scdwmdus.dll
C:\WINDOWS\system32\sjqjhvuc.dll
C:\WINDOWS\system32\uprvyogr.dll
C:\WINDOWS\system32\uqlelfwo.dll
C:\WINDOWS\system32\xgsvqn.dll
C:\WINDOWS\system32\xzhpuq.dll

.
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-30 )))))))))))))))))))))))))))))))
.

2008-10-27 22:46 . 2008-10-27 22:47 24,608 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-27 22:46 . 2008-10-27 22:46 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-24 22:55 . 2008-10-25 06:16 <DIR> d-------- C:\Documents and Settings\steve\.housecall6.6
2008-10-24 22:35 . 2008-10-24 22:35 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-10-23 22:20 . 2008-10-23 22:20 <DIR> d-------- C:\Program Files\ZoneAlarmSB
2008-10-23 22:13 . 2008-10-23 22:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
2008-10-23 22:13 . 2008-07-09 09:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-10-23 22:13 . 2008-10-23 22:21 4,212 --ah----- C:\WINDOWS\system32\zllictbl.dat
2008-10-23 22:10 . 2008-10-23 22:13 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2008-10-23 22:10 . 2008-10-23 22:10 <DIR> d-------- C:\Program Files\Zone Labs
2008-10-23 22:10 . 2008-07-09 09:05 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-10-23 22:10 . 2002-01-01 01:47 352,918 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-10-23 22:07 . 2008-10-29 20:35 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-10-23 22:00 . 2008-10-24 22:34 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-22 23:21 . 2008-10-22 23:21 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-21 23:03 . 2008-10-21 22:54 35,888 -ra--c--- C:\WINDOWS\system32\drivers\SymIM.sys
2008-10-21 22:55 . 2008-10-21 22:55 <DIR> d-------- C:\Program Files\Symantec
2008-10-21 22:55 . 2008-10-21 22:55 124,464 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-10-21 22:55 . 2008-10-21 22:55 60,808 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-10-21 22:55 . 2008-10-21 22:55 10,635 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-10-21 22:55 . 2008-10-21 22:55 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-10-21 22:53 . 2008-10-21 22:53 <DIR> d-------- C:\WINDOWS\system32\drivers\NAV
2008-10-21 22:53 . 2008-10-21 22:53 <DIR> d-------- C:\Program Files\Windows Sidebar
2008-10-20 23:28 . 2008-10-21 22:53 <DIR> d-------- C:\Program Files\Norton AntiVirus
2008-10-20 22:57 . 2008-10-20 22:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PCSettings
2008-10-20 22:50 . 2008-10-20 22:50 <DIR> d-------- C:\Program Files\NortonInstaller
2008-10-20 22:50 . 2008-10-20 22:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
2008-10-20 22:50 . 2008-10-21 22:53 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
2008-10-20 22:47 . 2008-10-20 22:47 <DIR> d-------- C:\Documents and Settings\All Users\Symantec Temporary Files
2008-10-18 14:57 . 2008-10-18 14:57 25 --a--c--- C:\WINDOWS\system32\aasoyf
2008-10-15 22:36 . 2008-09-15 05:12 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 22:36 . 2008-09-08 03:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 22:35 . 2008-08-14 03:11 2,189,184 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 22:35 . 2008-08-14 03:09 2,145,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 22:35 . 2008-08-14 02:33 2,066,048 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 22:35 . 2008-08-14 02:33 2,023,936 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-13 15:52 . 2008-10-20 13:38 <DIR> d-------- C:\Program Files\Incomplete
2008-10-12 23:37 . 2002-01-01 00:01 <DIR> d-------- C:\Program Files\Audio Dictation Master
2008-10-12 23:37 . 2004-07-29 02:19 175,104 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-10-07 22:39 . 2008-10-07 22:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-07 22:39 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\system32\GEARAspi.dll
2008-10-07 22:39 . 2008-04-17 13:12 15,464 --a--c--- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-10-07 22:38 . 2008-10-07 22:38 <DIR> d-------- C:\Program Files\Bonjour
2008-10-07 22:37 . 2008-10-07 22:38 <DIR> d-------- C:\Program Files\QuickTime
2008-10-06 10:54 . 2008-10-06 10:54 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\system32\en
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-06 10:53 . 2008-10-06 10:53 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-06 10:46 . 2008-10-06 10:54 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-26 17:37 . 2008-09-26 17:37 19 --a------ C:\WINDOWS\system32\moreniu
2008-09-24 09:56 . 2002-01-01 00:00 <DIR> d-------- C:\Program Files\Google
2008-09-20 13:23 . 2008-09-20 13:23 32 --a------ C:\WINDOWS\system32\inesrol
2008-09-20 13:16 . 2008-09-20 13:16 13 --a------ C:\WINDOWS\system32\gnalagn
2008-09-20 13:04 . 2008-09-20 13:04 17 --a------ C:\WINDOWS\system32\irtart
2008-09-20 12:58 . 2008-09-20 12:58 22 --a------ C:\WINDOWS\system32\zodc
2008-09-20 12:56 . 2008-09-20 12:56 27 --a------ C:\WINDOWS\system32\rebsin
2008-09-20 12:54 . 2008-09-20 12:54 22 --a------ C:\WINDOWS\system32\seasout
2008-09-20 12:51 . 2008-09-20 12:51 25 --a------ C:\WINDOWS\system32\egyast
2008-09-20 12:39 . 2008-09-20 12:39 25 --a------ C:\WINDOWS\system32\zhsi
2008-09-20 12:31 . 2008-09-20 12:31 23 --a------ C:\WINDOWS\system32\celaso
2008-09-19 22:51 . 2008-09-19 22:51 <DIR> d-------- C:\WINDOWS\ERUNT
2008-09-18 16:25 . 2008-10-26 12:37 <DIR> d-------- C:\Program Files\MySpace
2008-09-18 16:25 . 2008-09-18 16:25 <DIR> d-------- C:\Documents and Settings\steve\Application Data\MySpace
2008-09-16 17:42 . 2008-09-16 17:42 34 --a------ C:\WINDOWS\system32\comnum
2008-09-16 17:08 . 2008-09-16 17:08 26 --a------ C:\WINDOWS\system32\uioplomn
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-02 20:57 . 2008-04-13 17:12 412,160 --a------ C:\WINDOWS\system32\photometadatahandler.dll
2008-09-02 20:56 . 2008-04-13 17:12 1,737,856 --a------ C:\WINDOWS\system32\mtxparhd.dll
2008-09-02 20:55 . 2008-04-13 17:11 86,016 --a------ C:\WINDOWS\system32\mdmxsdk.dll
2008-09-02 20:55 . 2008-04-13 17:11 61,440 --a------ C:\WINDOWS\system32\kmsvc.dll
2008-09-02 20:55 . 2008-04-13 17:11 37,376 --a------ C:\WINDOWS\system32\l2gpstore.dll
2008-09-02 20:55 . 2004-08-03 22:41 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2008-09-02 20:55 . 2008-04-13 17:12 10,752 --a------ C:\WINDOWS\system32\smtpapi.dll
2008-09-02 20:55 . 2008-04-13 17:12 9,728 --a------ C:\WINDOWS\system32\rwnh.dll
2008-09-02 20:55 . 2008-04-13 17:09 6,144 --a------ C:\WINDOWS\system32\kbdpash.dll
2008-09-02 20:55 . 2008-04-13 17:09 6,144 --a------ C:\WINDOWS\system32\kbdnepr.dll
2008-09-02 20:55 . 2008-04-13 17:09 6,144 --a------ C:\WINDOWS\system32\kbdiultn.dll
2008-09-02 20:55 . 2008-04-13 17:09 6,144 --a------ C:\WINDOWS\system32\kbdbhc.dll
2008-09-02 20:55 . 2007-06-20 22:52 974 --a------ C:\WINDOWS\system32\pid.inf
2008-09-02 20:53 . 2008-04-13 17:11 1,888,992 --a------ C:\WINDOWS\system32\ati3duag.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-30 03:36 --------- d-----w C:\Program Files\NOS
2008-10-30 03:36 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
2008-10-28 05:47 224,768 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-10-28 05:47 1,324,544 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-10-25 05:47 32,768 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-10-25 05:47 1,284,096 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-10-25 05:18 3,852 ----a-w C:\WINDOWS\system32\tmp.reg
2008-10-24 04:44 --------- d---a-w C:\Program Files\Norton Support
2008-10-23 06:31 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-23 00:10 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-23 00:10 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-10-22 07:04 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-22 07:03 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2008-10-20 20:38 --------- d-----w C:\Program Files\LimeWire
2008-10-08 05:39 --------- d-----w C:\Program Files\iTunes
2008-10-08 05:39 --------- d-----w C:\Program Files\iPod
2008-10-08 05:37 --------- d-----w C:\Program Files\Common Files\Apple
2008-10-08 05:34 --------- d-----w C:\Program Files\Apple Software Update
2008-10-08 05:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-15 12:12 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-08 10:41 333,824 -c--a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-04 00:24 --------- d-----w C:\Program Files\BitComet
2008-08-29 17:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe
2008-08-29 16:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
2008-08-20 05:30 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-14 10:11 2,189,184 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 09:33 2,066,048 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-07-19 05:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 05:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 05:10 36,552 -c--a-w C:\WINDOWS\system32\wups.dll
2008-07-19 05:09 563,912 -c--a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 05:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 05:09 205,000 -c--a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 05:09 1,811,656 -c--a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 05:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 05:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:26 253,952 -c--a-w C:\WINDOWS\system32\es.dll
2005-06-05 04:23 220 -csha-w C:\WINDOWS\system32\ss.drv
.

((((((((((((((((((((((((((((( snapshot@2008-10-27_22.38.15.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-27 22:07:04 63,188 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2002-01-01 07:05:19 63,188 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-10-27 22:07:04 403,968 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2002-01-01 07:05:19 403,968 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704]
"NvMediaCenter"="C:\WINDOWS\system32\NVMCTRAY.DLL" [2003-07-28 49152]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-22 1871872]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB9094"="command" [X]
"SpybotDeletingD8143"="del" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-03-31 180269]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-07-28 4841472]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-07 1400944]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"Adobe Version Cue CS2"="c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200]
"nwiz"="nwiz.exe" [2003-07-28 C:\WINDOWS\system32\nwiz.exe]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-05-24 113664]
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-05-24 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.G723"= G723.ACM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS\system32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebrootSpySweeperService"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"5900:TCP"= 5900:TCP:VNC

R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMEFA.SYS [2008-10-21 309296]
S1 BHDrvx86;Symantec Heuristics Driver;C:\WINDOWS\system32\drivers\NAV\1000000.07D\BHDrvx86.sys [2008-10-21 254512]
S1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\NAV\1000000.07D\ccHPx86.sys [2008-10-21 362544]
S1 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [2008-10-21 274808]
S2 EraserSvc10823;Symantec Eraser Service;C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [2008-10-21 115560]
S2 Norton AntiVirus;Norton AntiVirus;C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe /s Norton AntiVirus /m C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll [ ]
S2 Parclass;Parclass;C:\WINDOWS\system32\Drivers\Parclass.sys [2000-04-04 19824]
S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\Asushwio.sys [2003-03-27 5824]
S3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2001-09-26 285088]
S3 ICAM3NT5;Intel® PC Camera CS331;C:\WINDOWS\system32\Drivers\ICAM3D2.SYS [2001-12-03 145184]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-29 20:42:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
Completion time: 2008-10-29 20:44:52
ComboFix-quarantined-files.txt 2008-10-30 03:43:49
ComboFix2.txt 2008-10-28 05:38:50

Pre-Run: 22,487,953,408 bytes free
Post-Run: 22,768,570,368 bytes free

243 --- E O F --- 2008-10-16 18:55:47







HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48:44, on 10/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.g2ic.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9094] command /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8143] cmd /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Eraser Service (EraserSvc10823) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9870 bytes

#12 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 30 October 2008 - 05:30 AM

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
=================
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#13 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 30 October 2008 - 11:49 PM

MBAM log:

Malwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 3

1/1/2002 5:14:19 AM
mbam-log-2002-01-01 (05-14-19).txt

Scan type: Quick Scan
Objects scanned: 69054
Time elapsed: 8 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




RSIT log file:

Logfile of random's system information tool 1.04 (written by random/random)
Run by steve at 2002-01-01 05:16:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (26%) free of 80 GB
Total RAM: 511 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:16:48, on 1/1/2002
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\steve\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.g2ic.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;*.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9094] command /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8143] cmd /c del "C:\WINDOWS\system32\dyiadurq.dll_old"
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\steve\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsupp/as...rl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsupp/as...trl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Eraser Service (EraserSvc10823) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10114 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-10-23 262144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-03-31 180269]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-07-28 4841472]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152]
"Adobe Version Cue CS2"=c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [2005-04-04 856064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-10-22 1261200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-07-28 49152]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-22 1871872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB9094"=command /c del C:\WINDOWS\system32\dyiadurq.dll_old []
"SpybotDeletingD8143"=cmd /c del C:\WINDOWS\system32\dyiadurq.dll_old []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebrootSpySweeperService"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\steve\Start Menu\Programs\Startup
Scheduler.lnk - C:\Program Files\SpyCatcher\Scheduler daemon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-11-17 209408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-04-03 81616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2008-10-29 19:52:43 ----SHD---- C:\RECYCLER
2008-10-29 19:44:54 ----A---- C:\ComboFix.txt
2008-10-29 19:36:55 ----D---- C:\ComboFix
2008-10-27 21:15:10 ----A---- C:\WINDOWS\zip.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\VFIND.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWSC.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\SWREG.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\sed.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\grep.exe
2008-10-27 21:15:10 ----A---- C:\WINDOWS\fdsv.exe
2008-10-27 21:15:00 ----D---- C:\WINDOWS\ERDNT
2008-10-27 21:15:00 ----D---- C:\Qoobox
2008-10-24 21:35:31 ----HD---- C:\WINDOWS\system32\GroupPolicy
2008-10-23 21:20:30 ----D---- C:\Program Files\ZoneAlarmSB
2008-10-23 21:13:43 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-10-23 21:13:00 ----A---- C:\WINDOWS\zllsputility.exe
2008-10-23 21:11:01 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-10-23 21:11:00 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-10-23 21:10:53 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-23 21:10:53 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-23 21:10:30 ----AC---- C:\WINDOWS\system32\vswmi.dll
2008-10-23 21:10:27 ----A---- C:\WINDOWS\system32\zpeng24.dll
2008-10-23 21:10:25 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-10-23 21:10:23 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-23 21:10:22 ----D---- C:\Program Files\Zone Labs
2008-10-23 21:10:22 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-10-23 21:10:22 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-10-23 21:07:27 ----D---- C:\WINDOWS\Internet Logs
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-10-23 21:07:27 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-10-23 21:00:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-22 22:21:06 ----D---- C:\Program Files\Trend Micro
2008-10-21 21:55:08 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-10-21 21:55:07 ----D---- C:\Program Files\Symantec
2008-10-21 21:53:32 ----D---- C:\Program Files\Windows Sidebar
2008-10-20 22:28:34 ----D---- C:\Program Files\Norton AntiVirus
2008-10-20 21:57:41 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2008-10-20 21:50:21 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2008-10-20 21:50:17 ----D---- C:\Program Files\NortonInstaller
2008-10-20 21:50:17 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-10-16 10:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:55:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:52:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-16 10:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-13 14:52:37 ----D---- C:\Program Files\Incomplete
2008-10-12 22:37:16 ----A---- C:\WINDOWS\system32\lame_enc.dll
2008-10-07 21:39:44 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-10-07 21:39:06 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-07 21:38:39 ----D---- C:\Program Files\Bonjour
2008-10-07 21:37:14 ----D---- C:\Program Files\QuickTime
2008-10-06 22:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-06 11:11:09 ----D---- C:\WINDOWS\Prefetch
2008-10-06 10:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-10-06 10:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-06 10:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-06 10:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-06 10:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-06 10:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-10-06 10:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-06 10:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-06 10:00:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-10-06 10:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-06 10:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-06 09:54:02 ----D---- C:\WINDOWS\system32\en-us
2008-10-06 09:54:00 ----D---- C:\WINDOWS\system32\scripting
2008-10-06 09:53:58 ----D---- C:\WINDOWS\l2schemas
2008-10-06 09:53:56 ----D---- C:\WINDOWS\system32\en
2008-10-06 09:53:55 ----D---- C:\WINDOWS\system32\bits
2008-10-06 09:46:53 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-06 09:42:36 ----D---- C:\WINDOWS\network diagnostic
2008-10-06 09:34:21 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-24 08:56:48 ----D---- C:\Program Files\Google
2008-09-19 21:51:20 ----D---- C:\WINDOWS\ERUNT
2008-09-18 15:25:36 ----D---- C:\Documents and Settings\steve\Application Data\MySpace
2008-09-18 15:25:26 ----D---- C:\Program Files\MySpace
2008-09-10 22:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-02 19:59:01 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-09-02 19:58:55 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-09-02 19:58:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-09-02 19:58:47 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-02 19:58:47 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-02 19:58:26 ----A---- C:\WINDOWS\system32\tspkg.dll
2008-09-02 19:58:26 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-09-02 19:58:10 ----A---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-02 19:58:08 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-02 19:58:03 ----N---- C:\WINDOWS\slrundll.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slserv.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slgen.dll
2008-09-02 19:58:03 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-09-02 19:58:02 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-09-02 19:57:55 ----A---- C:\WINDOWS\system32\setupn.exe
2008-09-02 19:57:40 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-09-02 19:57:37 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-02 19:57:33 ----A---- C:\WINDOWS\system32\rasqec.dll
2008-09-02 19:57:32 ----A---- C:\WINDOWS\system32\qutil.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qcliprov.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qagentrt.dll
2008-09-02 19:57:30 ----A---- C:\WINDOWS\system32\qagent.dll
2008-09-02 19:57:26 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-02 19:57:20 ----A---- C:\WINDOWS\system32\onex.dll
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napstat.exe
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napmontr.dll
2008-09-02 19:57:00 ----A---- C:\WINDOWS\system32\napipsec.dll
2008-09-02 19:56:59 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-02 19:56:58 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-09-02 19:56:58 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-09-02 19:56:51 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-02 19:56:51 ----A---- C:\WINDOWS\system32\mssha.dll
2008-09-02 19:56:12 ----A---- C:\WINDOWS\system32\mmcperf.exe
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\mmcex.dll
2008-09-02 19:56:11 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-02 19:55:55 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-02 19:55:29 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-02 19:55:28 ----A---- C:\WINDOWS\system32\kmsvc.dll
2008-09-02 19:55:26 ----A---- C:\WINDOWS\system32\kbdpash.dll
2008-09-02 19:55:26 ----A---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-02 19:55:25 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-02 19:55:25 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-02 19:55:04 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-09-02 19:55:03 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-09-02 19:54:52 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-09-02 19:54:35 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-02 19:54:17 ----A---- C:\WINDOWS\system32\faxpatch.exe
2008-09-02 19:54:17 ----A---- C:\WINDOWS\003181_.tmp
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapsvc.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapqec.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappprxy.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eapphost.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappgnui.dll
2008-09-02 19:54:11 ----A---- C:\WINDOWS\system32\eappcfg.dll
2008-09-02 19:54:10 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-02 19:54:10 ----A---- C:\WINDOWS\system32\eapolqec.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3ui.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3svc.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3msm.dll
2008-09-02 19:54:05 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-02 19:54:04 ----A---- C:\WINDOWS\system32\dot3api.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dimsroam.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-02 19:54:02 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-02 19:53:57 ----A---- C:\WINDOWS\system32\credssp.dll
2008-09-02 19:53:49 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-02 19:53:48 ----A---- C:\WINDOWS\system32\azroles.dll
2008-09-02 19:53:46 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-02 19:53:46 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-02 19:53:45 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-02 19:53:34 ----AC---- C:\WINDOWS\system32\aaclient.dll
2008-08-29 09:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-08-14 23:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-14 23:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-14 23:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 23:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-14 23:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 23:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-14 22:59:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-14 22:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
2008-08-09 18:37:58 ----D---- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-08-01 21:10:52 ----D---- C:\Program Files\ReflexiveArcade
2008-07-28 16:53:25 ----D---- C:\Decoz
2008-07-17 12:42:18 ----D---- C:\Documents and Settings\steve\Application Data\gtk-2.0
2008-07-10 09:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-08 23:07:32 ----D---- C:\Program Files\IMVU
2008-06-23 11:19:02 ----D---- C:\Documents and Settings\steve\Application Data\Move Networks
2008-06-20 15:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-06-15 14:46:18 ----D---- C:\Program Files\AstroMart
2008-06-14 22:00:58 ----D---- C:\Documents and Settings\steve\Application Data\SecondLife
2008-06-14 20:49:08 ----D---- C:\Program Files\Capricorn Astrology Software
2008-06-14 07:35:55 ----D---- C:\Documents and Settings\All Users\Application Data\Last.fm
2008-06-14 07:34:52 ----D---- C:\Program Files\Last.fm
2008-06-13 20:23:12 ----RHD---- C:\Documents and Settings\steve\Application Data\yahoo!
2008-06-13 20:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-13 20:02:04 ----A---- C:\YServer.txt
2008-06-13 20:01:30 ----D---- C:\Program Files\Yahoo!
2008-06-12 08:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-06-12 08:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-06-12 08:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950759_0$
2008-06-12 08:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-12 08:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2008-05-14 19:59:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-04-25 19:06:33 ----D---- C:\WINDOWS\system32\LogFiles
2008-04-10 09:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB948881$
2008-04-10 09:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB947864$
2008-04-10 09:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2008-04-10 09:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-04-10 09:16:01 ----HDC---- C:\WINDOWS\$NtUninstallKB944338$
2008-04-10 09:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-03-04 17:52:34 ----A---- C:\WINDOWS\system32\libcurl.dll
2008-03-03 10:45:59 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-02 11:09:03 ----A---- C:\WINDOWS\system32\muweb.dll
2008-03-02 11:09:02 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-03-02 11:09:02 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-03-01 19:43:42 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-01 19:43:15 ----D---- C:\Program Files\Windows Live
2008-03-01 19:42:59 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-13 08:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-02-13 08:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB944533$
2008-02-13 08:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-02-02 20:27:12 ----D---- C:\Documents and Settings\steve\Application Data\TVU networks
2008-02-02 20:27:02 ----D---- C:\Program Files\TVUPlayer
2008-01-09 08:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2008-01-09 08:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2007-12-21 08:26:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2007-12-12 19:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2007-12-12 19:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB942840$
2007-12-12 19:25:44 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2007-12-12 19:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2007-12-12 19:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
2007-12-12 19:19:58 ----HDC---- C:\WINDOWS\$NtUninstallKB942615$
2007-12-12 19:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2007-11-23 22:38:30 ----D---- C:\AFUDOS211
2007-11-14 09:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2007-11-07 07:03:18 ----A---- C:\install.res.3082.dll
2007-11-07 07:03:18 ----A---- C:\install.res.2052.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1042.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1041.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1040.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1036.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1033.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1031.dll
2007-11-07 07:03:18 ----A---- C:\install.res.1028.dll
2007-11-07 07:00:40 ----A---- C:\install.ini
2007-11-07 07:00:40 ----A---- C:\globdata.ini
2007-11-07 07:00:40 ----A---- C:\eula.3082.txt
2007-11-07 07:00:40 ----A---- C:\eula.2052.txt
2007-11-07 07:00:40 ----A---- C:\eula.1042.txt
2007-11-07 07:00:40 ----A---- C:\eula.1041.txt
2007-11-07 07:00:40 ----A---- C:\eula.1040.txt
2007-11-07 07:00:40 ----A---- C:\eula.1036.txt
2007-11-07 07:00:40 ----A---- C:\eula.1033.txt
2007-11-07 07:00:40 ----A---- C:\eula.1031.txt
2007-11-07 07:00:40 ----A---- C:\eula.1028.txt
2007-10-31 08:39:54 ----A---- C:\WINDOWS\system32\zlib1.dll
2007-10-18 11:31:46 ----A---- C:\WINDOWS\system32\sirenacm.dll
2007-10-10 04:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2007-10-10 04:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB939653$
2007-10-10 04:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB941202$
2007-08-29 18:05:46 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2007-08-15 19:40:46 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$
2007-08-15 19:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2007-08-15 19:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB921503$
2007-08-15 19:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$
2007-08-15 19:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2007-08-15 19:38:03 ----HDC---- C:\WINDOWS\$NtUninstallKB937143$
2007-08-15 19:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2007-07-30 13:24:19 ----D---- C:\Program Files\iTunes
2007-07-30 13:16:35 ----D---- C:\Program Files\Common Files\Apple
2007-07-30 13:16:31 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2007-07-09 16:32:48 ----D---- C:\WINDOWS\system32\BWKDLogs
2007-07-09 16:28:46 ----D---- C:\Program Files\Kodak
2007-07-09 16:22:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak
2007-07-08 22:40:14 ----D---- C:\Program Files\DivX
2007-07-02 11:41:04 ----AC---- C:\WINDOWS\system32\ssldivx.dll
2007-07-02 11:41:04 ----AC---- C:\WINDOWS\system32\libdivx.dll
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2007-06-20 21:08:55 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2007-06-13 05:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB933566$
2007-06-13 05:31:29 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2007-06-13 05:31:18 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2007-06-13 05:31:13 ----AC---- C:\WINDOWS\system32\MRT.INI
2007-06-13 05:29:47 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2007-06-06 09:53:34 ----A---- C:\WINDOWS\system32\FM20.DLL
2007-05-30 09:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2007-05-26 16:40:05 ----D---- C:\Program Files\Apple Software Update
2007-05-17 12:58:10 ----A---- C:\WINDOWS\system32\libexpatw.dll
2007-05-15 07:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB931768$
2007-05-15 07:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2007-05-08 14:03:04 ----A---- C:\WINDOWS\system32\msxml4.dll
2007-05-06 19:22:38 ----D---- C:\Program Files\Common Files\Canon
2007-04-24 05:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2007-04-16 10:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2007-04-16 10:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2007-04-16 10:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2007-04-13 02:21:14 ----A---- C:\WINDOWS\system32\mscoree.dll
2007-04-10 20:10:46 ----D---- C:\Downloads
2007-04-07 10:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2007-03-22 18:17:04 ----A---- C:\WINDOWS\system32\FM20ENU.DLL
2007-03-15 20:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
2007-03-04 19:38:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2007-02-19 19:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2007-02-18 11:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2007-02-18 11:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2007-02-18 11:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2007-02-18 11:12:34 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
2007-02-18 11:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2007-02-18 11:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2007-02-18 11:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB928090$
2007-02-18 11:09:18 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2007-01-29 00:58:06 ----A---- C:\WINDOWS\system32\tzchange.exe
2007-01-11 19:09:45 ----HDC---- C:\WINDOWS\$NtUninstallKB929969$
2006-12-12 23:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB925454$
2006-12-12 23:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2006-12-12 23:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2006-12-12 23:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2006-12-12 23:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
2006-12-03 13:47:12 ----A---- C:\WINDOWS\system32\libeay32.dll
2006-12-03 13:47:11 ----A---- C:\WINDOWS\system32\ssleay32.dll
2006-12-03 13:11:13 ----A---- C:\WINDOWS\system32\WRLogonNtf.dll
2006-12-03 13:11:04 ----AC---- C:\WINDOWS\WRUninstall.dll
2006-11-21 11:53:06 ----AC---- C:\WINDOWS\system32\pxwma.dll
2006-11-21 11:53:04 ----A---- C:\WINDOWS\system32\PxWave.dll
2006-11-21 11:53:02 ----A---- C:\WINDOWS\system32\PxSFS.DLL
2006-11-21 11:53:02 ----A---- C:\WINDOWS\system32\PxMas.dll
2006-11-21 11:52:58 ----A---- C:\WINDOWS\system32\Px.dll
2006-11-19 13:26:07 ----A---- C:\WINDOWS\system32\tmp.txt
2006-11-18 23:37:25 ----D---- C:\Program Files\Common Files\NSV
2006-11-18 14:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2006-11-18 14:18:20 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2006-11-18 14:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2006-11-18 09:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB922760$
2006-11-13 20:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2006-11-13 20:59:43 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2006-11-13 20:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2006-11-13 20:59:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2006-11-13 20:59:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2006-11-01 00:02:00 ----A---- C:\WINDOWS\system32\pxdrv.dll
2006-10-30 12:56:01 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2006-10-30 12:54:50 ----D---- C:\Program Files\Common Files\HP
2006-10-30 12:50:17 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZisn12.dll
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZipt12.dll
2006-10-30 12:45:14 ----AC---- C:\WINDOWS\system32\HPZipm12.exe
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2006-10-30 12:45:14 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2006-10-30 12:42:23 ----D---- C:\Program Files\HP
2006-10-18 01:32:38 ----AC---- C:\WINDOWS\system32\wmv9dmod.dll
2006-10-10 00:00:00 ----AC---- C:\WINDOWS\system32\VXBLOCK.dll
2006-10-09 09:51:06 ----A---- C:\rapport.txt
2006-10-09 09:10:20 ----D---- C:\Program Files\Enigma Software Group
2006-09-27 08:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2006-09-14 22:18:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2006-09-14 22:18:26 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2006-09-14 22:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2006-09-14 22:17:58 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2006-08-27 15:00:42 ----D---- C:\VundoFix Backups
2006-08-27 15:00:42 ----A---- C:\VundoFix.txt
2006-08-18 20:18:36 ----D---- C:\WINDOWS\system32\NtmsData
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CDDBUISony.dll
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2006-08-17 21:43:03 ----AC---- C:\WINDOWS\system32\CddbMusicIDSony.dll
2006-08-17 21:43:02 ----AC---- C:\WINDOWS\system32\CddbLinkSony.dll
2006-08-17 21:43:02 ----AC---- C:\WINDOWS\system32\CDDBControlSony.dll
2006-08-08 21:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920214$
2006-08-08 21:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2006-08-08 21:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2006-08-08 21:49:43 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2006-08-08 21:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB918899$
2006-08-08 21:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2006-08-08 21:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2006-08-08 21:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2006-07-23 14:15:17 ----D---- C:\Documents and Settings\steve\Application Data\VSO_HWE
2006-07-20 21:14:37 ----AC---- C:\WINDOWS\dp2_log.txt
2006-07-15 19:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2006-07-15 19:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2006-07-15 19:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2006-06-28 19:22:12 ----D---- C:\Documents and Settings\steve\Application Data\Tenebril
2006-06-28 19:20:53 ----D---- C:\WINDOWS\system32\tenarchlib
2006-06-27 22:48:42 ----D---- C:\Documents and Settings\steve\Application Data\Talkback
2006-06-19 15:20:42 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2006-06-19 15:19:26 ----AC---- C:\WINDOWS\system32\WgaTray.exe
2006-06-19 11:13:43 ----D---- C:\Program Files\Winamp
2006-06-17 08:18:38 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2006-06-17 08:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2006-06-17 08:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2006-06-17 08:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2006-06-17 08:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2006-06-17 08:16:33 ----HDC---- C:\WINDOWS\$NtUninstallKB916281$
2006-06-17 08:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2006-06-14 22:15:32 ----D---- C:\Documents and Settings\steve\Application Data\Apple Computer
2006-06-14 22:13:05 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-06-14 22:11:55 ----D---- C:\Program Files\iPod
2006-06-13 09:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2006-06-02 10:01:03 ----D---- C:\Program Files\Windows Defender
2006-05-27 15:57:46 ----AC---- C:\WINDOWS\system32\BASSMOD.dll
2006-05-27 15:57:17 ----D---- C:\Documents and Settings\steve\Application Data\Vso
2006-05-27 15:57:04 ----D---- C:\Program Files\vso
2006-05-27 15:00:34 ----D---- C:\DVD_VIDEO
2006-05-27 14:55:57 ----D---- C:\Program Files\DVD Decrypter
2006-05-27 14:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2006-05-27 14:55:36 ----D---- C:\Program Files\DVD Shrink
2006-04-26 09:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2006-04-15 21:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2006-04-15 21:41:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2006-04-15 21:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2006-04-15 21:39:22 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
2006-03-16 16:38:01 ----A---- C:\WINDOWS\system32\verclsid.exe
2006-02-28 22:58:29 ----D---- C:\Program Files\Xilisoft
2006-02-27 20:32:28 ----D---- C:\Program Files\Smart WAV Converter
2006-02-27 20:28:02 ----D---- C:\Program Files\FLAC
2006-02-16 01:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2006-02-15 10:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2006-02-15 10:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
2006-02-15 10:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
2006-02-06 21:25:51 ----D---- C:\Documents and Settings\steve\Application Data\Opera
2006-01-30 16:33:04 ----AC---- C:\WINDOWS\system32\rundll32.exe.Z-missing.txt
2006-01-22 10:28:33 ----AC---- C:\WINDOWS\Explorer.EXE.Z-missing.txt
2006-01-19 12:52:57 ----AC---- C:\WINDOWS\system32\lfpng13n.dll
2006-01-19 12:52:55 ----AC---- C:\WINDOWS\system32\lfgif13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltkrn13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltimg13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltfil13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltefx13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\ltdis13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\lfcmp13n.dll
2006-01-19 12:52:54 ----AC---- C:\WINDOWS\system32\lfbmp13n.dll
2006-01-16 22:59:38 ----A---- C:\WINDOWS\system32\FileOps.exe
2006-01-16 22:55:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-01-11 20:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2006-01-08 21:21:37 ----D---- C:\Documents and Settings\steve\Application Data\dvdcss
2006-01-08 21:16:02 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2006-01-08 21:15:56 ----D---- C:\Program Files\ImTOO
2006-01-05 15:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2005-12-26 17:07:30 ----D---- C:\Program Files\Sony Corporation
2005-12-26 17:07:15 ----C---- C:\WINDOWS\snymsico.dll
2005-12-26 17:06:17 ----AC---- C:\WINDOWS\system32\CDDBUI.dll
2005-12-26 17:06:17 ----AC---- C:\WINDOWS\system32\CDDBControl.dll
2005-12-26 17:05:41 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2005-12-26 17:05:02 ----D---- C:\Program Files\Sony
2005-12-26 17:04:25 ----D---- C:\Documents and Settings\steve\Application Data\Sony Corporation
2005-12-26 17:04:24 ----D---- C:\Program Files\Common Files\Sony Shared
2005-12-17 14:19:06 ----D---- C:\Documents and Settings\steve\Application Data\vlc
2005-12-17 14:17:37 ----D---- C:\Program Files\VideoLAN
2005-12-16 17:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2005-12-16 17:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB905915$
2005-11-15 12:12:08 ----AC---- C:\WINDOWS\system32\hashlib.dll
2005-11-15 12:12:08 ----AC---- C:\WINDOWS\system32\GCCollection.dll
2005-11-15 12:12:06 ----AC---- C:\WINDOWS\system32\gcUnCompress.dll
2005-11-08 15:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2005-11-02 14:32:06 ----AC---- C:\WINDOWS\aktyupgrade.ini
2005-11-02 14:32:06 ----AC---- C:\WINDOWS\akty.ini
2005-11-02 14:30:06 ----D---- C:\Program Files\Infinite Solutions
2005-11-02 14:16:48 ----D---- C:\ASTROLOG
2005-11-02 13:28:46 ----D---- C:\Program Files\Borland
2005-10-15 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2005-10-15 10:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2005-10-15 10:18:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896688$
2005-10-15 10:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB899589$
2005-10-15 10:18:06 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2005-10-15 10:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2005-10-15 10:17:41 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2005-10-15 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2005-10-14 21:00:03 ----D---- C:\Program Files\BitComet
2005-10-10 11:29:51 ----D---- C:\Program Files\Alambik
2005-09-23 06:28:56 ----A---- C:\WINDOWS\system32\netfxperf.dll
2005-09-23 06:28:52 ----A---- C:\WINDOWS\system32\mscories.dll
2005-09-23 06:28:52 ----A---- C:\WINDOWS\system32\mscorier.dll
2005-09-23 06:28:38 ----A---- C:\WINDOWS\system32\dfshim.dll
2005-09-06 11:31:26 ----D---- C:\Documents and Settings\steve\Application Data\Leadertech
2005-08-13 08:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2005-08-13 08:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2005-08-13 08:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2005-08-13 08:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2005-08-13 08:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB896727$
2005-08-13 08:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB899588$
2005-08-13 08:52:21 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2005-08-01 15:27:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2005-07-13 21:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2005-07-13 21:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB903235$
2005-07-12 17:04:22 ----AC---- C:\WINDOWS\system32\LegitCheckControl.dll
2005-07-12 17:04:22 ----AC---- C:\WINDOWS\system32\GWFSPidGen.dll
2005-07-06 23:18:39 ----AC---- C:\WINDOWS\system32\msdaokg.dll
2005-07-06 23:16:57 ----D---- C:\Program Files\ScreenFlash
2005-07-01 21:30:23 ----D---- C:\Program Files\Autodesk
2005-07-01 21:26:43 ----D---- C:\Documents and Settings\steve\Application Data\Autodesk
2005-07-01 21:26:43 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2005-07-01 21:23:14 ----RSD---- C:\WINDOWS\assembly
2005-07-01 21:23:14 ----D---- C:\WINDOWS\Microsoft.NET
2005-07-01 21:23:11 ----D---- C:\WINDOWS\system32\URTTemp
2005-07-01 21:06:01 ----D---- C:\Program Files\Common Files\Macromedia Shared
2005-07-01 20:59:55 ----D---- C:\Program Files\Common Files\Macromedia
2005-07-01 20:57:40 ----D---- C:\Program Files\Macromedia
2005-06-29 12:50:11 ----D---- C:\WINDOWS\system32\PreInstall
2005-06-29 12:50:11 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2005-06-29 12:50:09 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2005-06-28 17:08:44 ----D---- C:\Program Files\MsnMusic
2005-06-28 17:08:44 ----AC---- C:\WINDOWS\system32\unicows.dll
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxinsi64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxinsa64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxcpyi64.exe
2005-06-26 11:14:23 ----A---- C:\WINDOWS\system32\pxcpya64.exe
2005-06-22 06:41:57 ----AC---- C:\WINDOWS\fnawiz.ini
2005-06-22 06:41:57 ----AC---- C:\WINDOWS\fna32.dll
2005-06-22 06:41:31 ----AC---- C:\WINDOWS\system32\ppmon.dll
2005-06-22 06:41:31 ----A---- C:\WINDOWS\system32\ppmon.exe
2005-06-22 06:41:15 ----AC---- C:\WINDOWS\system32\ciaXPRegSvr20.dll
2005-06-22 06:41:12 ----AC---- C:\WINDOWS\system32\vbar332.dll
2005-06-21 21:01:56 ----A---- C:\WINDOWS\uninst.exe
2005-06-20 00:11:24 ----AC---- C:\WINDOWS\impborl.dll
2005-06-20 00:11:24 ----AC---- C:\WINDOWS\flashax.exe
2005-06-18 00:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB896422$
2005-06-18 00:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB883939$
2005-06-18 00:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2005-06-18 00:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2005-06-18 00:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2005-06-14 23:07:18 ----AC---- C:\WINDOWS\Renew.exe
2005-06-14 23:07:18 ----AC---- C:\WINDOWS\mickey32.dll
2005-06-12 14:24:49 ----D---- C:\Documents and Settings\steve\Application Data\AdobeUM
2005-06-10 19:10:28 ----D---- C:\Documents and Settings\steve\Application Data\Axialis
2005-06-06 14:49:08 ----AC---- C:\WINDOWS\FFINI.ini
2005-06-05 14:41:50 ----AC---- C:\WINDOWS\system32\xmlparse.dll
2005-06-05 14:41:50 ----AC---- C:\WINDOWS\system32\msxml3a.dll
2005-06-05 14:41:50 ----A---- C:\WINDOWS\system32\xmltok.dll
2005-06-05 14:41:50 ----A---- C:\WINDOWS\system32\xmlinst.exe
2005-06-04 20:23:09 ----AC---- C:\WINDOWS\system32\APIGUIDE.DLL
2005-06-04 20:23:09 ----AC---- C:\WINDOWS\system32\apigid32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vpep3235.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vpdf32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\vchart3235.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\leon3_32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\Dav3_32.dll
2005-06-04 20:23:07 ----AC---- C:\WINDOWS\system32\BarVisD.dll
2005-06-04 20:23:05 ----AC---- C:\WINDOWS\system32\dwStg.dll
2005-06-04 20:23:00 ----AC---- C:\WINDOWS\WB3USER.INI
2005-05-26 03:16:30 ----A---- C:\WINDOWS\system32\wups2.dll
2005-05-24 21:38:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2005-05-24 21:35:59 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2005-05-22 01:16:59 ----D---- C:\Documents and Settings\steve\Application Data\Ahead
2005-05-22 01:06:10 ----AC---- C:\WINDOWS\iPlayer.INI
2005-05-21 23:57:12 ----D---- C:\Program Files\InterActual
2005-05-19 00:37:45 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2005-05-17 18:11:35 ----D---- C:\Adobe Albums
2005-05-16 16:25:35 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2005-05-14 22:23:21 ----D---- C:\Documents and Settings\steve\Application Data\CyberLink
2005-05-12 00:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2005-05-10 23:44:00 ----A---- C:\WINDOWS\system32\javaws.exe
2005-05-10 23:43:59 ----A---- C:\WINDOWS\system32\javaw.exe
2005-05-10 23:43:59 ----A---- C:\WINDOWS\system32\java.exe
2005-05-10 11:35:15 ----D---- C:\Program Files\LimeWire
2005-05-10 11:22:38 ----D---- C:\Program Files\Common Files\Java
2005-05-06 19:21:54 ----AC---- C:\WINDOWS\system32\Icam3EXT.dll
2005-05-06 19:21:54 ----A---- C:\WINDOWS\system32\Icam3com.dll
2005-05-06 19:21:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2005-05-06 19:17:17 ----D---- C:\temp
2005-04-28 17:38:14 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2005-04-27 23:36:53 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2005-04-16 05:25:15 ----D---- C:\Documents and Settings\steve\Application Data\WeatherBug
2005-04-15 21:36:49 ----D---- C:\Documents and Settings\steve\Application Data\Aim
2005-04-15 21:35:50 ----D---- C:\Program Files\Viewpoint
2005-04-15 21:35:50 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2005-04-15 21:35:45 ----A---- C:\WINDOWS\system32\msvcr71.dll
2005-04-13 14:08:51 ----HDC---- C:\WINDOWS\$NtUninstallKB893066$
2005-04-13 14:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB890923$
2005-04-13 14:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB893086$
2005-04-13 14:08:17 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2005-04-13 14:07:53 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803$
2005-04-07 13:41:02 ----D---- C:\WINDOWS\RegisteredPackages
2005-04-05 21:29:09 ----N---- C:\WINDOWS\Setup1.exe
2005-04-05 21:29:08 ----A---- C:\WINDOWS\ST6UNST.EXE
2005-03-31 14:11:32 ----D---- C:\Program Files\Common Files\xing shared
2005-03-31 14:11:29 ----AC---- C:\WINDOWS\system32\rmoc3260.dll
2005-03-31 14:11:22 ----A---- C:\WINDOWS\system32\pndx5032.dll
2005-03-31 14:11:22 ----A---- C:\WINDOWS\system32\pndx5016.dll
2005-03-31 14:11:21 ----AC---- C:\WINDOWS\system32\pncrt.dll
2005-03-31 14:11:19 ----D---- C:\Program Files\Real
2005-03-31 14:11:19 ----D---- C:\Program Files\Common Files\Real
2005-03-31 14:10:57 ----D---- C:\Documents and Settings\steve\Application Data\Real
2005-03-30 15:06:57 ----AC---- C:\WINDOWS\system32\ssprn32.dll
2005-03-30 15:06:56 ----AC---- C:\WINDOWS\system32\ffJmpWeb.dll
2005-03-30 15:06:55 ----AC---- C:\WINDOWS\system32\Vb5db.dll
2005-03-30 15:06:55 ----AC---- C:\WINDOWS\system32\Msjet35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msrepl35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\msrd2x35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msjter35.dll
2005-03-30 15:06:54 ----AC---- C:\WINDOWS\system32\Msjint35.dll
2005-03-29 17:32:39 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2005-03-28 20:34:11 ----D---- C:\Documents and Settings\steve\Application Data\Yahoo! Messenger
2005-03-27 20:51:55 ----D---- C:\Program Files\WinRAR
2005-03-27 16:35:10 ----AC---- C:\WINDOWS\winamp.ini
2005-03-26 21:55:01 ----AC---- C:\WINDOWS\OpPrintServer.INI
2005-03-26 21:52:32 ----D---- C:\Program Files\Canon
2005-03-26 21:46:19 ----AC---- C:\WINDOWS\system32\ptpusb.dll
2005-03-26 21:46:18 ----A---- C:\WINDOWS\system32\ptpusd.dll
2005-03-26 20:53:16 ----A---- C:\WINDOWS\NeroDigital.ini
2005-03-26 15:34:51 ----HD---- C:\WINDOWS\PIF
2005-03-26 12:24:19 ----D---- C:\WINDOWS\Sun
2005-03-26 12:24:19 ----D---- C:\Documents and Settings\steve\Application Data\Sun
2005-03-25 23:19:05 ----A---- C:\WINDOWS\system32\sporder.dll
2005-03-25 23:14:09 ----D---- C:\Program Files\MSN Messenger
2005-03-25 23:06:03 ----D---- C:\Program Files\D-Tools
2005-03-25 23:00:06 ----D---- C:\Documents and Settings\steve\Application Data\Macromedia
2005-03-25 22:52:42 ----D---- C:\sj646
2005-03-25 22:27:12 ----AC---- C:\WINDOWS\system32\capicom.dll
2005-03-25 22:15:41 ----D---- C:\Program Files\Common Files\Symantec Shared
2005-03-25 19:17:02 ----AC---- C:\WINDOWS\UninstallFirefox.exe
2005-03-25 19:16:47 ----D---- C:\Documents and Settings\steve\Application Data\Mozilla
2005-03-25 19:16:44 ----D---- C:\Program Files\Mozilla Firefox
2005-03-25 19:11:32 ----D---- C:\Documents and Settings\steve\Application Data\Google
2005-03-25 17:04:46 ----D---- C:\Program Files\Common Files\SWF Studio
2005-03-25 17:03:51 ----D---- C:\Documents and Settings\steve\Application Data\Help
2005-03-25 17:03:06 ----D---- C:\Program Files\Microsoft.NET
2005-03-25 17:03:03 ----D---- C:\Program Files\Microsoft ActiveSync
2005-03-25 17:02:34 ----D---- C:\Program Files\Common Files\DESIGNER
2005-03-25 17:02:20 ----D---- C:\WINDOWS\system32\appmgmt
2005-03-25 17:02:12 ----D---- C:\WINDOWS\Downloaded Installations
2005-03-25 17:01:56 ----D---- C:\WINDOWS\InCD
2005-03-25 16:46:36 ----D---- C:\Config.Msi
2005-03-25 16:23:09 ----SHD---- C:\WINDOWS\CSC
2005-03-25 16:23:04 ----AC---- C:\WINDOWS\ntbtlog.txt
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ltkrn70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ltfil70n.DLL
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lftif70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfpng70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfpcx70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\Lfkodak.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lfgif70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lffpx70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\Lffpx7.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\lffax70n.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\LFCMP70n.DLL
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipeistor12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipebase12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\ipeapi12.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\hpsj32.dll
2005-03-25 15:01:24 ----AC---- C:\WINDOWS\system32\hpgreg32.dll
2005-03-25 15:01:14 ----RAC---- C:\WINDOWS\system32\hpgmatk.dll
2005-03-25 15:01:14 ----AC---- C:\WINDOWS\system32\hpsjvset.dll
2005-03-25 15:01:14 ----AC---- C:\WINDOWS\system32\hpgmastr.dll
2005-03-25 15:01:14 ----A---- C:\WINDOWS\system32\hpgmausd.dll
2005-03-24 21:46:35 ----AC---- C:\WINDOWS\system32\Iyvu9_32.dll
2005-03-24 21:46:35 ----AC---- C:\WINDOWS\system32\ir50_lcs.dll
2005-03-24 21:46:35 ----A---- C:\WINDOWS\system32\iacenc.dll
2005-03-24 21:46:28 ----AC---- C:\WINDOWS\system32\OLEMSG32.DLL
2005-03-24 21:46:28 ----AC---- C:\WINDOWS\system32\GAPI32.DLL
2005-03-24 21:46:23 ----D---- C:\Galleries
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTTWN80N.DLL
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTKRN80N.DLL
2005-03-24 21:46:21 ----AC---- C:\WINDOWS\system32\LTIMG80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LTFIL80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LTEFX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFTIF80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFMSP80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFLMB80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFLMA80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFFPX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFFAX80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFCMP80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFCAL80N.DLL
2005-03-24 21:46:20 ----AC---- C:\WINDOWS\system32\LFBMP80N.DLL
2005-03-24 21:46:19 ----A---- C:\WINDOWS\system32\Scale_en.dll
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\SmtpX.DLL
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\MimeX.dll
2005-03-24 21:45:38 ----AC---- C:\WINDOWS\system32\EncodeX.dll
2005-03-24 21:45:35 ----C---- C:\WINDOWS\h263test.ini
2005-03-24 21:44:40 ----AC---- C:\WINDOWS\system32\inetwh32.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLPX.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLP6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLP5.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLM6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLM5.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPLA6.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\InetIPL.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\ijl15.dll
2005-03-24 21:44:02 ----AC---- C:\WINDOWS\system32\Cpuinf32.dll
2005-03-24 21:43:58 ----AC---- C:\WINDOWS\wplog.txt
2005-03-24 21:43:57 ----D---- C:\Program Files\Web Publish
2005-03-24 21:43:53 ----A---- C:\WINDOWS\system32\LMRTREND.dll
2005-03-24 21:43:51 ----AC---- C:\WINDOWS\system32\wmpns.dll
2005-03-24 21:43:51 ----AC---- C:\WINDOWS\system32\dxtmsft3.dll
2005-03-24 21:43:50 ----A---- C:\WINDOWS\system32\unam4ie.exe
2005-03-24 21:43:48 ----AC---- C:\WINDOWS\system32\vidx16.dll
2005-03-24 21:43:48 ----AC---- C:\WINDOWS\system32\qcut.dll
2005-03-24 21:32:44 ----D---- C:\Program Files\Java
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\npplg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lttwn10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltthk10w.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltkrn10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltisi10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltimg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltfil10N.DLL
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltefx10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltdlg10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\LTDIS10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\ltann10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfwmf10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lftif10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpsd10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpng10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfpcd10N.dll
2005-03-24 21:24:56 ----AC---- C:\WINDOWS\system32\lfgif10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\PLUGIN.DLL
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lffax10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\LFCMP10N.DLL
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfbmp10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfawd10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\lfavi10N.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\ioRdyRes.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\Iordy.dll
2005-03-24 21:24:55 ----AC---- C:\WINDOWS\system32\ECircles.dll
2005-03-24 21:24:55 ----A---- C:\WINDOWS\system32\SfClientDLL.dll
2005-03-24 21:10:56 ----D---- C:\Program Files\OfficeUpdate11
2005-03-24 21:06:58 ----A---- C:\WINDOWS\system32\mdimon.dll
2005-03-24 21:05:41 ----D---- C:\WINDOWS\SHELLNEW
2005-03-24 20:49:59 ----AC---- C:\WINDOWS\ODBC.INI
2005-03-24 20:48:21 ----D---- C:\Program Files\Microsoft Office
2005-03-24 20:46:02 ----RHD---- C:\MSOCache
2005-03-24 19:27:02 ----N---- C:\Log.txt
2005-03-24 19:26:52 ----D---- C:\Program Files\Hewlett-Packard
2005-03-24 19:19:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2005-03-24 19:19:32 ----D---- C:\Program Files\Spybot - Search & Destroy
2005-03-24 19:19:21 ----AC---- C:\WINDOWS\system32\gcmd5query.dll
2005-03-24 19:19:05 ----D---- C:\Program Files\Microsoft AntiSpyware
2005-03-24 19:18:38 ----D---- C:\Documents and Settings\steve\Application Data\Lavasoft
2005-03-23 21:38:20 ----D---- C:\WINDOWS\system32\Adobe
2005-03-23 21:38:20 ----D---- C:\Program Files\Common Files\Adobe
2005-03-23 21:38:20 ----D---- C:\Program Files\Adobe
2005-03-23 21:38:20 ----D---- C:\Documents and Settings\steve\Application Data\Adobe
2005-03-23 21:38:15 ----A---- C:\WINDOWS\IsUninst.exe
2005-03-23 21:36:38 ----AC---- C:\WINDOWS\system32\TwnLib20.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\TwnLib4.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\ImagXRA7.dll
2005-03-23 21:36:35 ----AC---- C:\WINDOWS\system32\ImagXR7.dll
2005-03-23 21:36:35 ----A---- C:\WINDOWS\system32\ImagXpr7.dll
2005-03-23 21:36:35 ----A---- C:\WINDOWS\system32\ImagX7.dll
2005-03-23 21:36:33 ----AC---- C:\WINDOWS\system32\picn20.dll
2005-03-23 21:36:28 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2005-03-23 21:35:46 ----N---- C:\WINDOWS\NuNinst.exe
2005-03-23 21:35:44 ----D---- C:\Program Files\Common Files\Ahead
2005-03-23 21:35:43 ----D---- C:\Program Files\Ahead
2005-03-23 21:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2005-03-23 21:34:21 ----D---- C:\Program Files\CyberLink
2005-03-23 21:34:12 ----HD---- C:\Program Files\InstallShield Installation Information
2005-03-23 21:34:12 ----D---- C:\Program Files\CyberLink DVD Solution
2005-03-23 21:28:17 ----D---- C:\WINDOWS\pss
2005-03-23 21:24:37 ----AC---- C:\WINDOWS\system32\wpa.bak
2005-03-23 21:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB887742$
2005-03-23 21:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB885250$
2005-03-23 21:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2005-03-23 21:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB888113$
2005-03-23 21:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB867282$
2005-03-23 21:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2005-03-23 21:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2005-03-23 21:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB890047$
2005-03-23 21:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2005-03-23 21:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2005-03-23 21:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB890175$
2005-03-23 21:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2005-03-23 21:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2005-03-23 21:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2005-03-23 21:03:53 ----A---- C:\WINDOWS\system32\spmsg.dll
2005-03-23 21:03:47 ----D---- C:\WINDOWS\nview
2005-03-23 20:56:04 ----HD---- C:\WINDOWS\$hf_mig$
2005-03-23 20:50:54 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2005-03-23 20:47:30 ----A---- C:\WINDOWS\system32\NVNFINST.DLL
2005-03-23 20:46:43 ----AC---- C:\WINDOWS\system32\ALut.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\OpenAL32.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvopenal.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvasio.dll
2005-03-23 20:46:42 ----AC---- C:\WINDOWS\system32\nvack.dll
2005-03-23 20:46:40 ----A---- C:\WINDOWS\system32\ksuser.dll
2005-03-23 20:46:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2005-03-23 20:46:01 ----D---- C:\Program Files\Common Files\InstallShield
2005-03-23 20:44:14 ----D---- C:\Documents and Settings\steve\Application Data\Identities
2005-03-23 20:43:58 ----SHC---- C:\Documents and Settings\steve\Application Data\desktop.ini
2005-03-23 20:43:58 ----SD---- C:\Documents and Settings\steve\Application Data\Microsoft
2005-03-23 20:41:54 ----D---- C:\WINDOWS\SoftwareDistribution
2005-03-23 20:41:52 ----SD---- C:\WINDOWS\system32\Microsoft
2005-03-23 20:41:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2005-03-23 20:38:21 ----D---- C:\WINDOWS\system32\xircom
2005-03-23 20:38:21 ----D---- C:\Program Files\xerox
2005-03-23 20:38:21 ----D---- C:\Program Files\microsoft frontpage
2005-03-23 20:37:59 ----N---- C:\AUTOEXEC.BAT
2005-03-23 20:37:59 ----AC---- C:\WINDOWS\control.ini
2005-03-23 20:37:41 ----AC---- C:\WINDOWS\OEWABLog.txt
2005-03-23 20:37:37 ----A---- C:\WINDOWS\system32\mapi32.dll
2005-03-23 20:36:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2005-03-23 20:36:29 ----RD---- C:\WINDOWS\Offline Web Pages
2005-03-23 20:36:29 ----RAHC---- C:\WINDOWS\system32\logonui.exe.manifest
2005-03-23 20:36:21 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2005-03-23 20:36:16 ----HD---- C:\Program Files\WindowsUpdate
2005-03-23 20:35:50 ----D---- C:\WINDOWS\system32\DirectX
2005-03-23 20:35:26 ----AC---- C:\WINDOWS\system32\atrace.dll
2005-03-23 20:35:23 ----AC---- C:\WINDOWS\system32\desktop.ini
2005-03-23 20:35:23 ----A---- C:\WINDOWS\desktop.ini
2005-03-23 20:35:16 ----AC---- C:\WINDOWS\system32\nmevtmsg.dll
2005-03-23 20:35:14 ----D---- C:\Program Files\Common Files\Services
2005-03-23 20:35:14 ----AC---- C:\WINDOWS\system32\acctres.dll
2005-03-23 20:35:11 ----SD---- C:\WINDOWS\Tasks
2005-03-23 20:35:11 ----AC---- C:\WINDOWS\system32\icfgnt5.dll
2005-03-23 20:35:09 ----D---- C:\Program Files\Common Files\MSSoap
2005-03-23 20:35:05 ----D---- C:\WINDOWS\srchasst
2005-03-23 20:35:04 ----D---- C:\WINDOWS\system32\Macromed
2005-03-23 20:35:01 ----AC---- C:\WINDOWS\system32\wuweb.dll
2005-03-23 20:35:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wups.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wuaueng1.dll
2005-03-23 20:35:00 ----AC---- C:\WINDOWS\system32\wuaueng.dll
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauserv.dll
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2005-03-23 20:35:00 ----A---- C:\WINDOWS\system32\wuauclt.exe
2005-03-23 20:34:59 ----AC---- C:\WINDOWS\system32\wuapi.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\qmgr.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2005-03-23 20:34:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2005-03-23 20:34:54 ----D---- C:\Program Files\Movie Maker
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrdm.dll
2005-03-23 20:34:50 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2005-03-23 20:34:49 ----A---- C:\WINDOWS\system32\racpldlg.dll
2005-03-23 20:34:44 ----D---- C:\WINDOWS\system32\Restore
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\srsvc.dll
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\srrstr.dll
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\fltmc.exe
2005-03-23 20:34:44 ----A---- C:\WINDOWS\system32\fltlib.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\srclient.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2005-03-23 20:34:43 ----A---- C:\WINDOWS\system32\ils.dll
2005-03-23 20:34:42 ----AC---- C:\WINDOWS\system32\mnmsrvc.exe
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\msconf.dll
2005-03-23 20:34:42 ----A---- C:\WINDOWS\system32\mnmdd.dll
2005-03-23 20:34:39 ----D---- C:\Program Files\NetMeeting
2005-03-23 20:34:39 ----A---- C:\WINDOWS\system32\msoert2.dll
2005-03-23 20:34:39 ----A---- C:\WINDOWS\system32\msoeacct.dll
2005-03-23 20:34:38 ----A---- C:\WINDOWS\system32\inetres.dll
2005-03-23 20:34:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2005-03-23 20:34:35 ----D---- C:\Program Files\Outlook Express
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\schedsvc.dll
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\mstinit.exe
2005-03-23 20:34:35 ----A---- C:\WINDOWS\system32\mstask.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\isign32.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\inetcfg.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\icwphbk.dll
2005-03-23 20:34:34 ----A---- C:\WINDOWS\system32\icwdial.dll
2005-03-23 20:34:27 ----D---- C:\Program Files\Common Files\System
2005-03-23 20:34:26 ----D---- C:\Program Files\Internet Explorer
2005-03-23 20:33:44 ----D---- C:\Program Files\ComPlus Applications
2005-03-23 20:33:41 ----AC---- C:\WINDOWS\vbaddin.ini
2005-03-23 20:33:41 ----AC---- C:\WINDOWS\vb.ini
2005-03-23 20:33:35 ----D---- C:\WINDOWS\Registration
2005-03-23 20:33:26 ----D---- C:\Program Files\Windows Media Player
2005-03-23 20:33:19 ----D---- C:\Program Files\Messenger
2005-03-23 20:33:15 ----D---- C:\Program Files\MSN Gaming Zone
2005-03-23 20:33:15 ----A---- C:\WINDOWS\system32\write.exe
2005-03-23 20:33:04 ----A---- C:\WINDOWS\system32\sndvol32.exe
2005-03-23 20:33:04 ----A---- C:\WINDOWS\system32\hticons.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avwav.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avtapi.dll
2005-03-23 20:33:03 ----AC---- C:\WINDOWS\system32\avmeter.dll
2005-03-23 20:33:02 ----A---- C:\WINDOWS\system32\winchat.exe
2005-03-23 20:32:54 ----AC---- C:\WINDOWS\system32\getuname.dll
2005-03-23 20:32:54 ----A---- C:\WINDOWS\system32\charmap.exe
2005-03-23 20:32:54 ----A---- C:\WINDOWS\system32\calc.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\winmine.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\sol.exe
2005-03-23 20:32:53 ----A---- C:\WINDOWS\system32\mshearts.exe
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\usrlogon.cmd
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\tslabels.ini
2005-03-23 20:32:52 ----AC---- C:\WINDOWS\system32\rdpcfgex.dll
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tskill.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\tscon.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\shadow.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\rwinsta.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\reset.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\regini.exe
2005-03-23 20:32:52 ----A---- C:\WINDOWS\system32\freecell.exe
2005-03-23 20:32:51 ----AC---- C:\WINDOWS\system32\msdtcprf.ini
2005-03-23 20:32:51 ----AC---- C:\WINDOWS\system32\cdmodem.dll
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\qwinsta.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\msg.exe
2005-03-23 20:32:51 ----A---- C:\WINDOWS\system32\logoff.exe
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxex.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\comrepl.dll
2005-03-23 20:32:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2005-03-23 20:32:49 ----A---- C:\WINDOWS\system32\stclient.dll
2005-03-23 20:32:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2005-03-23 20:32:44 ----AC---- C:\WINDOWS\system32\wmimgmt.msc
2005-03-23 20:32:31 ----D---- C:\Program Files\MSN
2005-03-23 20:32:30 ----AC---- C:\WINDOWS\system32\accwiz.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2005-03-23 20:32:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2005-03-23 20:32:28 ----D---- C:\Program Files\Windows NT
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\spider.exe
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2005-03-23 20:32:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2005-03-23 20:32:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2005-03-23 20:32:26 ----AC---- C:\WINDOWS\system32\sessmgr.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2005-03-23 20:32:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2005-03-23 20:32:25 ----D---- C:\WINDOWS\system32\MsDtc
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2005-03-23 20:32:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2005-03-23 20:32:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2005-03-23 20:32:23 ----AC---- C:\WINDOWS\system32\msdtc.exe
2005-03-23 20:32:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2005-03-23 20:32:22 ----D---- C:\WINDOWS\system32\Com
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\colbact.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2005-03-23 20:32:22 ----A---- C:\WINDOWS\system32\catsrv.dll
2005-03-23 20:32:21 ----A---- C:\WINDOWS\system32\comuid.dll
2005-03-23 20:32:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2005-03-23 20:32:20 ----A---- C:\WINDOWS\system32\clbcatq.dll
2005-03-23 20:32:13 ----AC---- C:\WINDOWS\system32\licwmi.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\servdeps.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\mmfutil.dll
2005-03-23 20:32:13 ----A---- C:\WINDOWS\system32\cmprops.dll
2005-03-23 12:31:04 ----AC---- C:\WINDOWS\system32\h323log.txt
2005-03-23 12:25:55 ----SHC---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2005-03-23 12:25:50 ----RAC---- C:\WINDOWS\SET2B.tmp
2005-03-23 12:25:47 ----RAC---- C:\WINDOWS\SET1F.tmp
2005-03-23 12:25:45 ----RAC---- C:\WINDOWS\SET1C.tmp
2005-03-23 12:25:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2005-03-23 12:25:02 ----D---- C:\WINDOWS\Minidump
2005-03-23 12:22:21 ----AC---- C:\WINDOWS\system32\nv4_disp.dll
2005-03-23 12:22:00 ----A---- C:\WINDOWS\system32\usbui.dll
2005-03-23 12:20:45 ----A---- C:\WINDOWS\imsins.BAK
2005-03-23 12:20:42 ----SHD---- C:\WINDOWS\Installer
2005-03-23 12:20:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2005-03-23 12:20:41 ----D---- C:\Program Files\Common Files\ODBC
2005-03-23 12:20:41 ----AC---- C:\WINDOWS\ODBCINST.INI
2005-03-23 12:20:38 ----D---- C:\Program Files\Common Files\SpeechEngines
2005-03-23 12:20:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2005-03-23 12:20:37 ----D---- C:\Program Files\Common Files
2005-03-23 12:20:37 ----AD---- C:\Program Files
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdtuq.dll
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdtuf.dll
2005-03-23 12:20:34 ----RAC---- C:\WINDOWS\system32\kbdazel.dll
2005-03-23 12:20:32 ----RAC---- C:\WINDOWS\system32\kbdmon.dll
2005-03-23 12:20:32 ----RAC---- C:\WINDOWS\system32\kbdkyr.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdycc.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbduzb.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdur.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdtat.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdru1.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdru.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdkaz.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdbu.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdblr.dll
2005-03-23 12:20:31 ----RAC---- C:\WINDOWS\system32\kbdaze.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhept.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhela2.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdhe220.dll
2005-03-23 12:20:29 ----RAC---- C:\WINDOWS\system32\kbdgkl.dll
2005-03-23 12:20:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2005-03-23 12:20:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2005-03-23 12:20:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlv1.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlv.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlt1.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdlt.dll
2005-03-23 12:20:27 ----RAC---- C:\WINDOWS\system32\kbdest.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdycl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdsl1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdsl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdro.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdpl1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdpl.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdhu1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdhu.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz2.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz1.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcz.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\kbdcr.dll
2005-03-23 12:20:24 ----RAC---- C:\WINDOWS\system32\KBDAL.DLL
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\spxcoins.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\irclass.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\EqnClass.Dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\dgsetup.dll
2005-03-23 12:20:21 ----AC---- C:\WINDOWS\system32\dgrpsetu.dll
2005-03-23 12:20:18 ----AC---- C:\WINDOWS\TASKMAN.EXE
2005-03-23 12:20:18 ----AC---- C:\WINDOWS\system32\CONFIG.TMP
2005-03-23 12:20:18 ----A---- C:\WINDOWS\system32\batt.dll
2005-03-23 12:20:17 ----A---- C:\WINDOWS\notepad.exe
2005-03-23 12:20:16 ----A---- C:\WINDOWS\system32\storprop.dll
2005-03-23 12:20:02 ----RAC---- C:\WINDOWS\SET8.tmp
2005-03-23 12:19:59 ----RAC---- C:\WINDOWS\SET4.tmp
2005-03-23 12:19:57 ----RAC---- C:\WINDOWS\SET3.tmp
2005-03-23 12:19:51 ----D---- C:\WINDOWS\system32\CatRoot2
2005-03-23 12:19:51 ----D---- C:\WINDOWS\system32\CatRoot
2005-03-23 12:19:23 ----AC---- C:\WINDOWS\setuplog.txt
2005-03-23 12:19:20 ----D---- C:\Documents and Settings
2005-03-23 12:19:19 ----SHD---- C:\System Volume Information
2005-03-23 12:18:34 ----SH---- C:\boot.ini
2005-03-23 12:11:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2005-03-23 12:11:33 ----RSD---- C:\WINDOWS\Fonts
2005-03-23 12:11:33 ----RD---- C:\WINDOWS\Web
2005-03-23 12:11:33 ----HD---- C:\WINDOWS\inf
2005-03-23 12:11:33 ----D---- C:\WINDOWS\WinSxS
2005-03-23 12:11:33 ----D---- C:\WINDOWS\twain_32
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Temp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\wins
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\wbem
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\usmt
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\spool
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ShellExt
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\Setup
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ras
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\oobe
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\npp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\mui
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\inetsrv
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\IME
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\icsxml
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\ias
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\export
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\drivers
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\dhcp
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\config
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\3com_dmi
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\3076
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\2052
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1054
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1042
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1041
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1037
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1033
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1031
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1028
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32\1025
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system32
2005-03-23 12:11:33 ----D---- C:\WINDOWS\system
2005-03-23 12:11:33 ----D---- C:\WINDOWS\security
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Resources
2005-03-23 12:11:33 ----D---- C:\WINDOWS\repair
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Provisioning
2005-03-23 12:11:33 ----D---- C:\WINDOWS\PeerNet
2005-03-23 12:11:33 ----D---- C:\WINDOWS\pchealth
2005-03-23 12:11:33 ----D---- C:\WINDOWS\mui
2005-03-23 12:11:33 ----D---- C:\WINDOWS\msapps
2005-03-23 12:11:33 ----D---- C:\WINDOWS\msagent
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Media
2005-03-23 12:11:33 ----D---- C:\WINDOWS\java
2005-03-23 12:11:33 ----D---- C:\WINDOWS\ime
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Help
2005-03-23 12:11:33 ----D---- C:\WINDOWS\ehome
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Driver Cache
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Debug
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Cursors
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Connection Wizard
2005-03-23 12:11:33 ----D---- C:\WINDOWS\Config
2005-03-23 12:11:33 ----D---- C:\WINDOWS\AppPatch
2005-03-23 12:11:33 ----D---- C:\WINDOWS\addins
2005-03-23 12:11:33 ----D---- C:\WINDOWS
2005-02-03 19:59:48 ----A---- C:\WINDOWS\system32\metaflac.exe
2005-02-03 19:59:44 ----A---- C:\WINDOWS\system32\flac.exe
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdtrace.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdsp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtpus.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtpdr.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdmtp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpdconns.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wpd_ci.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMVADVE.DLL
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wmpsrcwp.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wmpencen.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMDRMNet.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\WMDRMdev.dll
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wdfmgr.exe
2005-01-28 12:44:28 ----AC---- C:\WINDOWS\system32\wdfapi.dll
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\wmvadvd.dll
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\uwdf.exe
2005-01-28 12:44:28 ----A---- C:\WINDOWS\system32\Audiodev.dll
2005-01-18 01:07:18 ----A---- C:\WINDOWS\opuc.dll
2004-12-14 08:07:46 ----AC---- C:\WINDOWS\system32\hpotiop.dll
2004-12-14 08:07:46 ----A---- C:\WINDOWS\system32\hpgwiamd.dll
2004-12-14 08:07:44 ----AC---- C:\WINDOWS\system32\hpzcon12.dll
2004-12-14 08:07:44 ----AC---- C:\WINDOWS\system32\hpzcoi12.dll
2004-12-14 08:07:42 ----A---- C:\WINDOWS\system32\HPZc3212.dll
2004-10-11 14:37:16 ----AC---- C:\WINDOWS\system32\NVCOAD.DLL
2004-09-06 12:56:54 ----ASC---- C:\WINDOWS\system32\archlib.dll
2004-08-22 17:04:56 ----AC---- C:\WINDOWS\daemon.dll
2004-08-19 23:26:54 ----AC---- C:\WINDOWS\Twunk_32.dll
2004-08-19 23:26:54 ----AC---- C:\WINDOWS\Twunk_16.dll
2004-08-04 04:00:00 ----RSH---- C:\NTDETECT.COM
2004-08-04 04:00:00 ----RC---- C:\WINDOWS\system32\rsop.msc
2004-08-04 04:00:00 ----RC---- C:\WINDOWS\system32\perfmon.msc
2004-08-04 04:00:00 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\riched32.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\oleaut32.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\msvcrt40.dll
2004-08-04 04:00:00 ----N---- C:\WINDOWS\system32\expsrv.dll
2004-08-04 04:00:00 ----C---- C:\WINDOWS\system32\comcat.dll
2004-08-04 04:00:00 ----C---- C:\WINDOWS\system32\asycfilt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\winhelp.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\vmmreg32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twunk_32.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twunk_16.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\twain.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\xenroll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshnetbs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshisn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wshatm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowexec.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmvdmoe2.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmspdmoe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmsdmoe2.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmploc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpdxm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpcore.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmpcd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmiscmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmiprop.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmidx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmerrenu.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wmadmoe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winstrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winnls.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\winfax.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wifeman.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\webhits.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\webcheck.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\w32topl.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vwipxspx.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vwipxspx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vssvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vss_ps.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vjoy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vga64k.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vga256.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vfpodbc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ver.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\vcdex.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\userinit.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ureg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ups.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\umdmxfrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ufat.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tsd32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tlntsvr.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tcpmon.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapiui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapiperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\tapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\t2embed.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sysinv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sysedit.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\swprv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\svcpack.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sqlwoa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sqlwid.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprestrt.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\spoolsv.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\softpub.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\smlogsvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\slbrccsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\slbcsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sisbkup.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\share.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sfmapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sfcfiles.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\setver.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\setupdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\serwvdrv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\services.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\serialui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\senscfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\secpol.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sdpblb.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scriptpw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scredir.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sclgntfy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sccbase.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scardsvr.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\scardssp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rundll32.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rtm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvpperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvpmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvp.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsvp.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rsfsaps.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rpcns4.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\routetab.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rnr20.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rend.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasser.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasrad.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasmxs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasmontr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasctrs.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\rasctrs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\qosname.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pubprn.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\psnppagn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pschdprf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pschdprf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prodspec.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnqctl.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnport.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnmngr.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prnjobs.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prndrvr.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prncnfg.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\prflbmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\plustab.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pifmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfwci.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfts.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfos.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfnw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perffilt.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\perfci.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\panmap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\pagefileconfig.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\oleaccrc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\oleacc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\odbc16gt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwevent.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwcfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nwapi16.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nw16.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntvdm.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsoprq.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntmsevt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntlanui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ntdsbcli.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\notepad.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\nlsfunc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\neth.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netevent.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\netdde.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ncxpnt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\narrhook.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msxml2r.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvfw32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvcrt20.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvcp50.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvbvm60.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msvbvm50.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msswch.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mssip32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mssign32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\MSSCP.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrecr40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrclr40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msrating.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msratelc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msr2cenu.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msr2c.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msports.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mspatcha.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msobjs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msnetobj.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msiexec.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mshtmler.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msencode.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mscat32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msaudite.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\msaatext.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqperf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqperf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqgentr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mqcertui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mprddm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\modex.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmutilse.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmdrv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mmcshext.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_qic.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_mtf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mll_hp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mfc40.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mem.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mdhcp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mciole32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mciole16.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mchgrcoi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mcdsrv32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mcd32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mapistub.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mag_hook.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lzexpand.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lusrmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\lprmonui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\logonui.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\login.cmd
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\loghours.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\locator.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\loadfix.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\licdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\laprxy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\langwrbk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\krnl386.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdusl.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdus.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbduk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsw.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdsf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdpo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdno.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdne.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdmac.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdla.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdit142.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdit.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdir.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdic.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgr1.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdgae.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdfc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdes.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbddv.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdda.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdcan.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdca.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbene.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kbdbe.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\kb16.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jobexec.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgsh400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgsd400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgmd400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jgaw400.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\jet500.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iuengine.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxsap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxrtmgr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxrip.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxpromn.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ipxmontr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iprtprio.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iprop.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iologmsg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\infosoft.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\inetcplc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\imapi.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iissuba.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ifsutil.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ieakui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassvcs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassdo.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iassam.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasrecst.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iaspolcy.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasnap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iashlpr.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasads.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\iasacct.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\hnetmon.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\hhsetup.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\graphics.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gpedit.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\glmf32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gdi.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\gcdef.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ftsrch.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fsusd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fsmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fmifs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\fastopen.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\exe2bin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventvwr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventquery.vbs
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eventcls.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\eula.txt
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esentprf.ini
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esentprf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\esent97.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\es.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\edlin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\edit.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\duser.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dsauth.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ds16gt.dLL
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drwatson.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drmv2clt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\drmstor.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpwsock.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpserial.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpnwsock.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpnmodem.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dplay.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dpcdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmocx.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmintf.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmdskres.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmconfig.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dmadmin.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dllhost.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\diskmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dimap.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\diactfrm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dhcpsapi.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\devmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\debug.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\dbnetlib.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dxof.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3drm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dpmesh.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\d3dim.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\csseqchk.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\crtdll.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\console.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\compmgmt.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\command.com
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cnvfat.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cnetcfg.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cmpbk32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\clipsrv.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\clb.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cisvc.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ciadv.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ciadmin.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cfgmgr32.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\cewmdm.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\certmgr.msc
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\ccfgnt.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\blackbox.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\autodisc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\autochk.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atmpvcno.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atmfd.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\atkctrs.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\asferror.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\append.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\apcups.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\alg.exe
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\advpack.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\adsnds.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\adptif.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\aaaamon.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\6to4svc.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\msdfmap.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\winhlp32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\win.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\twain_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xpob2res.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xcopy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\xactsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wstdecod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshrm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wship6.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshcon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wshbth.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wsecedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wscntfy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wpabaln.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wow32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmvcore.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmstream.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmpshell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmpasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmerror.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\WMDMPS.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\WMDMLOG.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wmadmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wlnotify.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wldap32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wkssvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winver.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wintrust.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsta.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winspool.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winsock.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winshfhc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winscard.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winrnr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winntbbu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winmsd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winmm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winlogon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winipsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wininet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winhttp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winhlp32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\winbrand.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win87em.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win32spl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\win.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiavusd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiavideo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiashext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiaservc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiascr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiadss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiadefui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wextract.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\webvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\webclnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wdigest.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\wavemsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w3ssl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w32tm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\w32time.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vssapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vssadmin.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vga.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\version.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\verifier.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\verifier.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vdmredir.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\vbajet32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\uxtheme.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\utilman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\utildll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usp10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\userenv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\user32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\user.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usbmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\url.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnpui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnphost.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnpcont.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\upnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\untfs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\unlodctr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\uniplat.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\unimdmat.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\umandlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ulib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\udhisapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\typeperf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\typelib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\txflog.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\twext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tsddd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\trkwks.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tree.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\traffic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracert6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracert.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tracerpt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tourstart.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\toolhelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntsess.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\themeui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tftp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\termmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\telnet.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcpmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tasklist.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\taskkill.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapisrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\tapi3.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\systray.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\systeminfo.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syssetup.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syskey.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syncui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\synceng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\syncapp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sxs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\svchost.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\subst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\strmfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\strmdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\storage.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\stobject.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\stimon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sti_ci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sti.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\srvsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spoolss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spnpinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\spiisupd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sort.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\snmpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smss.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\smbinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\slbiop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\slayerxp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\skeys.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\skdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sigverif.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sigtab.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shutdown.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shsvcs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shscrap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shrpubw.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shmgrate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shmedia.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shlwapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shimgvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shimeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shgina.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shfolder.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shellstyle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shell32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shdocvw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\shdoclc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc_os.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sfc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\setupapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\setup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sethc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\services.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sensapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sens.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sendmail.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\security.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\secur32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\seclogon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\secedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sdbinst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scrrun.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scrobj.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\schtasks.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\schannel.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scesrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scecli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sccsccp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\scarddlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sbeio.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\sbe.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\savedump.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\samsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\samlib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\runonce.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\runas.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtutils.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rtcshare.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsopprov.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsnotify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmui.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmsink.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsmps.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rshx32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rsaenh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rpcss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\routemon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\route.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\riched20.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rexec.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\resutils.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\replace.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\relog.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regwizc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regwiz.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regsvr32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regedt32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\regapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\reg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\redir.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\recover.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rdpdd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcimlby.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rastls.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rastapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rassapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasppp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasphone.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasmans.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasdial.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\raschap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasautou.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasauto.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\query.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\quartz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qedwipes.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qdvd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qdv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qcap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\qasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pstorec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\psbase.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\psapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\proxycfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\proquota.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\progman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\profmap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\printui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\print.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\powrprof.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\powercfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\polstore.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pngfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pmspl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ping6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ping.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pidgen.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\photowiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfproc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfmon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfdisk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\perfctrs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pentnt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pdh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pautoenr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\pathping.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\packager.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2psvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\p2p.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osuninst.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osuninst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\osk.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\opengl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\openfiles.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olethk32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olesvr32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olesvr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olepro32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oleprn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oledlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecnv32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecli32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\olecli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2nls.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2disp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ole2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\offfilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odtext32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odpdx32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odfox32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odexl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oddbse32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbctrac.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcji32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcint.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccu32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccr32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbccp32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcconf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcconf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbcad32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\odbc32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ocmanage.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\occache.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\objsel.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\oakley.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwwks.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwprovau.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nwapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntshrui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntsd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntprint.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntmarta.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntlanman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ntbackup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nslookup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\npptools.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nlhtml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\newdev.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netui0.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netstat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netshell.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netsh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netrap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netplwiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netman.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netlogon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netcfgx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\netapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\net1.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\net.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddenb32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddeapir.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nddeapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\nbtstat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\narrator.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mydocs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mycomput.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mtxclu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxmlr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml3r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml3.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msxbde40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswstr10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswsock.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MSWMDM.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mswdat10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msw3prt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvideo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvidctl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvidc32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcp60.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msvcirt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msutb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mstext40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msswchx.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mssap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrle32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrepl40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msprivs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MsPMSP.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mspbde40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msorcl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msorc32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msnsspc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msltus40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msls31.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mslbui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjtes40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjter40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjint40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msjet40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msisip.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimtf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimsg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msimg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msihnd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msieftp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msidntld.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msidle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msident.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshtmled.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshtml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mshta.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msgsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msgina.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msftedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msexcl40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msexch40.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdmo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdart.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msdadiag.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msctfp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msctf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscms.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msasn1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msapsspc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msafd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msacm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\msacm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mrinfo.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqtrig.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsvc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqqm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqoa.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqise.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqdscli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqbkup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mqad.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mprdim.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mprapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpnotify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mountvol.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\moricons.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\more.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\modemui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mode.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mobsync.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mobsync.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmsystem.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmcbase.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mmc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mlang.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mimefilt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\migpwd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\miglibnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\midimap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc42u.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc42.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mfc40u.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mf3216.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mdminst.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciwave.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciseq.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mcicda.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mciavi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\mcastmib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\makecab.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\magnify.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lz32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lsass.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lprhelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpq.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lpk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\logman.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\logagent.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lodctr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localspl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\localsec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\loadperf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lnkstub.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lmrt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\linkinfo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\lights.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\licmgr10.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\label.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\keymgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kernel32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kerberos.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kdcom.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kd1394.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdukx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdno1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdnec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinben.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jsproxy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jgpl400.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\jgdw400.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ixsso.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\itss.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\itircl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir50_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ir32_32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipxwan.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipxroute.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipv6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipsec6.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ippromon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipmontr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ipconfig.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inseng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\input.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\initpki.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetppui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetpp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\inetmib1.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imgutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imeshare.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\imagehlp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ifmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iexpress.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iesetup.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iernonce.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieencode.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieaksie.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ieakeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\idq.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icmui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icmp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\icm32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iccvid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\iasrad.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\htui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\httpapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hotplug.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hostname.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hlink.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\help.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\hccoin.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\HAL.DLL
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\h323msp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\grpconv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\graftabl.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpupdate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gptext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpresult.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gpedit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\glu32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\getmac.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\gdi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fwcfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ftp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fsutil.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fsquirt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\framebuf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\format.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\forcedos.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontview.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontsub.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fontext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fixmapi.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\finger.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\findstr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\find.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\filemgmt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\feclient.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fdeploy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fde.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\fc.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\faultrep.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\exts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\extrac32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\extmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\expand.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventvwr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventlog.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eventcreate.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\eudcedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\esentutl.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\esent.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ersvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\encdec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\encapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\els.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\efsadu.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxtrans.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxmasf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dxdiag.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dx8vb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dx7vb.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dwwin.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dumprep.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dswave.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsuiext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dssenh.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dssec.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsquery.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsprpres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsprop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsound3d.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsound.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dskquoui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dskquota.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dsdmo.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ds32gt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drprov.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\drmclien.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\driverquery.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvvox.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvoice.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpvacm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dplayx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dosx.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\doskey.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\docprop2.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\docprop.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dnsapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmusic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmsynth.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmstyle.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmserver.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmscript.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmremote.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmloader.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmcompos.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dmband.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dispex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskperf.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskpart.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcopy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcopy.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diskcomp.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dinput8.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dinput.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\digest.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\diantz.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dgnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dfrg.msc
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\devmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\devenum.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskperf.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskmon.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\deskadp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\defrag.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddrawex.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddraw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddeshare.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ddeml.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dciman32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbghelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dbgeng.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\davclnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\datime.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dataclen.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\danim.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3dramp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3dim700.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d9.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\d3d8.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ctfmon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\csrss.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\csrsrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscript.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cscdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptnet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptdll.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\crypt32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\credui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\corpol.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\convert.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\control.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\conime.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\confmsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comres.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compstui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compobj.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compatui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\compact.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\commdlg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comdlg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\comctl32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmutil.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmstp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmmon32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmdl32.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmdial32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmd.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\clusapi.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cliconfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cliconfg.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ckcnv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cipher.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ciodm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cidaemon.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cic.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chkntfs.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chkdsk.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\chcp.com
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\certmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\certcli.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdosys.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cdfview.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cards.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\capesnpn.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\camocx.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cacls.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cabview.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\cabinet.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\btpanui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bthserv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bthci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browsewm.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browseui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browser.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\browselc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootvid.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootok.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bootcfg.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\blastcln.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\bidispl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\batmeter.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\basesrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avifile.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avifil32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avicap32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\avicap.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autolfn.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autofmt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\autoconv.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\authz.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\auditusr.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\audiosrv.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\attrib.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atmlib.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atmadm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\atl.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\at.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\arp.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\appmgr.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\appmgmts.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\apphelp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\amstream.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\alrsvc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\ahui.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\advapi32.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsnw.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsnt.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsmsext.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsldpc.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\adsldp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\admparse.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\actxprxy.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\actmovie.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\activeds.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\aclui.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\acledit.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system.ini
2004-08-04 04:00:00 ----A---- C:\WINDOWS\regedit.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\hh.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\explorer.exe
2004-08-03 16:56:48 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2004-08-03 16:56:48 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2004-08-03 16:56:46 ----AC---- C:\WINDOWS\system32\pid.dll
2004-08-03 16:56:46 ----A---- C:\WINDOWS\system32\pjlmon.dll
2004-08-03 16:56:46 ----A---- C:\WINDOWS\system32\msyuv.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\hid.dll
2004-08-03 16:56:44 ----A---- C:\WINDOWS\system32\dmutil.dll
2004-08-03 16:56:42 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2004-08-03 14:59:00 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2004-06-14 14:56:26 ----AC---- C:\WINDOWS\system32\XceedZip.dll
2004-06-11 13:27:32 ----RAC---- C:\WINDOWS\system32\HPODXPAT.DLL
2003-11-19 14:59:36 ----AC---- C:\WINDOWS\system32\XceedCry.dll
2003-08-04 23:28:34 ----AC---- C:\WINDOWS\system32\RTCRES.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrszht.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrszhc.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrstr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssv.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrssk.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsru.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsptb.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrspt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrspl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsno.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsnl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsko.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsja.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsit.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrshu.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrshe.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsfr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsfi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsesm.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrses.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrseng.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsel.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsde.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsda.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrscs.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwrsar.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvwddi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvsvc32.exe
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrszht.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrszhc.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrstr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssv.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrssk.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsru.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsptb.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrspt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrspl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsno.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsnl.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsko.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsja.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsit.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrshu.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrshe.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsfr.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsfi.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsesm.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrses.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrseng.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsel.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsde.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsda.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrscs.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvrsar.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvoglnt.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nvmctray.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nviewimg.dll
2003-07-28 14:19:00 ----AC---- C:\WINDOWS\system32\nview.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvinstnt.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\keystone.exe
2003-07-28 14:19:00 ----A---- C:\WINDOWS\system32\dmcpl.exe
2003-04-18 15:29:26 ----A---- C:\WINDOWS\system32\msxml4r.dll
2003-03-18 21:19:59 ----A---- C:\WINDOWS\system32\MFC71.dll
2003-03-18 21:14:52 ----RA---- C:\WINDOWS\system32\msvcp71.dll
2003-03-18 20:44:38 ----AC---- C:\WINDOWS\system32\MFC71KOR.DLL
2003-03-18 20:44:38 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71ITA.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71ESP.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71CHT.DLL
2003-03-18 20:44:36 ----AC---- C:\WINDOWS\system32\MFC71CHS.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71JPN.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71FRA.DLL
2003-03-18 20:44:34 ----AC---- C:\WINDOWS\system32\MFC71DEU.DLL
2003-03-18 20:05:50 ----RA---- C:\WINDOWS\system32\atl71.dll
2003-03-18 13:12:12 ----AC---- C:\WINDOWS\system32\mfc71u.dll
2003-01-07 15:05:08 ----AC---- C:\WINDOWS\system32\OUTLPERF.INI
2002-08-21 05:13:12 ----A---- C:\WINDOWS\system32\WISPTIS.EXE
2002-08-21 05:10:16 ----A---- C:\WINDOWS\system32\INKED.DLL
2002-07-10 07:54:32 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2002-01-04 20:48:16 ----AC---- C:\WINDOWS\system32\mfc70.dll
2002-01-04 20:36:38 ----AC---- C:\WINDOWS\system32\mfc70u.dll
2002-01-04 19:40:20 ----AC---- C:\WINDOWS\system32\msvcp70.dll
2002-01-04 19:38:38 ----AC---- C:\WINDOWS\system32\msvci70.dll
2002-01-04 19:37:28 ----AC---- C:\WINDOWS\system32\msvcr70.dll
2002-01-04 18:18:20 ----AC---- C:\WINDOWS\system32\atl70.dll
2002-01-01 11:50:17 ----AD---- C:\Program Files\Norton Support
2002-01-01 07:37:57 ----D---- C:\rsit
2002-01-01 07:23:35 ----D---- C:\Documents and Settings\steve\Application Data\Malwarebytes
2002-01-01 07:23:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2002-01-01 07:23:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2002-01-01 02:02:12 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2002-01-01 02:02:11 ----D---- C:\Program Files\NOS
2002-01-01 00:00:43 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2001-12-31 23:25:42 ----A---- C:\WINDOWS\wininit.ini
2001-12-31 23:14:29 ----A---- C:\WINDOWS\system32\ztwanl.dll

======List of files/folders modified in the last 1 months======

2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowfaxui.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\wowfax.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrvpa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrvoica.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrv80a.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrv42a.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrsvpia.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrsdpia.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrrtosa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrlbva.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrfaxa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrdtea.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrdpa.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrcoina.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\usrcntra.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprio800.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\sprio600.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\spnike.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\paqsp.dll
2004-08-04 04:00:00 ----AC---- C:\WINDOWS\system32\mdwmdmsp.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrshuta.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrprbda.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\streamci.dll
2004-08-04 04:00:00 ----A---- C:\WINDOWS\system32\dvdplay.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-22 80896]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2006-11-17 15360]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-21 35888]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
S1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\ccHPx86.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys []
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
S1 SRTSPX;SRTSPX; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SRTSPX.SYS []
S1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMTDI.SYS []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-16 16512]
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2005-05-02 8413]
S2 Parclass;Parclass; C:\WINDOWS\System32\Drivers\Parclass.sys [2000-04-04 19824]
S2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2001-09-26 285088]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 ICAM3NT5;Intel® PC Camera CS331; C:\WINDOWS\System32\Drivers\ICAM3D2.SYS [2001-12-03 145184]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.023\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.023\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
S3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-10-22 53376]
S3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-10-22 413824]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-05-27 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SRTSP;SRTSP; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SRTSP.SYS []
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2006-02-09 71368]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMDNS.SYS []
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMFW.SYS []
S3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMIDS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-10-21 35888]
S3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMNDIS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-07 91136]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S2 Adobe Version Cue CS2;Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [2005-04-04 163840]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2000-11-30 57344]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S2 EraserSvc10823;Symantec Eraser Service; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [2008-10-21 115560]
S2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
S2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.0.0.125\ccSvcHst.exe [2008-10-21 115560]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-07-28 77824]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-07-01 68096]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-04-27 53337]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-04-27 49241]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-04-27 69718]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 WinDefend;Windows Defender Service; C:\Program Files\Windows Defender\MsMpEng.exe [2006-04-03 14032]

-----------------EOF-----------------


T

#14 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:15 AM

Posted 31 October 2008 - 05:00 AM

Everything looks good how are things running?
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#15 redliner00

redliner00
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 01 November 2008 - 01:22 AM

Computer runs much faster, but it still freezes in normal mode after about 30 seconds of operation (as programs load on startup after the desktop opens) .. any ideas? It must be a program or process that safe mode disables?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users