Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virtumonde infection


  • This topic is locked This topic is locked
22 replies to this topic

#1 franticopic

franticopic

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 03 December 2008 - 12:13 PM

ive been trying to get rid of the Virtumonde virus for days now, any help would be much appreciated, thanks guys.


Logfile of random's system information tool 1.04 (written by random/random)
Run by LaFranco at 2008-12-03 09:09:39
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 31 GB (41%) free of 76 GB
Total RAM: 3070 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:09:51 AM, on 03/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\LaFranco\Downloads\RSIT.exe
C:\Program Files\trend micro\LaFranco.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {06003348-0DEA-438F-A0CA-D5CAB0BB4729} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {20FD3683-5F23-4079-9F96-71D3B8676310} - (no file)
O2 - BHO: (no name) - {33623732-2879-415A-9DCB-B423E2A98119} - (no file)
O2 - BHO: (no name) - {37E78054-D9F3-4C93-A8C0-1BE9EE9C6144} - (no file)
O2 - BHO: (no name) - {427678BF-EFD8-46AF-A38D-23440B0ABB84} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {8F60CF51-82E7-491E-A873-C5D11A5CDFE4} - (no file)
O2 - BHO: (no name) - {94378A7D-1B5F-4C5F-9FC8-FBB514800E38} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {B0B3393C-62D1-44D8-ABF5-08E0F067F29E} - (no file)
O2 - BHO: (no name) - {D8A88537-718B-4025-9823-E4F7CBB1F7A1} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.61.dll
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\fccbASKC.dll,#1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [50f55450] rundll32.exe "C:\Windows\system32\cjtkgkey.dll",b
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O13 - Gopher Prefix:
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 9909 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06003348-0DEA-438F-A0CA-D5CAB0BB4729}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20FD3683-5F23-4079-9F96-71D3B8676310}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33623732-2879-415A-9DCB-B423E2A98119}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37E78054-D9F3-4C93-A8C0-1BE9EE9C6144}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{427678BF-EFD8-46AF-A38D-23440B0ABB84}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F60CF51-82E7-491E-A873-C5D11A5CDFE4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94378A7D-1B5F-4C5F-9FC8-FBB514800E38}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0B3393C-62D1-44D8-ABF5-08E0F067F29E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D8A88537-718B-4025-9823-E4F7CBB1F7A1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - FireShot - C:\Users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.61.dll [2008-10-28 49152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"=C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [2006-10-26 32560]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-18 13593120]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-18 92704]
""= []
"MSServer"=C:\Windows\system32\fccbASKC.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"50f55450"=C:\Windows\system32\cjtkgkey.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\50f55450]
C:\Windows\system32\cjtkgkey.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2007-06-14 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
C:\Windows\system32\fccbASKC.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2008-12-03 09:09:40 ----D---- C:\Program Files\trend micro
2008-12-03 09:09:39 ----D---- C:\rsit
2008-12-03 09:00:24 ----D---- C:\Program Files\HijackThis
2008-12-03 03:32:17 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-12-03 03:32:11 ----D---- C:\Users\LaFranco\AppData\Roaming\SUPERAntiSpyware.com
2008-12-03 03:32:11 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-03 03:31:51 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-03 03:00:55 ----D---- C:\Users\LaFranco\AppData\Roaming\Malwarebytes
2008-12-03 03:00:50 ----D---- C:\ProgramData\Malwarebytes
2008-12-03 03:00:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-03 02:18:27 ----A---- C:\Windows\system32\msshooks.dll
2008-12-03 02:18:27 ----A---- C:\Windows\system32\msscb.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\thawbrkr.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-12-03 02:18:25 ----A---- C:\Windows\system32\propsys.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\propdefs.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\msstrc.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\mssprxy.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\mssitlb.dll
2008-12-03 02:18:25 ----A---- C:\Windows\system32\msshsq.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\xmlfilter.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\wsepno.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\srchadmin.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-12-03 02:18:24 ----A---- C:\Windows\system32\rtffilt.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\offfilt.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\nlhtml.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\msscntrs.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\mimefilt.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\korwbrkr.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\chtbrkr.dll
2008-12-03 02:18:24 ----A---- C:\Windows\system32\chsbrkr.dll
2008-12-03 02:18:23 ----A---- C:\Windows\system32\tquery.dll
2008-12-03 02:18:23 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-12-03 02:18:23 ----A---- C:\Windows\system32\mssvp.dll
2008-12-03 02:18:23 ----A---- C:\Windows\system32\mssrch.dll
2008-12-03 02:18:23 ----A---- C:\Windows\system32\mssphtb.dll
2008-12-03 02:18:23 ----A---- C:\Windows\system32\mssph.dll
2008-12-03 02:15:26 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-03 02:15:25 ----A---- C:\Windows\system32\rpcrt4.dll
2008-12-03 02:15:22 ----A---- C:\Windows\system32\pacerprf.dll
2008-12-03 02:15:06 ----A---- C:\Windows\system32\wersvc.dll
2008-12-03 02:15:06 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-03 02:14:56 ----A---- C:\Windows\system32\connect.dll
2008-12-03 02:14:40 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-03 02:14:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-03 02:14:40 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-03 02:14:36 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-03 02:14:35 ----A---- C:\Windows\system32\dataclen.dll
2008-12-03 02:14:35 ----A---- C:\Windows\system32\cdd.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\wshext.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\wscript.exe
2008-12-03 02:14:34 ----A---- C:\Windows\system32\vbscript.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\scrrun.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\scrobj.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\jscript.dll
2008-12-03 02:14:34 ----A---- C:\Windows\system32\cscript.exe
2008-12-03 01:42:31 ----A---- C:\Windows\ntbtlog.txt
2008-12-03 00:33:13 ----D---- C:\Users\LaFranco\AppData\Roaming\InstallShield
2008-12-02 23:57:39 ----A---- C:\Windows\system32\javaws.exe
2008-12-02 23:57:39 ----A---- C:\Windows\system32\javaw.exe
2008-12-02 23:57:39 ----A---- C:\Windows\system32\java.exe
2008-12-02 23:56:44 ----D---- C:\Program Files\Common Files\Java
2008-12-02 22:59:20 ----A---- C:\VundoFix.txt
2008-12-02 21:31:39 ----D---- C:\Program Files\Panda Security
2008-12-02 17:51:44 ----A---- C:\Windows\wininit.ini
2008-12-01 23:36:44 ----D---- C:\Users\LaFranco\AppData\Roaming\DivX
2008-12-01 16:51:01 ----D---- C:\Users\LaFranco\AppData\Roaming\Download Manager
2008-12-01 15:44:42 ----D---- C:\Users\LaFranco\AppData\Roaming\Mr Retro
2008-12-01 15:33:05 ----D---- C:\Program Files\DAEMON Tools Lite
2008-12-01 01:54:40 ----D---- C:\Users\LaFranco\AppData\Roaming\DAEMON Tools
2008-11-28 03:16:05 ----A---- C:\Windows\system32\5bd6902e-.txt
2008-11-28 02:30:06 ----D---- C:\Users\LaFranco\AppData\Roaming\Autodesk
2008-11-28 02:22:47 ----D---- C:\Program Files\Turbo Squid Tentacles
2008-11-28 02:22:34 ----D---- C:\Program Files\Microsoft WSE
2008-11-28 02:18:58 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-11-28 02:18:57 ----D---- C:\ProgramData\Autodesk
2008-11-28 02:18:09 ----D---- C:\Program Files\Autodesk
2008-11-28 02:17:57 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-11-28 02:17:57 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-11-28 02:17:57 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-11-28 02:17:57 ----A---- C:\Windows\system32\d3dx10.dll
2008-11-28 02:17:57 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-11-28 02:17:56 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-11-28 00:57:11 ----A---- C:\Windows\system32\BASSMOD.dll
2008-11-28 00:49:24 ----D---- C:\Windows\Sun
2008-11-28 00:40:57 ----A---- C:\Windows\system32\deploytk.dll
2008-11-28 00:40:40 ----D---- C:\Program Files\Java
2008-11-28 00:08:36 ----D---- C:\ProgramData\Martau
2008-11-28 00:08:31 ----D---- C:\Program Files\Total Uninstall 4
2008-11-27 16:16:51 ----SHD---- C:\ProgramData\System Restore
2008-11-27 16:16:51 ----D---- C:\Users\LaFranco\AppData\Roaming\FireShot
2008-11-27 15:27:01 ----D---- C:\Program Files\Safari
2008-11-27 15:26:20 ----D---- C:\Program Files\Bonjour
2008-11-27 12:18:54 ----D---- C:\Users\LaFranco\AppData\Roaming\Opera
2008-11-25 17:36:56 ----RD---- C:\Users\LaFranco\AppData\Roaming\Brother
2008-11-25 16:56:58 ----A---- C:\Windows\system32\msonpmon.dll
2008-11-25 16:52:29 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-11-25 12:50:50 ----D---- C:\Program Files\KarntheBetrayer
2008-11-23 20:43:53 ----D---- C:\Program Files\Common Files\SourceTec
2008-11-23 20:43:52 ----D---- C:\Program Files\SourceTec
2008-11-21 11:04:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-11-21 11:04:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-20 17:46:18 ----A---- C:\Windows\BRWMARK.INI
2008-11-20 17:46:18 ----A---- C:\Windows\BRPP2KA.INI
2008-11-19 12:13:30 ----D---- C:\Program Files\FlashFXP
2008-11-19 12:13:29 ----D---- C:\ProgramData\FlashFXP
2008-11-19 03:45:57 ----D---- C:\Users\LaFranco\AppData\Roaming\TeraCopy
2008-11-19 03:45:55 ----D---- C:\Program Files\TeraCopy
2008-11-19 03:02:22 ----D---- C:\Program Files\World of Warcraft
2008-11-19 03:02:22 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2008-11-19 02:50:46 ----D---- C:\ProgramData\FLEXnet
2008-11-19 02:39:48 ----D---- C:\ProgramData\ALM
2008-11-19 02:33:50 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2008-11-19 02:27:18 ----D---- C:\Program Files\Adobe Media Player
2008-11-19 02:26:42 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-19 02:26:15 ----D---- C:\ProgramData\Adobe
2008-11-19 02:24:08 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-11-19 02:18:48 ----D---- C:\ProgramData\NVIDIA
2008-11-19 02:08:16 ----D---- C:\PerfLogs
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvwssr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvwss.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvwgf2um.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvvitvsr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvvitvs.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvoglv32.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmoblsr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmobls.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmccssr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmccss.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmccsrs.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvmccs.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvgamesr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvgames.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvdispsr.dll
2008-11-19 01:42:50 ----A---- C:\Windows\system32\nvdisps.dll
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvvsvc.exe
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvudisp.exe
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvcuda.dll
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvcolor.exe
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvcod134.dll
2008-11-19 01:42:49 ----A---- C:\Windows\system32\nvcod.dll
2008-11-19 01:42:49 ----A---- C:\Windows\system32\dpinst.exe
2008-11-19 01:18:06 ----A---- C:\Windows\system32\SLsvc.exe
2008-11-19 01:18:06 ----A---- C:\Windows\system32\onex.dll
2008-11-19 01:17:56 ----A---- C:\Windows\system32\PSHED.DLL
2008-11-19 01:17:55 ----A---- C:\Windows\system32\imagesp1.dll
2008-11-19 01:17:54 ----A---- C:\Windows\system32\dfsr.exe
2008-11-19 01:17:53 ----A---- C:\Windows\system32\pidgenx.dll
2008-11-19 01:17:52 ----A---- C:\Windows\system32\sstpsvc.dll
2008-11-19 01:17:52 ----A---- C:\Windows\system32\mstscax.dll
2008-11-19 01:17:51 ----A---- C:\Windows\system32\WsmSvc.dll
2008-11-19 01:17:51 ----A---- C:\Windows\system32\winrscmd.dll
2008-11-19 01:17:50 ----A---- C:\Windows\system32\sysmain.dll
2008-11-19 01:17:49 ----A---- C:\Windows\system32\VSSVC.exe
2008-11-19 01:17:49 ----A---- C:\Windows\system32\vssapi.dll
2008-11-19 01:17:49 ----A---- C:\Windows\system32\RMActivate.exe
2008-11-19 01:17:49 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2008-11-19 01:17:48 ----A---- C:\Windows\system32\secproc.dll
2008-11-19 01:17:48 ----A---- C:\Windows\system32\RMActivate_isv.exe
2008-11-19 01:17:48 ----A---- C:\Windows\system32\iesetup.dll
2008-11-19 01:17:46 ----A---- C:\Windows\system32\secproc_isv.dll
2008-11-19 01:17:45 ----A---- C:\Windows\system32\drmv2clt.dll
2008-11-19 01:17:44 ----A---- C:\Windows\system32\xpssvcs.dll
2008-11-19 01:17:44 ----A---- C:\Windows\system32\icardres.dll
2008-11-19 01:17:44 ----A---- C:\Windows\system32\icardagt.exe
2008-11-19 01:17:44 ----A---- C:\Windows\system32\blackbox.dll
2008-11-19 01:17:42 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2008-11-19 01:17:42 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2008-11-19 01:17:42 ----A---- C:\Windows\system32\RacEngn.dll
2008-11-19 01:17:42 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2008-11-19 01:17:41 ----A---- C:\Windows\system32\spwizimg.dll
2008-11-19 01:17:41 ----A---- C:\Windows\system32\rdpencom.dll
2008-11-19 01:17:41 ----A---- C:\Windows\system32\lpremove.exe
2008-11-19 01:17:41 ----A---- C:\Windows\bfsvc.exe
2008-11-19 01:17:40 ----A---- C:\Windows\system32\qmgr.dll
2008-11-19 01:17:40 ----A---- C:\Windows\system32\ntdll.dll
2008-11-19 01:17:40 ----A---- C:\Windows\system32\msjet40.dll
2008-11-19 01:17:40 ----A---- C:\Windows\system32\lsasrv.dll
2008-11-19 01:17:40 ----A---- C:\Windows\system32\localspl.dll
2008-11-19 01:17:39 ----A---- C:\Windows\system32\wevtsvc.dll
2008-11-19 01:17:39 ----A---- C:\Windows\system32\wcncsvc.dll
2008-11-19 01:17:39 ----A---- C:\Windows\system32\mscoree.dll
2008-11-19 01:17:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2008-11-19 01:17:38 ----A---- C:\Windows\system32\TsWpfWrp.exe
2008-11-19 01:17:38 ----A---- C:\Windows\system32\recdisc.exe
2008-11-19 01:17:38 ----A---- C:\Windows\system32\kernel32.dll
2008-11-19 01:17:37 ----A---- C:\Windows\system32\vds.exe
2008-11-19 01:17:37 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2008-11-19 01:17:36 ----A---- C:\Windows\system32\wmp.dll
2008-11-19 01:17:35 ----A---- C:\Windows\system32\wcnwiz.dll
2008-11-19 01:17:35 ----A---- C:\Windows\system32\SMBHelperClass.dll
2008-11-19 01:17:35 ----A---- C:\Windows\system32\msvbvm60.dll
2008-11-19 01:17:35 ----A---- C:\Windows\system32\mstsc.exe
2008-11-19 01:17:35 ----A---- C:\Windows\system32\mf.dll
2008-11-19 01:17:34 ----A---- C:\Windows\system32\termsrv.dll
2008-11-19 01:17:34 ----A---- C:\Windows\system32\msdtctm.dll
2008-11-19 01:17:34 ----A---- C:\Windows\system32\advapi32.dll
2008-11-19 01:17:33 ----A---- C:\Windows\system32\mmcndmgr.dll
2008-11-19 01:17:33 ----A---- C:\Windows\system32\kerberos.dll
2008-11-19 01:17:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2008-11-19 01:17:32 ----A---- C:\Windows\system32\Query.dll
2008-11-19 01:17:32 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2008-11-19 01:17:32 ----A---- C:\Windows\system32\MPSSVC.dll
2008-11-19 01:17:32 ----A---- C:\Windows\system32\CertEnroll.dll
2008-11-19 01:17:31 ----A---- C:\Windows\system32\xolehlp.dll
2008-11-19 01:17:31 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2008-11-19 01:17:31 ----A---- C:\Windows\system32\ole32.dll
2008-11-19 01:17:31 ----A---- C:\Windows\system32\msdtcprx.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\SSShim.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\nlmgp.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\netlogon.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\msvcrt.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2008-11-19 01:17:30 ----A---- C:\Windows\system32\DfsShlEx.dll
2008-11-19 01:17:29 ----A---- C:\Windows\system32\shlwapi.dll
2008-11-19 01:17:29 ----A---- C:\Windows\system32\sdclt.exe
2008-11-19 01:17:29 ----A---- C:\Windows\system32\schedsvc.dll
2008-11-19 01:17:29 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2008-11-19 01:17:29 ----A---- C:\Windows\system32\milcore.dll
2008-11-19 01:17:29 ----A---- C:\Windows\system32\IasMigPlugin.dll
2008-11-19 01:17:28 ----A---- C:\Windows\system32\wer.dll
2008-11-19 01:17:28 ----A---- C:\Windows\system32\vdsdyn.dll
2008-11-19 01:17:28 ----A---- C:\Windows\system32\user32.dll
2008-11-19 01:17:28 ----A---- C:\Windows\system32\d3d9.dll
2008-11-19 01:17:28 ----A---- C:\Windows\system32\clusapi.dll
2008-11-19 01:17:27 ----A---- C:\Windows\system32\WSDApi.dll
2008-11-19 01:17:27 ----A---- C:\Windows\system32\winrsmgr.dll
2008-11-19 01:17:27 ----A---- C:\Windows\system32\QAGENTRT.DLL
2008-11-19 01:17:27 ----A---- C:\Windows\system32\mmc.exe
2008-11-19 01:17:27 ----A---- C:\Windows\system32\diagperf.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\vdsbas.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\swprv.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\SLC.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\mtxclu.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\msi.dll
2008-11-19 01:17:26 ----A---- C:\Windows\system32\comctl32.dll
2008-11-19 01:17:25 ----A---- C:\Windows\system32\MSVidCtl.dll
2008-11-19 01:17:25 ----A---- C:\Windows\system32\gpsvc.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\XPSSHHDR.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\sbe.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\samsrv.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\msdtckrm.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\mfc42u.dll
2008-11-19 01:17:24 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2008-11-19 01:17:24 ----A---- C:\Windows\system32\esent.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\wecutil.exe
2008-11-19 01:17:23 ----A---- C:\Windows\system32\usp10.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\sdengin2.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\mfc42.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\gacinstall.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\cmipnpinstall.dll
2008-11-19 01:17:23 ----A---- C:\Windows\system32\cmicryptinstall.dll
2008-11-19 01:17:22 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2008-11-19 01:17:22 ----A---- C:\Windows\system32\mswsock.dll
2008-11-19 01:17:22 ----A---- C:\Windows\system32\crypt32.dll
2008-11-19 01:17:22 ----A---- C:\Windows\system32\comsvcs.dll
2008-11-19 01:17:22 ----A---- C:\Windows\system32\certutil.exe
2008-11-19 01:17:22 ----A---- C:\Windows\explorer.exe
2008-11-19 01:17:21 ----A---- C:\Windows\system32\wmdrmsdk.dll
2008-11-19 01:17:21 ----A---- C:\Windows\system32\setupapi.dll
2008-11-19 01:17:21 ----A---- C:\Windows\system32\oleaut32.dll
2008-11-19 01:17:21 ----A---- C:\Windows\system32\FirewallAPI.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\wecsvc.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\sqlceqp30.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\sdohlp.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\schannel.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\msv1_0.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\lsm.exe
2008-11-19 01:17:20 ----A---- C:\Windows\system32\iphlpsvc.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\eapp3hst.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\bcrypt.dll
2008-11-19 01:17:20 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\wmpmde.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\vdsutil.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\thumbcache.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\riched20.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\p2psvc.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\mcmde.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\imapi2fs.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\d3d10_1.dll
2008-11-19 01:17:19 ----A---- C:\Windows\system32\autofmt.exe
2008-11-19 01:17:19 ----A---- C:\Windows\system32\autoconv.exe
2008-11-19 01:17:19 ----A---- C:\Windows\system32\autochk.exe
2008-11-19 01:17:18 ----A---- C:\Windows\system32\WinSAT.exe
2008-11-19 01:17:18 ----A---- C:\Windows\system32\authui.dll
2008-11-19 01:17:18 ----A---- C:\Windows\system32\authfwcfg.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\wevtapi.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\mscories.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\dmvdsitf.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\comuid.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\comdlg32.dll
2008-11-19 01:17:17 ----A---- C:\Windows\system32\browseui.dll
2008-11-19 01:17:16 ----A---- C:\Windows\system32\WSDMon.dll
2008-11-19 01:17:16 ----A---- C:\Windows\system32\eapphost.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\wevtfwd.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\untfs.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\uexfat.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\rasmans.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\iassam.dll
2008-11-19 01:17:12 ----A---- C:\Windows\system32\eappcfg.dll
2008-11-19 01:17:11 ----A---- C:\Windows\system32\wlansvc.dll
2008-11-19 01:17:11 ----A---- C:\Windows\system32\whealogr.dll
2008-11-19 01:17:11 ----A---- C:\Windows\system32\sqlcese30.dll
2008-11-19 01:17:11 ----A---- C:\Windows\system32\pcaui.dll
2008-11-19 01:17:11 ----A---- C:\Windows\system32\DfrgNtfs.exe
2008-11-19 01:17:10 ----A---- C:\Windows\system32\dot3svc.dll
2008-11-19 01:17:09 ----A---- C:\Windows\system32\rdpwsx.dll
2008-11-19 01:17:09 ----A---- C:\Windows\system32\mssha.dll
2008-11-19 01:17:09 ----A---- C:\Windows\system32\msdrm.dll
2008-11-19 01:17:08 ----A---- C:\Windows\system32\zipfldr.dll
2008-11-19 01:17:08 ----A---- C:\Windows\system32\WsmAuto.dll
2008-11-19 01:17:08 ----A---- C:\Windows\system32\winhttp.dll
2008-11-19 01:17:08 ----A---- C:\Windows\system32\evr.dll
2008-11-19 01:17:08 ----A---- C:\Windows\system32\dfrgui.exe
2008-11-19 01:17:07 ----A---- C:\Windows\system32\rpcss.dll
2008-11-19 01:17:07 ----A---- C:\Windows\system32\rasppp.dll
2008-11-19 01:17:07 ----A---- C:\Windows\system32\nlasvc.dll
2008-11-19 01:17:07 ----A---- C:\Windows\system32\ncrypt.dll
2008-11-19 01:17:07 ----A---- C:\Windows\system32\BFE.DLL
2008-11-19 01:17:07 ----A---- C:\Windows\system32\audiosrv.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\WsmWmiPl.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-11-19 01:17:06 ----A---- C:\Windows\system32\wmdrmdev.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\WebClnt.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\themecpl.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\rastls.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\printui.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\objsel.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\msrepl40.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2008-11-19 01:17:06 ----A---- C:\Windows\system32\ddraw.dll
2008-11-19 01:17:05 ----A---- C:\Windows\system32\sqlsrv32.dll
2008-11-19 01:17:05 ----A---- C:\Windows\system32\QAGENT.DLL
2008-11-19 01:17:05 ----A---- C:\Windows\system32\iasnap.dll
2008-11-19 01:17:05 ----A---- C:\Windows\system32\dbghelp.dll
2008-11-19 01:17:04 ----A---- C:\Windows\system32\wmdrmnet.dll
2008-11-19 01:17:04 ----A---- C:\Windows\system32\WerFaultSecure.exe
2008-11-19 01:17:04 ----A---- C:\Windows\system32\w32time.dll
2008-11-19 01:17:04 ----A---- C:\Windows\system32\PresentationHost.exe
2008-11-19 01:17:04 ----A---- C:\Windows\system32\ncryptui.dll
2008-11-19 01:17:04 ----A---- C:\Windows\system32\icm32.dll
2008-11-19 01:17:04 ----A---- C:\Windows\system32\azroles.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\winsrv.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\spoolss.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\msctf.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\iprtrmgr.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\infocardapi.dll
2008-11-19 01:17:03 ----A---- C:\Windows\system32\bcdedit.exe
2008-11-19 01:17:03 ----A---- C:\Windows\system32\basecsp.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\wlangpui.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\winsta.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\taskschd.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\scksp.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\netprofm.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\mstlsapi.dll
2008-11-19 01:17:02 ----A---- C:\Windows\system32\AudioEng.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\winlogon.exe
2008-11-19 01:17:01 ----A---- C:\Windows\system32\taskcomp.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\rsaenh.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\netcfgx.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\hcrstco.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\dbgeng.dll
2008-11-19 01:17:01 ----A---- C:\Windows\system32\cdosys.dll
2008-11-19 01:17:00 ----A---- C:\Windows\system32\wlansec.dll
2008-11-19 01:17:00 ----A---- C:\Windows\system32\wercon.exe
2008-11-19 01:17:00 ----A---- C:\Windows\system32\msdtcuiu.dll
2008-11-19 01:17:00 ----A---- C:\Windows\system32\lpksetup.exe
2008-11-19 01:17:00 ----A---- C:\Windows\system32\dfshim.dll
2008-11-19 01:17:00 ----A---- C:\Windows\system32\apds.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\tsgqec.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\shdocvw.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\mprddm.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\iasrad.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\eapsvc.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\certcli.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2008-11-19 01:16:59 ----A---- C:\Windows\system32\aaclient.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\Wldap32.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\uDWM.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\msidcrl30.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\dnsapi.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\certmgr.dll
2008-11-19 01:16:58 ----A---- C:\Windows\system32\bcdsrv.dll
2008-11-19 01:16:57 ----A---- C:\Windows\system32\WMVDECOD.DLL
2008-11-19 01:16:57 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-11-19 01:16:57 ----A---- C:\Windows\system32\pla.dll
2008-11-19 01:16:57 ----A---- C:\Windows\system32\netshell.dll
2008-11-19 01:16:57 ----A---- C:\Windows\system32\dxgi.dll
2008-11-19 01:16:57 ----A---- C:\Windows\system32\dot3gpui.dll
2008-11-19 01:16:56 ----A---- C:\Windows\system32\wmicmiplugin.dll
2008-11-19 01:16:56 ----A---- C:\Windows\system32\ntprint.dll
2008-11-19 01:16:56 ----A---- C:\Windows\system32\cryptnet.dll
2008-11-19 01:16:56 ----A---- C:\Windows\system32\comsnap.dll
2008-11-19 01:16:55 ----A---- C:\Windows\system32\shsvcs.dll
2008-11-19 01:16:55 ----A---- C:\Windows\system32\MMDevAPI.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\wscsvc.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\wscisvif.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\winmm.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\synceng.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\services.exe
2008-11-19 01:16:54 ----A---- C:\Windows\system32\pnidui.dll
2008-11-19 01:16:54 ----A---- C:\Windows\system32\cmifw.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\WMVSDECD.DLL
2008-11-19 01:16:53 ----A---- C:\Windows\system32\tdh.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\taskeng.exe
2008-11-19 01:16:53 ----A---- C:\Windows\system32\rasapi32.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\msjtes40.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\msconfig.exe
2008-11-19 01:16:53 ----A---- C:\Windows\system32\imapi2.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\iassdo.dll
2008-11-19 01:16:53 ----A---- C:\Windows\system32\cipher.exe
2008-11-19 01:16:52 ----A---- C:\Windows\system32\uxtheme.dll
2008-11-19 01:16:52 ----A---- C:\Windows\system32\SessEnv.dll
2008-11-19 01:16:52 ----A---- C:\Windows\system32\dot3api.dll
2008-11-19 01:16:52 ----A---- C:\Windows\system32\dmdskmgr.dll
2008-11-19 01:16:52 ----A---- C:\Windows\system32\cmd.exe
2008-11-19 01:16:52 ----A---- C:\Windows\system32\cbsra.exe
2008-11-19 01:16:52 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\WUDFx.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\wlanmsm.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\wlancfg.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\wkssvc.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\wevtutil.exe
2008-11-19 01:16:51 ----A---- C:\Windows\system32\srvsvc.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\qdvd.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\msscp.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\mshtmled.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\localsec.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\loadperf.dll
2008-11-19 01:16:51 ----A---- C:\Windows\system32\diskpart.exe
2008-11-19 01:16:51 ----A---- C:\Windows\system32\comres.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\wsqmcons.exe
2008-11-19 01:16:50 ----A---- C:\Windows\system32\wlanapi.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\WinSATAPI.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\rpchttp.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\rdpdd.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\hnetcfg.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\fontext.dll
2008-11-19 01:16:50 ----A---- C:\Windows\system32\dsound.dll
2008-11-19 01:16:49 ----A---- C:\Windows\system32\WMADMOD.DLL
2008-11-19 01:16:49 ----A---- C:\Windows\system32\wlanpref.dll
2008-11-19 01:16:49 ----A---- C:\Windows\system32\RDPENCDD.dll
2008-11-19 01:16:49 ----A---- C:\Windows\system32\profprov.dll
2008-11-19 01:16:49 ----A---- C:\Windows\system32\NAPMONTR.DLL
2008-11-19 01:16:49 ----A---- C:\Windows\system32\filemgmt.dll
2008-11-19 01:16:49 ----A---- C:\Windows\system32\avifil32.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\wsecedit.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2008-11-19 01:16:48 ----A---- C:\Windows\system32\tracerpt.exe
2008-11-19 01:16:48 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\SLCommDlg.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\P2PGraph.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\MuiUnattend.exe
2008-11-19 01:16:48 ----A---- C:\Windows\system32\dwmredir.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\dwm.exe
2008-11-19 01:16:48 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\dhcpcsvc.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2008-11-19 01:16:48 ----A---- C:\Windows\system32\apphelp.dll
2008-11-19 01:16:47 ----A---- C:\Windows\system32\wininit.exe
2008-11-19 01:16:47 ----A---- C:\Windows\system32\spp.dll
2008-11-19 01:16:47 ----A---- C:\Windows\system32\SLUI.exe
2008-11-19 01:16:47 ----A---- C:\Windows\system32\rasdlg.dll
2008-11-19 01:16:47 ----A---- C:\Windows\system32\QSHVHOST.DLL
2008-11-19 01:16:47 ----A---- C:\Windows\system32\mscorier.dll
2008-11-19 01:16:47 ----A---- C:\Windows\system32\mcbuilder.exe
2008-11-19 01:16:47 ----A---- C:\Windows\system32\iassvcs.dll
2008-11-19 01:16:47 ----A---- C:\Windows\system32\iashost.exe
2008-11-19 01:16:47 ----A---- C:\Windows\system32\gpresult.exe
2008-11-19 01:16:47 ----A---- C:\Windows\system32\azroleui.dll
2008-11-19 01:16:47 ----A---- C:\Windows\HelpPane.exe
2008-11-19 01:16:46 ----A---- C:\Windows\system32\wecapi.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\unbcl.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\tcpmon.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\srrstr.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\spwizeng.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\shrink.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\rasmontr.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\msra.exe
2008-11-19 01:16:46 ----A---- C:\Windows\system32\lltdsvc.dll
2008-11-19 01:16:46 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2008-11-19 01:16:46 ----A---- C:\Windows\system32\brcpl.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\WMPEncEn.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\raschap.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\oleacc.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\msdri.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\iashlpr.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\gpedit.dll
2008-11-19 01:16:45 ----A---- C:\Windows\system32\framedynos.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\vsstrace.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\regsvc.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\ntvdm.exe
2008-11-19 01:16:44 ----A---- C:\Windows\system32\ipsmsnap.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\fdWSD.dll
2008-11-19 01:16:44 ----A---- C:\Windows\system32\advpack.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\wpdshext.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\wdc.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\Storprop.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\ntlanman.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\NetProjW.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\netman.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\l2nacp.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\iedkcs32.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\ieapfltr.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\framedyn.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\dssenh.dll
2008-11-19 01:16:43 ----A---- C:\Windows\system32\certreq.exe
2008-11-19 01:16:43 ----A---- C:\Windows\system32\adsnt.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\wusa.exe
2008-11-19 01:16:42 ----A---- C:\Windows\system32\WUDFHost.exe
2008-11-19 01:16:42 ----A---- C:\Windows\system32\WsmProv.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\WlanMM.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\wlanhlp.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\WLanConn.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\WerFault.exe
2008-11-19 01:16:42 ----A---- C:\Windows\system32\VAN.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\userenv.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\umb.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\sxs.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\profsvc.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\ncsi.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\KMSVC.DLL
2008-11-19 01:16:42 ----A---- C:\Windows\system32\IPBusEnum.dll
2008-11-19 01:16:42 ----A---- C:\Windows\system32\ie4uinit.exe
2008-11-19 01:16:42 ----A---- C:\Windows\system32\fundisc.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\puiobj.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\photowiz.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\netid.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\netcenter.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\MdSched.exe
2008-11-19 01:16:41 ----A---- C:\Windows\system32\InkEd.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\dps.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\cryptui.dll
2008-11-19 01:16:41 ----A---- C:\Windows\system32\catsrvut.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\ws2_32.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\WinSCard.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\winrs.exe
2008-11-19 01:16:40 ----A---- C:\Windows\system32\spbcd.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\secur32.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\odbcjt32.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\ntdsapi.dll
2008-11-19 01:16:40 ----A---- C:\Windows\system32\NAPSTAT.EXE
2008-11-19 01:16:40 ----A---- C:\Windows\system32\msinfo32.exe
2008-11-19 01:16:40 ----A---- C:\Windows\system32\ipsecsnp.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\schtasks.exe
2008-11-19 01:16:39 ----A---- C:\Windows\system32\RelMon.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\prnntfy.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\msfeeds.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\mblctr.exe
2008-11-19 01:16:39 ----A---- C:\Windows\system32\iasacct.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\dmdlgs.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\cryptsvc.dll
2008-11-19 01:16:39 ----A---- C:\Windows\system32\activeds.dll
2008-11-19 01:16:38 ----A---- C:\Windows\system32\pdh.dll
2008-11-19 01:16:38 ----A---- C:\Windows\system32\netdiagfx.dll
2008-11-19 01:16:38 ----A---- C:\Windows\system32\dhcpsapi.dll
2008-11-19 01:16:38 ----A---- C:\Windows\system32\catsrv.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\wvc.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\winrm.vbs
2008-11-19 01:16:37 ----A---- C:\Windows\system32\TSpkg.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\qwave.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2008-11-19 01:16:37 ----A---- C:\Windows\system32\fdWCN.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\dot3msm.dll
2008-11-19 01:16:37 ----A---- C:\Windows\system32\dfrgfat.exe
2008-11-19 01:16:37 ----A---- C:\Windows\system32\AudioSes.dll
2008-11-19 01:16:36 ----A---- C:\Windows\system32\netcorehc.dll
2008-11-19 01:16:36 ----A---- C:\Windows\system32\dot3cfg.dll
2008-11-19 01:16:33 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2008-11-19 01:16:32 ----A---- C:\Windows\system32\wow32.dll
2008-11-19 01:16:32 ----A---- C:\Windows\system32\shsetup.dll
2008-11-19 01:16:32 ----A---- C:\Windows\system32\rastapi.dll
2008-11-19 01:16:32 ----A---- C:\Windows\system32\NAPHLPR.DLL
2008-11-19 01:16:32 ----A---- C:\Windows\system32\msacm32.dll
2008-11-19 01:16:32 ----A---- C:\Windows\system32\ifmon.dll
2008-11-19 01:16:32 ----A---- C:\Windows\system32\adsldp.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\wscntfy.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\stobject.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\sdrsvc.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\QUTIL.DLL
2008-11-19 01:16:31 ----A---- C:\Windows\system32\ntshrui.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\net1.exe
2008-11-19 01:16:31 ----A---- C:\Windows\system32\msdt.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\ipnathlp.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\iasrecst.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\iasdatastore.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\fdSSDP.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\els.dll
2008-11-19 01:16:31 ----A---- C:\Windows\system32\clbcatq.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\wlgpclnt.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\wlanui.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\upnphost.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\systemcpl.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\smss.exe
2008-11-19 01:16:30 ----A---- C:\Windows\system32\nci.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\mprmsg.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\dsprop.dll
2008-11-19 01:16:30 ----A---- C:\Windows\system32\Defrag.exe
2008-11-19 01:16:30 ----A---- C:\Windows\system32\adsldpc.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\t2embed.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\rasman.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\rascfg.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\PresentationSettings.exe
2008-11-19 01:16:29 ----A---- C:\Windows\system32\P2P.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\oleprn.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\msftedit.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2008-11-19 01:16:29 ----A---- C:\Windows\system32\loghours.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\L2SecHC.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\fde.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\CompatUI.dll
2008-11-19 01:16:29 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\Wpc.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\wdigest.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\setupcl.exe
2008-11-19 01:16:28 ----A---- C:\Windows\system32\rtm.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\msutb.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\mprdim.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\MigAutoPlay.exe
2008-11-19 01:16:28 ----A---- C:\Windows\system32\gpapi.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\dxdiag.exe
2008-11-19 01:16:28 ----A---- C:\Windows\system32\DFDWiz.exe
2008-11-19 01:16:28 ----A---- C:\Windows\system32\devmgr.dll
2008-11-19 01:16:28 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\wscapi.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\WinFXDocObj.exe
2008-11-19 01:16:27 ----A---- C:\Windows\system32\wiaservc.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\wdi.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\scansetting.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2008-11-19 01:16:27 ----A---- C:\Windows\system32\mswmdm.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\msihnd.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\kdusb.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\ifsutil.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\dimsroam.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\CertEnrollUI.dll
2008-11-19 01:16:27 ----A---- C:\Windows\system32\actxprxy.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\wlandlg.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\vssadmin.exe
2008-11-19 01:16:26 ----A---- C:\Windows\system32\uudf.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\usbmon.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\SyncCenter.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\sud.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\spoolsv.exe
2008-11-19 01:16:26 ----A---- C:\Windows\system32\scecli.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\SCardSvr.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\regapi.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\newdev.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\mycomput.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\mstask.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\mspaint.exe
2008-11-19 01:16:26 ----A---- C:\Windows\system32\msls31.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\kdcom.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\imagehlp.dll
2008-11-19 01:16:26 ----A---- C:\Windows\system32\BOOTVID.DLL
2008-11-19 01:16:26 ----A---- C:\Windows\system32\audiodg.exe
2008-11-19 01:16:25 ----A---- C:\Windows\system32\wisptis.exe
2008-11-19 01:16:25 ----A---- C:\Windows\system32\termmgr.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\tapisrv.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\ssdpsrv.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\SLUINotify.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\samlib.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\Robocopy.exe
2008-11-19 01:16:25 ----A---- C:\Windows\system32\puiapi.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\netiohlp.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\mtxoci.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\input.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\inetpp.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\iasads.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\duser.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\cscapi.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\cic.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\AzSqlExt.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\authz.dll
2008-11-19 01:16:25 ----A---- C:\Windows\system32\adtschema.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\WUDFPlatform.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\wpcsvc.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\wintrust.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\webcheck.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\verifier.exe
2008-11-19 01:16:24 ----A---- C:\Windows\system32\vdsldr.exe
2008-11-19 01:16:24 ----A---- C:\Windows\system32\themeui.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\slcinst.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\sdshext.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\rasgcw.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\oledlg.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\ntmarta.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\msdtclog.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\msdt.exe
2008-11-19 01:16:24 ----A---- C:\Windows\system32\mmcbase.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\dxtmsft.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\d3d8.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\cmdial32.dll
2008-11-19 01:16:24 ----A---- C:\Windows\system32\clfsw32.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\wpd_ci.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\wpccpl.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\WMPhoto.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\SnippingTool.exe
2008-11-19 01:16:23 ----A---- C:\Windows\system32\SndVol.exe
2008-11-19 01:16:23 ----A---- C:\Windows\system32\slmgr.vbs
2008-11-19 01:16:23 ----A---- C:\Windows\system32\rasqec.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\pnpsetup.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\nslookup.exe
2008-11-19 01:16:23 ----A---- C:\Windows\system32\ncobjapi.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\msrd3x40.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\msaatext.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\mpr.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\mlang.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\icfupgd.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\icardie.dll
2008-11-19 01:16:23 ----A---- C:\Windows\system32\diskraid.exe
2008-11-19 01:16:23 ----A---- C:\Windows\system32\accessibilitycpl.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\wtsapi32.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\unlodctr.exe
2008-11-19 01:16:22 ----A---- C:\Windows\system32\ulib.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\syssetup.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\sethc.exe
2008-11-19 01:16:22 ----A---- C:\Windows\system32\pnpui.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\oobefldr.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\mscms.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\lodctr.exe
2008-11-19 01:16:22 ----A---- C:\Windows\system32\iaspolcy.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\fontsub.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\extmgr.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\dxdiagn.dll
2008-11-19 01:16:22 ----A---- C:\Windows\system32\cabinet.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2008-11-19 01:16:21 ----A---- C:\Windows\system32\wpcao.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\wermgr.exe
2008-11-19 01:16:21 ----A---- C:\Windows\system32\Utilman.exe
2008-11-19 01:16:21 ----A---- C:\Windows\system32\unattend.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\trkwks.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\scesrv.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\ogldrv.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\occache.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\Mcx2Svc.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\lnkstub.exe
2008-11-19 01:16:21 ----A---- C:\Windows\system32\dfdts.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\cabview.dll
2008-11-19 01:16:21 ----A---- C:\Windows\system32\bthci.dll
2008-11-19 01:16:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2008-11-19 01:16:20 ----A---- C:\Windows\system32\p2pcollab.dll
2008-11-19 01:16:20 ----A---- C:\Windows\system32\msnetobj.dll
2008-11-19 01:16:20 ----A---- C:\Windows\system32\iepeers.dll
2008-11-19 01:16:20 ----A---- C:\Windows\system32\eappgnui.dll
2008-11-19 01:16:19 ----A---- C:\Windows\system32\sdspres.dll
2008-11-19 01:16:19 ----A---- C:\Windows\system32\ieaksie.dll
2008-11-19 01:16:19 ----A---- C:\Windows\system32\drvinst.exe
2008-11-19 01:16:19 ----A---- C:\Windows\system32\dispdiag.exe
2008-11-19 01:16:19 ----A---- C:\Windows\system32\DHCPQEC.DLL
2008-11-19 01:16:19 ----A---- C:\Windows\system32\basesrv.dll
2008-11-19 01:16:18 ----A---- C:\Windows\system32\mmcss.dll
2008-11-19 01:16:18 ----A---- C:\Windows\system32\dsquery.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\WPDSp.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\WMVENCOD.DLL
2008-11-19 01:16:17 ----A---- C:\Windows\system32\wercplsupport.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\verifier.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\secproc_ssp.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\RstrtMgr.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\qedit.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\msoeacct.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\mprapi.dll
2008-11-19 01:16:17 ----A---- C:\Windows\system32\efsadu.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\xwizards.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\xactsrv.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\wiascanprofiles.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\wiaaut.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\usercpl.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\systeminfo.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\setupugc.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\resutils.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2008-11-19 01:16:16 ----A---- C:\Windows\system32\pnrpnsp.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\PNPXAssoc.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\pngfilt.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\pcadm.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\p2pnetsh.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\networkmap.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\netcfg.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\msrdc.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\msrating.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\msdmo.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\mfplat.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\lsass.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\lpk.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\iscsiexe.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\icacls.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\findstr.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\eappprxy.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\DWWIN.EXE
2008-11-19 01:16:16 ----A---- C:\Windows\system32\dssec.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\drmmgrtn.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\dpapimig.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\dot3ui.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\dfrgifc.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\dbnetlib.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\d3d10core.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\consent.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\conime.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\cmdl32.exe
2008-11-19 01:16:16 ----A---- C:\Windows\system32\autoplay.dll
2008-11-19 01:16:16 ----A---- C:\Windows\system32\alg.exe
2008-11-19 01:16:15 ----A---- C:\Windows\system32\txflog.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\tbssvc.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\taskkill.exe
2008-11-19 01:16:15 ----A---- C:\Windows\system32\svchost.exe
2008-11-19 01:16:15 ----A---- C:\Windows\system32\RASMM.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\provthrd.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\powercpl.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\odbc32.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\nshhttp.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\netprof.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\msieftp.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2008-11-19 01:16:15 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\imm32.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\iexpress.exe
2008-11-19 01:16:15 ----A---- C:\Windows\system32\feclient.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\dxva2.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\dwmapi.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\d3d10.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\btpanui.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\bcdprov.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\apircl.dll
2008-11-19 01:16:15 ----A---- C:\Windows\system32\ActionQueue.dll
2008-11-19 01:16:15 ----A---- C:\Windows\regedit.exe
2008-11-19 01:16:14 ----A---- C:\Windows\system32\WMASF.DLL
2008-11-19 01:16:14 ----A---- C:\Windows\system32\syncui.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\slwmi.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\SLCExt.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\slcc.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\shwebsvc.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\raserver.exe
2008-11-19 01:16:14 ----A---- C:\Windows\system32\olepro32.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\networkexplorer.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\EAPQEC.DLL
2008-11-19 01:16:14 ----A---- C:\Windows\system32\dmocx.dll
2008-11-19 01:16:14 ----A---- C:\Windows\system32\aclui.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\xcopy.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\WMVXENCD.DLL
2008-11-19 01:16:13 ----A---- C:\Windows\system32\wmpdxm.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\wlanext.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\uxsms.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\upnp.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\UIHub.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\taskmgr.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\SoundRecorder.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\reg.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\QCLIPROV.DLL
2008-11-19 01:16:13 ----A---- C:\Windows\system32\qcap.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\qasf.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\PnPUnattend.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\PING.EXE
2008-11-19 01:16:13 ----A---- C:\Windows\system32\perfts.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\netplwiz.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\NapiNSP.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\msoert2.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\msjetoledb40.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\mountvol.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\mmcshext.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\inetmib1.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\ieakeng.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\icsfiltr.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\ias.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\httpapi.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\dsuiext.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\dskquoui.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\dmusic.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\cmstp.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\cewmdm.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\certprop.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\browser.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\brcplsdw.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\bitsadmin.exe
2008-11-19 01:16:13 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\audiodev.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\atl.dll
2008-11-19 01:16:13 ----A---- C:\Windows\system32\appinfo.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\xwtpw32.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\wzcdlg.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\WUDFSvc.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\WMVSENCD.DLL
2008-11-19 01:16:12 ----A---- C:\Windows\system32\wmpsrcwp.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\wiashext.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\wiadefui.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\SysFxUI.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\sppnp.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\shimgvw.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\Sens.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\seclogon.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\SecEdit.exe
2008-11-19 01:16:12 ----A---- C:\Windows\system32\sbeio.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\rekeywiz.exe
2008-11-19 01:16:12 ----A---- C:\Windows\system32\ndfapi.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\mtstocom.exe
2008-11-19 01:16:12 ----A---- C:\Windows\system32\msdadiag.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\mscandui.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\makecab.exe
2008-11-19 01:16:12 ----A---- C:\Windows\system32\lsmproxy.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\dxtrans.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\dot3gpclnt.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\batt.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\auditpol.exe
2008-11-19 01:16:12 ----A---- C:\Windows\system32\apss.dll
2008-11-19 01:16:12 ----A---- C:\Windows\system32\adsmsext.dll
2008-11-19 01:16:11 ----A---- C:\Windows\system32\wscmisetup.dll
2008-11-19 01:16:11 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2008-11-19 01:16:11 ----A---- C:\Windows\system32\userinit.exe
2008-11-19 01:16:11 ----A---- C:\Windows\system32\shacct.dll
2008-11-19 01:16:11 ----A---- C:\Windows\system32\p2phost.exe
2008-11-19 01:16:11 ----A---- C:\Windows\system32\napipsec.dll
2008-11-19 01:16:11 ----A---- C:\Windows\system32\msorcl32.dll
2008-11-19 01:16:07 ----A---- C:\Windows\system32\wpdwcn.dll
2008-11-19 01:16:07 ----A---- C:\Windows\system32\winrshost.exe
2008-11-19 01:16:07 ----A---- C:\Windows\system32\sxstrace.exe
2008-11-19 01:16:07 ----A---- C:\Windows\system32\rrinstaller.exe
2008-11-19 01:16:07 ----A---- C:\Windows\system32\perfmon.exe
2008-11-19 01:16:07 ----A---- C:\Windows\system32\ktmutil.exe
2008-11-19 01:16:07 ----A---- C:\Windows\system32\keymgr.dll
2008-11-19 01:16:07 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\wscproxystub.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\wpdbusenum.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\wmiprop.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\WLanHC.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\winethc.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\wextract.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\UIAutomationCore.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\txfw32.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\TMM.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\tasklist.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\takeown.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\shrpubw.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\shgina.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\sfc_os.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\sendmail.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\runonce.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\rshx32.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\RpcPing.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2008-11-19 01:16:06 ----A---- C:\Windows\system32\rasplap.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\prntvpt.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\powrprof.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\pots.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\PnPutil.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\perfnet.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\pcasvc.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\olecli32.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\nsisvc.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\nshipsec.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\notepad.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\netiougc.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\msimtf.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\msiexec.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\MP4SDECD.DLL
2008-11-19 01:16:06 ----A---- C:\Windows\system32\mfps.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\mfpmp.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\luainstall.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\logagent.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\ktmw32.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\inseng.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\imapi.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\ftp.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\fsutil.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\fmifs.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\findnetprinters.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\fdPHost.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\driverquery.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\dnshc.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\d3dim700.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\d3dim.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\csrsrv.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\cryptdll.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\compstui.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\colorui.dll
2008-11-19 01:16:06 ----A---- C:\Windows\system32\cmmon32.exe
2008-11-19 01:16:06 ----A---- C:\Windows\system32\capisp.dll
2008-11-19 01:16:06 ----A---- C:\Windows\notepad.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\WMADMOE.DLL
2008-11-19 01:16:05 ----A---- C:\Windows\system32\wiaacmgr.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\w32tm.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\version.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\unregmp2.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\UI0Detect.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\tscupgrd.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\net.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\msvfw32.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\MPG4DECD.DLL
2008-11-19 01:16:05 ----A---- C:\Windows\system32\MP43DECD.DLL
2008-11-19 01:16:05 ----A---- C:\Windows\system32\mdminst.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\imgutil.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\getmac.exe
2008-11-19 01:16:05 ----A---- C:\Windows\system32\dsauth.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\dimsjob.dll
2008-11-19 01:16:05 ----A---- C:\Windows\system32\cmlua.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\wmpshell.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\TSTheme.exe
2008-11-19 01:16:04 ----A---- C:\Windows\system32\sfc.exe
2008-11-19 01:16:04 ----A---- C:\Windows\system32\sdchange.exe
2008-11-19 01:16:04 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\pnpts.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\migisol.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\ipconfig.exe
2008-11-19 01:16:04 ----A---- C:\Windows\system32\fdeploy.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\dispci.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\dinput8.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\diantz.exe
2008-11-19 01:16:04 ----A---- C:\Windows\system32\credui.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\comrepl.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\cmutil.dll
2008-11-19 01:16:04 ----A---- C:\Windows\system32\ACW.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\wsnmp32.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\WsmCl.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\wmvdspa.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\wmidx.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\wfapigp.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\waitfor.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\vds_ps.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\vdmredir.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\utildll.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\TpmInit.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\tabcal.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\sti_ci.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\softkbd.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\shutdown.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\remotepg.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\rdrleakdiag.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\qdv.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\pdhui.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\osblprov.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\odbccp32.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\nlaapi.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\msfeedsbs.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\modemui.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\McxDriv.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\logman.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\iscsium.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\iernonce.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\hlink.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\fwcfg.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\ExplorerFrame.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\expand.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\esentutl.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\EncDump.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\dpnet.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\colbact.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\cmcfg32.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\cfgbkend.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\cacls.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\bridgeunattend.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\bootcfg.exe
2008-11-19 01:16:03 ----A---- C:\Windows\system32\amstream.dll
2008-11-19 01:16:03 ----A---- C:\Windows\system32\admparse.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\xmlprovi.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\wpnpinst.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\wmpcm.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\werdiagcontroller.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\wavemsp.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\ufat.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\ucsvc.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\tbs.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\sxproxy.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\SLLUA.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\rgb9rast.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\RegCtrl.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\rasdiag.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\rasauto.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\prevhost.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\olethk32.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\olesvr32.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\odbctrac.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\networkitemfactory.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\netbtugc.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\mstext40.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\mshta.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\msdtc.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\msctfui.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\mobsync.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\mfvdsp.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\licmgr10.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\itss.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\iscsiwmi.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\iscsied.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\dskquota.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\DpiScaling.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\dmsynth.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\csrstub.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\convert.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\COLORCNV.DLL
2008-11-19 01:16:02 ----A---- C:\Windows\system32\bitsigd.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\AuthFWGP.dll
2008-11-19 01:16:02 ----A---- C:\Windows\system32\AtBroker.exe
2008-11-19 01:16:02 ----A---- C:\Windows\system32\at.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\wsock32.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\wpclsp.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\WINSRPC.DLL
2008-11-19 01:16:01 ----A---- C:\Windows\system32\winnsi.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\wiarpc.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\WavDest.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\vss_ps.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\VIDRESZR.DLL
2008-11-19 01:16:01 ----A---- C:\Windows\system32\vfwwdm32.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\usbui.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\upnpcont.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\unattendedjoin.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\syskey.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\srwmi.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\setupcln.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\ROUTE.EXE
2008-11-19 01:16:01 ----A---- C:\Windows\system32\regini.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\rasphone.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\RacAgent.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\odbccu32.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\odbccr32.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\odbcbcp.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\ocsetup.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\nsi.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\netevent.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\ndfetw.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\nbtstat.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\napdsnap.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\mydocs.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\mtxlegih.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\mtxdm.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\msident.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\msexcl40.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\msdart.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\mfcsubs.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\l2gpstore.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\GuidedHelp.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\graftabl.com
2008-11-19 01:16:01 ----A---- C:\Windows\system32\gpupdate.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\fphc.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\extrac32.exe
2008-11-19 01:16:01 ----A---- C:\Windows\system32\dsdmo.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\dot3dlg.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\dmime.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\devenum.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\cscdll.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\cmstplua.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\cmpbk32.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\avrt.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\apilogen.dll
2008-11-19 01:16:01 ----A---- C:\Windows\system32\amxread.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\WsmRes.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\wship6.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\wshcon.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\WlanMmHC.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-11-19 01:16:00 ----A---- C:\Windows\system32\wiadss.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\TabbtnEx.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\Tabbtn.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\psbase.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\procinst.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\PlaySndSrv.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\Netplwiz.exe
2008-11-19 01:16:00 ----A---- C:\Windows\system32\msxbde40.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\mspbde40.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\msltus40.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\MP3DMOD.DLL
2008-11-19 01:16:00 ----A---- C:\Windows\system32\inetppui.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\icsunattend.exe
2008-11-19 01:16:00 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\eventcls.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\dmscript.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\dmloader.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\d3dxof.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\csrss.exe
2008-11-19 01:16:00 ----A---- C:\Windows\system32\credssp.dll
2008-11-19 01:16:00 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2008-11-19 01:16:00 ----A---- C:\Windows\system32\atmfd.dll
2008-11-19 01:16:00 ----A---- C:\Windows\fveupdate.exe
2008-11-19 01:15:59 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2008-11-19 01:15:59 ----A---- C:\Windows\system32\usbperf.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\tcpmon.ini
2008-11-19 01:15:59 ----A---- C:\Windows\system32\sxsstore.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\spopk.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\slwga.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\setupSNK.exe
2008-11-19 01:15:59 ----A---- C:\Windows\system32\serialui.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\sbunattend.exe
2008-11-19 01:15:59 ----A---- C:\Windows\system32\OptionalFeatures.exe
2008-11-19 01:15:59 ----A---- C:\Windows\system32\NcdProp.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\msvidc32.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\localui.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\lltdapi.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\icaapi.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\dmutil.dll
2008-11-19 01:15:59 ----A---- C:\Windows\system32\ComputerDefaults.exe
2008-11-19 01:15:58 ----A---- C:\Windows\system32\vdmdbg.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\url.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\rasctrs.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\odbcconf.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\nlsbres.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\msobjs.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\msfeedssync.exe
2008-11-19 01:15:58 ----A---- C:\Windows\system32\midimap.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\LogonUI.exe
2008-11-19 01:15:58 ----A---- C:\Windows\system32\iprtprio.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2008-11-19 01:15:58 ----A---- C:\Windows\system32\ieencode.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\hnetmon.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\hbaapi.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\esentprf.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\corpol.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\cofiredm.dll
2008-11-19 01:15:58 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\winusb.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\rdpcfgex.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\osbaseln.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\msmmsp.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\msisip.dll
2008-11-19 01:15:57 ----A---- C:\Windows\system32\dispex.dll
2008-11-19 01:15:56 ----A---- C:\Windows\system32\spwmp.dll
2008-11-19 01:15:56 ----A---- C:\Windows\system32\riched32.dll
2008-11-19 01:15:56 ----A---- C:\Windows\system32\Nlsdl.dll
2008-11-19 01:15:56 ----A---- C:\Windows\system32\msidle.dll
2008-11-19 01:15:56 ----A---- C:\Windows\system32\idndl.dll
2008-11-19 01:15:55 ----A---- C:\Windows\system32\wmploc.DLL
2008-11-19 01:15:55 ----A---- C:\Windows\system32\vga256.dll
2008-11-19 01:15:55 ----A---- C:\Windows\system32\tsddd.dll
2008-11-19 01:15:55 ----A---- C:\Windows\system32\KBDKOR.DLL
2008-11-19 01:15:55 ----A---- C:\Windows\system32\KBDJPN.DLL
2008-11-19 01:15:55 ----A---- C:\Windows\system32\iscsilog.dll
2008-11-19 01:15:55 ----A---- C:\Windows\system32\framebuf.dll
2008-11-19 01:15:55 ----A---- C:\Windows\system32\dxmasf.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\vga64k.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\vga.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\spwizres.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2008-11-19 01:15:54 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\dmdskres2.dll
2008-11-19 01:15:54 ----A---- C:\Windows\system32\bootstr.dll
2008-11-19 01:15:53 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2008-11-19 01:15:53 ----A---- C:\Windows\system32\fsmgmt.msc
2008-11-19 01:15:46 ----A---- C:\Windows\system32\vsp1cln.exe
2008-11-19 01:15:46 ----A---- C:\Windows\system32\perfmon.msc
2008-11-19 01:15:12 ----A---- C:\Windows\system32\xmllite.dll
2008-11-19 01:15:11 ----A---- C:\Windows\system32\wbemcomn.dll
2008-11-19 01:14:53 ----A---- C:\Windows\system32\sqmapi.dll
2008-11-19 01:14:53 ----A---- C:\Windows\system32\SmiInstaller.dll
2008-11-19 01:14:53 ----A---- C:\Windows\system32\SmiEngine.dll
2008-11-19 01:14:30 ----A---- C:\Windows\system32\wdscore.dll
2008-11-19 01:14:30 ----A---- C:\Windows\system32\PkgMgr.exe
2008-11-19 01:13:43 ----A---- C:\Windows\system32\drvstore.dll
2008-11-19 01:13:42 ----A---- C:\Windows\system32\mspatcha.dll
2008-11-19 01:13:42 ----A---- C:\Windows\system32\dpx.dll
2008-11-19 01:13:41 ----A---- C:\Windows\system32\msdelta.dll
2008-11-19 00:45:19 ----D---- C:\Users\LaFranco\AppData\Roaming\Netscape
2008-11-19 00:45:15 ----D---- C:\Program Files\Netscape
2008-11-18 23:26:56 ----A---- C:\Windows\system32\es.dll
2008-11-18 23:06:13 ----A---- C:\Windows\system32\psisdecd.dll
2008-11-18 23:06:13 ----A---- C:\Windows\system32\EncDec.dll
2008-11-18 23:04:36 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-11-18 23:04:36 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-11-18 23:04:36 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-11-18 23:04:35 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-11-18 23:04:35 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-11-18 23:04:35 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-11-18 23:04:34 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-11-18 23:04:34 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-11-18 23:04:33 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-11-18 23:04:33 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-11-18 23:04:33 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-11-18 23:04:32 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-11-18 23:04:32 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-11-18 23:04:32 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-11-18 23:04:31 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-11-18 23:04:30 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-11-18 23:04:29 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-11-18 23:04:29 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-11-18 23:04:29 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-11-18 23:04:28 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-11-18 23:04:28 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-11-18 23:04:27 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-11-18 23:04:27 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-11-18 23:04:27 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-11-18 23:04:27 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-11-18 23:04:26 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-11-18 23:04:26 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-11-18 23:04:25 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-11-18 23:04:25 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-11-18 23:04:24 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-11-18 23:04:24 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-11-18 23:04:23 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-11-18 23:04:23 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-11-18 23:04:23 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-11-18 23:04:22 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-11-18 23:04:22 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-11-18 23:04:21 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-11-18 23:04:21 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-11-18 23:04:20 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-11-18 23:04:20 ----A---- C:\Windows\system32\NlsData0046.dll
2008-11-18 23:04:20 ----A---- C:\Windows\system32\NlsData0045.dll
2008-11-18 23:04:19 ----A---- C:\Windows\system32\NlsData0049.dll
2008-11-18 23:04:19 ----A---- C:\Windows\system32\NlsData0047.dll
2008-11-18 23:04:19 ----A---- C:\Windows\system32\NlsData0039.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0027.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0026.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0024.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0022.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0021.dll
2008-11-18 23:04:18 ----A---- C:\Windows\system32\NlsData0020.dll
2008-11-18 23:04:17 ----A---- C:\Windows\system32\NlsData0018.dll
2008-11-18 23:04:17 ----A---- C:\Windows\system32\NlsData0013.dll
2008-11-18 23:04:17 ----A---- C:\Windows\system32\NlsData0011.dll
2008-11-18 23:04:17 ----A---- C:\Windows\system32\NlsData0010.dll
2008-11-18 23:04:16 ----A---- C:\Windows\system32\NlsData0019.dll
2008-11-18 23:04:16 ----A---- C:\Windows\system32\NlsData0000.dll
2008-11-18 23:04:15 ----A---- C:\Windows\system32\NlsData0007.dll
2008-11-18 23:04:15 ----A---- C:\Windows\system32\NlsData0003.dll
2008-11-18 23:04:15 ----A---- C:\Windows\system32\NlsData0002.dll
2008-11-18 23:04:15 ----A---- C:\Windows\system32\NlsData0001.dll
2008-11-18 23:04:14 ----A---- C:\Windows\system32\NlsData004a.dll
2008-11-18 23:04:14 ----A---- C:\Windows\system32\NlsData0009.dll
2008-11-18 23:04:13 ----A---- C:\Windows\system32\NlsData004e.dll
2008-11-18 23:04:13 ----A---- C:\Windows\system32\NlsData004c.dll
2008-11-18 23:04:13 ----A---- C:\Windows\system32\NlsData004b.dll
2008-11-18 23:04:13 ----A---- C:\Windows\system32\NlsData003e.dll
2008-11-18 23:04:12 ----A---- C:\Windows\system32\NlsData002a.dll
2008-11-18 23:04:12 ----A---- C:\Windows\system32\NlsData001d.dll
2008-11-18 23:04:12 ----A---- C:\Windows\system32\NlsData001b.dll
2008-11-18 23:04:12 ----A---- C:\Windows\system32\NlsData001a.dll
2008-11-18 23:04:11 ----A---- C:\Windows\system32\NlsData000a.dll
2008-11-18 23:04:10 ----A---- C:\Windows\system32\NlsData0414.dll
2008-11-18 23:04:10 ----A---- C:\Windows\system32\NlsData000f.dll
2008-11-18 23:04:10 ----A---- C:\Windows\system32\NlsData000d.dll
2008-11-18 23:04:10 ----A---- C:\Windows\system32\NlsData000c.dll
2008-11-18 23:04:09 ----A---- C:\Windows\system32\NlsData081a.dll
2008-11-18 23:04:09 ----A---- C:\Windows\system32\NlsData0816.dll
2008-11-18 23:04:09 ----A---- C:\Windows\system32\NlsData0416.dll
2008-11-18 23:04:09 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-11-18 23:04:08 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-11-18 23:04:08 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-11-18 22:55:23 ----D---- C:\Program Files\Common Files\Adobe
2008-11-18 20:26:36 ----D---- C:\Users\LaFranco\AppData\Roaming\WinRAR
2008-11-18 20:24:44 ----D---- C:\Program Files\WinRAR
2008-11-18 19:59:01 ----D---- C:\Program Files\IZArc
2008-11-18 18:33:25 ----D---- C:\Program Files\DivX
2008-11-18 18:27:10 ----A---- C:\Windows\system32\unrar.dll
2008-11-18 18:27:09 ----D---- C:\Program Files\K-Lite Codec Pack
2008-11-18 18:25:30 ----D---- C:\Program Files\Opera
2008-11-18 18:00:15 ----A---- C:\Windows\system32\winipsec.dll
2008-11-18 18:00:15 ----A---- C:\Windows\system32\polstore.dll
2008-11-18 18:00:15 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-11-18 18:00:15 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-11-18 17:59:43 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-11-18 17:59:41 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-11-18 17:59:41 ----A---- C:\Windows\system32\gameux.dll
2008-11-18 17:55:37 ----A---- C:\Windows\system32\shell32.dll
2008-11-18 17:53:59 ----A---- C:\Windows\system32\tzres.dll
2008-11-18 17:53:03 ----A---- C:\Windows\system32\wmpeffects.dll
2008-11-18 17:52:20 ----A---- C:\Windows\system32\msxml3r.dll
2008-11-18 17:52:20 ----A---- C:\Windows\system32\msxml3.dll
2008-11-18 17:51:12 ----A---- C:\Windows\system32\netapi32.dll
2008-11-18 17:49:10 ----A---- C:\Windows\system32\fsquirt.exe
2008-11-18 17:48:27 ----A---- C:\Windows\system32\kbd106n.dll
2008-11-18 17:48:25 ----A---- C:\Windows\system32\winresume.exe
2008-11-18 17:48:25 ----A---- C:\Windows\system32\winload.exe
2008-11-18 17:48:25 ----A---- C:\Windows\system32\srdelayed.exe
2008-11-18 17:48:25 ----A---- C:\Windows\system32\srcore.dll
2008-11-18 17:48:25 ----A---- C:\Windows\system32\srclient.dll
2008-11-18 17:48:25 ----A---- C:\Windows\system32\rstrui.exe
2008-11-18 17:48:24 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-11-18 17:48:24 ----A---- C:\Windows\system32\kd1394.dll
2008-11-18 17:48:24 ----A---- C:\Windows\system32\ci.dll
2008-11-18 17:47:07 ----A---- C:\Windows\system32\gdi32.dll
2008-11-18 17:46:27 ----A---- C:\Windows\system32\win32spl.dll
2008-11-18 17:46:27 ----A---- C:\Windows\system32\printcom.dll
2008-11-18 17:46:13 ----A---- C:\Windows\system32\wshrm.dll
2008-11-18 17:44:32 ----A---- C:\Windows\system32\INETRES.dll
2008-11-18 17:44:32 ----A---- C:\Windows\system32\inetcomm.dll
2008-11-18 17:44:07 ----A---- C:\Windows\system32\quartz.dll
2008-11-18 17:42:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-11-18 17:42:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-11-18 17:42:38 ----A---- C:\Windows\system32\msxml6r.dll
2008-11-18 17:42:38 ----A---- C:\Windows\system32\msxml6.dll
2008-11-18 17:41:46 ----A---- C:\Windows\system32\wininet.dll
2008-11-18 17:41:46 ----A---- C:\Windows\system32\jsproxy.dll
2008-11-18 17:41:45 ----A---- C:\Windows\system32\ieui.dll
2008-11-18 17:41:44 ----A---- C:\Windows\system32\ieframe.dll
2008-11-18 17:41:42 ----A---- C:\Windows\system32\mshtml.dll
2008-11-18 17:41:41 ----A---- C:\Windows\system32\urlmon.dll
2008-11-18 17:41:41 ----A---- C:\Windows\system32\mstime.dll
2008-11-18 17:41:40 ----A---- C:\Windows\system32\iertutil.dll
2008-11-18 17:39:18 ----D---- C:\Program Files\Frameworkx
2008-11-18 17:22:42 ----D---- C:\Users\LaFranco\AppData\Roaming\Apple Computer
2008-11-18 17:22:28 ----DC---- C:\Windows\system32\DRVSTORE
2008-11-18 17:22:28 ----A---- C:\Windows\system32\GEARAspi.dll
2008-11-18 17:22:12 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-18 17:22:12 ----D---- C:\Program Files\iTunes
2008-11-18 17:22:12 ----D---- C:\Program Files\iPod
2008-11-18 17:21:22 ----D---- C:\Program Files\QuickTime
2008-11-18 17:21:21 ----D---- C:\ProgramData\Apple Computer
2008-11-18 17:21:05 ----D---- C:\Program Files\Apple Software Update
2008-11-18 17:20:33 ----D---- C:\Program Files\Common Files\Apple
2008-11-18 17:20:32 ----D---- C:\ProgramData\Apple
2008-11-18 16:57:35 ----D---- C:\Program Files\uTorrent
2008-11-18 16:57:18 ----D---- C:\Users\LaFranco\AppData\Roaming\uTorrent
2008-11-18 16:34:44 ----D---- C:\ProgramData\Google
2008-11-18 16:18:12 ----D---- C:\Users\LaFranco\AppData\Roaming\Mozilla
2008-11-18 16:17:35 ----D---- C:\Program Files\Mozilla Firefox
2008-11-18 16:09:19 ----D---- C:\Users\LaFranco\AppData\Roaming\Ahead
2008-11-18 16:02:15 ----A---- C:\Windows\ATKPF.ini
2008-11-18 15:59:14 ----D---- C:\Users\LaFranco\AppData\Roaming\Adobe
2008-11-18 15:48:14 ----A---- C:\Windows\system32\wups2.dll
2008-11-18 15:48:14 ----A---- C:\Windows\system32\wucltux.dll
2008-11-18 15:48:14 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-18 15:48:14 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-18 15:47:39 ----A---- C:\Windows\system32\wups.dll
2008-11-18 15:47:39 ----A---- C:\Windows\system32\wudriver.dll
2008-11-18 15:47:39 ----A---- C:\Windows\system32\wuapi.dll
2008-11-18 15:47:21 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-18 15:47:21 ----A---- C:\Windows\system32\wuapp.exe
2008-11-18 14:34:01 ----D---- C:\Users\LaFranco\AppData\Roaming\Infineon
2008-11-18 14:33:48 ----D---- C:\Users\LaFranco\AppData\Roaming\Macromedia
2008-11-18 14:33:46 ----SHD---- C:\$RECYCLE.BIN
2008-11-18 14:32:47 ----D---- C:\Users\LaFranco\AppData\Roaming\Identities
2008-11-18 14:32:09 ----A---- C:\Windows\system32\acovcnt.exe
2008-11-18 14:31:59 ----SD---- C:\Users\LaFranco\AppData\Roaming\Microsoft
2008-11-18 14:31:59 ----D---- C:\Users\LaFranco\AppData\Roaming\Media Center Programs
2008-11-18 14:19:46 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2008-12-03 09:09:51 ----D---- C:\Windows\Prefetch
2008-12-03 09:09:44 ----D---- C:\Windows\Temp
2008-12-03 09:09:40 ----RD---- C:\Program Files
2008-12-03 08:00:31 ----D---- C:\Windows\system32\drivers
2008-12-03 03:32:17 ----HD---- C:\ProgramData
2008-12-03 03:32:15 ----SHD---- C:\Windows\Installer
2008-12-03 03:31:51 ----D---- C:\Program Files\Common Files
2008-12-03 03:29:32 ----D---- C:\Windows\System32
2008-12-03 02:37:14 ----D---- C:\Windows\rescache
2008-12-03 02:29:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-03 02:29:04 ----D---- C:\Windows\inf
2008-12-03 02:19:52 ----D---- C:\Windows\system32\en-US
2008-12-03 02:19:52 ----D---- C:\Windows\PolicyDefinitions
2008-12-03 02:19:03 ----D---- C:\Windows\winsxs
2008-12-03 02:18:48 ----D---- C:\Windows\system32\catroot2
2008-12-03 02:18:48 ----D---- C:\Windows\system32\catroot
2008-12-03 01:42:31 ----D---- C:\Windows
2008-12-03 00:49:30 ----D---- C:\Windows\system32\config
2008-12-03 00:49:25 ----D---- C:\Windows\Tasks
2008-12-03 00:49:25 ----D---- C:\Windows\system32\wbem
2008-12-03 00:49:25 ----D---- C:\Windows\registration
2008-12-03 00:34:56 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-03 00:18:14 ----D---- C:\Windows\system32\spool
2008-12-02 22:18:40 ----D---- C:\Windows\system32\WDI
2008-12-01 23:31:01 ----D---- C:\Program Files\Adobe
2008-11-29 03:12:47 ----SD---- C:\ProgramData\Microsoft
2008-11-28 03:15:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-28 02:22:38 ----RSD---- C:\Windows\assembly
2008-11-28 02:16:57 ----D---- C:\Program Files\Common Files\microsoft shared
2008-11-27 11:01:52 ----RSD---- C:\Windows\Fonts
2008-11-25 16:57:10 ----D---- C:\ProgramData\Microsoft Help
2008-11-25 16:55:49 ----D---- C:\Program Files\MSBuild
2008-11-25 16:49:49 ----D---- C:\Windows\system32\Tasks
2008-11-25 13:24:23 ----D---- C:\Windows\ShellNew
2008-11-20 17:44:58 ----D---- C:\Windows\twain_32
2008-11-20 17:43:49 ----A---- C:\Windows\win.ini
2008-11-20 05:09:41 ----D---- C:\Windows\system32\zh-TW
2008-11-19 15:12:10 ----D---- C:\Windows\Microsoft.NET
2008-11-19 14:41:54 ----D---- C:\Windows\system32\zh-CN
2008-11-19 14:36:54 ----D---- C:\Windows\system32\fr-FR
2008-11-19 14:30:52 ----D---- C:\Windows\system32\es-ES
2008-11-19 03:01:01 ----D---- C:\Windows\Logs
2008-11-19 02:17:58 ----SHD---- C:\Boot
2008-11-19 02:17:58 ----ASH---- C:\Program Files\desktop.ini
2008-11-19 02:09:35 ----D---- C:\Program Files\Windows Mail
2008-11-19 02:09:35 ----D---- C:\Program Files\Windows Calendar
2008-11-19 02:09:35 ----D---- C:\Program Files\Movie Maker
2008-11-19 02:09:33 ----D---- C:\Program Files\Windows Sidebar
2008-11-19 02:09:33 ----D---- C:\Program Files\Windows Media Player
2008-11-19 02:09:33 ----D---- C:\Program Files\Windows Journal
2008-11-19 02:09:33 ----D---- C:\Program Files\Windows Collaboration
2008-11-19 02:09:33 ----D---- C:\Program Files\Internet Explorer
2008-11-19 02:09:31 ----D---- C:\Windows\servicing
2008-11-19 02:09:31 ----D---- C:\Windows\ehome
2008-11-19 02:09:31 ----D---- C:\Program Files\Windows Photo Gallery
2008-11-19 02:09:31 ----D---- C:\Program Files\Windows Defender
2008-11-19 02:09:31 ----D---- C:\Program Files\Common Files\System
2008-11-19 02:09:21 ----D---- C:\Windows\system32\XPSViewer
2008-11-19 02:09:21 ----D---- C:\Windows\system32\ko-KR
2008-11-19 02:09:21 ----D---- C:\Windows\system32\da-DK
2008-11-19 02:09:21 ----D---- C:\Windows\system32\com
2008-11-19 02:09:21 ----D---- C:\Windows\MSAgent
2008-11-19 02:09:21 ----D---- C:\Windows\L2Schemas
2008-11-19 02:09:21 ----D---- C:\Windows\IME
2008-11-19 02:09:21 ----D---- C:\Windows\DigitalLocker
2008-11-19 02:09:18 ----D---- C:\Windows\system32\it-IT
2008-11-19 02:09:18 ----D---- C:\Windows\system32\el-GR
2008-11-19 02:09:18 ----D---- C:\Windows\system32\de-DE
2008-11-19 02:09:17 ----D---- C:\Windows\system32\sysprep
2008-11-19 02:09:17 ----D---- C:\Windows\system32\ru-RU
2008-11-19 02:09:17 ----D---- C:\Windows\system32\oobe
2008-11-19 02:09:17 ----D---- C:\Windows\system32\migration
2008-11-19 02:09:17 ----D---- C:\Windows\system32\ias
2008-11-19 02:09:17 ----D---- C:\Windows\system32\AdvancedInstallers
2008-11-19 02:09:10 ----D---- C:\Windows\system32\sv-SE
2008-11-19 02:09:10 ----D---- C:\Windows\system32\SLUI
2008-11-19 02:09:10 ----D---- C:\Windows\system32\setup
2008-11-19 02:09:10 ----D---- C:\Windows\system32\pt-PT
2008-11-19 02:09:10 ----D---- C:\Windows\system32\hu-HU
2008-11-19 02:09:10 ----D---- C:\Windows\system32\he-IL
2008-11-19 02:09:10 ----D---- C:\Windows\system32\fi-FI
2008-11-19 02:09:10 ----D---- C:\Windows\system32\cs-CZ
2008-11-19 02:09:09 ----D---- C:\Windows\system32\en
2008-11-19 02:09:08 ----D---- C:\Windows\system32\manifeststore
2008-11-19 02:09:00 ----D---- C:\Windows\system32\ro-RO
2008-11-19 02:09:00 ----D---- C:\Windows\system32\pl-PL
2008-11-19 02:09:00 ----D---- C:\Windows\system32\ja-JP
2008-11-19 02:08:57 ----D---- C:\Windows\system32\tr-TR
2008-11-19 02:08:57 ----D---- C:\Windows\system32\nl-NL
2008-11-19 02:08:57 ----D---- C:\Windows\system32\nb-NO
2008-11-19 02:08:57 ----D---- C:\Windows\system32\ar-SA
2008-11-19 02:08:56 ----D---- C:\Windows\system32\pt-BR
2008-11-19 02:08:56 ----D---- C:\Windows\system32\migwiz
2008-11-19 02:08:27 ----D---- C:\Windows\AppPatch
2008-11-19 02:08:17 ----D---- C:\Windows\Boot
2008-11-19 02:08:16 ----D---- C:\Windows\system32\Boot
2008-11-19 02:03:25 ----D---- C:\Windows\system32\RTCOM
2008-11-19 01:58:52 ----A---- C:\Windows\system32\ifxcardm.dll
2008-11-19 01:58:52 ----A---- C:\Windows\system32\axaltocm.dll
2008-11-18 23:27:13 ----D---- C:\Windows\Debug
2008-11-18 23:09:30 ----D---- C:\Windows\system32\ras
2008-11-18 23:09:30 ----D---- C:\Windows\system32\icsxml
2008-11-18 21:20:38 ----D---- C:\ProgramData\~0
2008-11-18 16:55:01 ----D---- C:\Program Files\PowerForPhone
2008-11-18 16:54:10 ----D---- C:\Program Files\ASUS
2008-11-18 16:12:04 ----D---- C:\Windows\SoftwareDistribution
2008-11-18 16:09:59 ----D---- C:\Program Files\Common Files\Ahead
2008-11-18 16:07:48 ----D---- C:\Windows\system32\LogFiles
2008-11-18 16:03:27 ----D---- C:\ProgramData\ASUS
2008-11-18 16:02:19 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-18 16:01:30 ----D---- C:\ProgramData\Symantec
2008-11-18 15:59:14 ----SD---- C:\Windows\Downloaded Program Files
2008-11-18 14:45:31 ----D---- C:\Windows\system32\NDF
2008-11-18 14:31:59 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-02-05 11632]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-23 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\atl01v32.sys [2007-03-14 48128]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-13 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-13 7680]
R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 2216448]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-18 7404832]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-01 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-12 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-18 45624]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-11-15 15216]
S3 aptsfucw;aptsfucw; C:\Windows\system32\drivers\aptsfucw.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-11-18 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-11-18 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-11-18 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-01 1781760]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-01 44544]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-03-09 94208]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-11-28 79360]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-18 196608]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-28 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-19 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.04 2008-12-03 09:09:56

======Uninstall list======

-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Creative Suite 4 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\55230b0b70661df0f212e88f0b655f7\Setup.exe --uninstall=1
Adobe Creative Suite 4 Design Premium-->MsiExec.exe /I{A2881E09-38DB-4F79-9135-00FDA01768A7}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}
Adobe Setup-->MsiExec.exe /I{A128921B-D03F-4BFB-8141-C365AA48D660}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Autodesk 3ds Max Design 2009 32-bit Additional Maps and Material Libraries-->MsiExec.exe /I{F681200C-0446-0409-ABE4-EA9105E40EE4}
Autodesk 3ds Max Design 2009 32-bit Architectural Materials Library-->MsiExec.exe /I{C251E4E6-89BA-0409-9B42-1B3D01D34783}
Autodesk 3ds Max Design 2009 32-bit Movies-->MsiExec.exe /I{305D5417-E687-0409-AA09-53DE06E059F8}
Autodesk 3ds Max Design 2009 32-bit ProMaterials™ Library-->MsiExec.exe /I{2AB45FAF-2D92-0409-8D33-E2FE6172280E}
Autodesk 3ds Max Design 2009 32-bit Vault 2008 Plug-In-->MsiExec.exe /I{EFCBBB01-F876-0409-B91F-7B6132E8BB64}
Autodesk 3ds Max Design 2009 32-bit Vault 2009 Plug-In-->MsiExec.exe /I{744A5C19-AA4C-0409-BC07-9F4C73C8B247}
Autodesk 3ds Max Design 2009 32-bit-->MsiExec.exe /I{FDD8070F-E3B9-0409-822C-CCFE5E82C14D}
Autodesk Backburner 2008.1-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit-->MsiExec.exe /I{0B56244C-7B61-0409-A739-3E29DDE4DC3C}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FBX Plugin 2009.0 for Max 2009-->C:\Program Files\Autodesk\FBX\FbxPlugins\2009.0\Max2009\Uninstall.exe
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
FxVisor-->MsiExec.exe /I{F691A1F5-2789-46CE-A45A-57763198D384}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel® PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
K-Lite Codec Pack 4.3.1 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Office Access MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0015-0804-0000-0000000FF1CE}
Microsoft Office Access MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0015-0404-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0015-0C0A-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 FIX-->MsiExec.exe /X{25ED5F3B-382D-43CE-AD42-A44247209ACE}
Microsoft Office Excel MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0016-0804-0000-0000000FF1CE}
Microsoft Office Excel MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0016-0404-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office IME (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0028-0804-0000-0000000FF1CE}
Microsoft Office IME (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0028-0404-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-001A-0804-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001A-0404-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001A-0C0A-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0018-0804-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0018-0404-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Basque) 2007-->MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}
Microsoft Office Proof (Catalan) 2007-->MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}
Microsoft Office Proof (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-001F-0804-0000-0000000FF1CE}
Microsoft Office Proof (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001F-0404-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Galician) 2007-->MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-002C-0804-0000-0000000FF1CE}
Microsoft Office Proofing (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-002C-0404-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (Spanish) 2007-->MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-0019-0804-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0019-0404-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0019-0C0A-0000-0000000FF1CE}
Microsoft Office Shared MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-006E-0804-0000-0000000FF1CE}
Microsoft Office Shared MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-006E-0404-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (Spanish) 2007-->MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Chinese (Simplified)) 2007-->MsiExec.exe /X{90120000-001B-0804-0000-0000000FF1CE}
Microsoft Office Word MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001B-0404-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
Netscape Browser (remove only)-->"C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\SETUP.exe -runfromtemp -l0x0009 -removeonly
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
Sothink SWF Decompiler-->"C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Swift 3D MAX v3.00-->MsiExec.exe /X{FE5F3DCC-4A79-4C6D-A492-88875BA20998}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeraCopy 1.22-->"C:\Program Files\TeraCopy\unins000.exe"
Total Uninstall 4.8.0-->"C:\Program Files\Total Uninstall 4\unins000.exe"
Turbo Squid Tentacles 3ds Max 2009 32-bit-->MsiExec.exe /X{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}
USB2.0 1.3M WebCam-->C:\Windows\StkUnist.exe
VistaFeaturePack-->C:\Program Files\InstallShield Installation Information\{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}\setup.exe -runfromtemp -l0x0409
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Hosts File======

127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 194.224.66.48
127.0.0.1 192.150.22.40

======Security center information======

AS: Spybot - Search and Destroy (outdated)
AS: Windows Defender (disabled)
AS: SUPERAntiSpyware (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Autodesk\Backburner\;C:\Program Files\Common Files\Autodesk Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=0f0a
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

Edited by franticopic, 03 December 2008 - 05:24 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 05 December 2008 - 01:57 AM

Hello, my name is fenzodahl512 and welcome to BC.. Please do the following....


Please download SDFix by Andy Manchesta and save it to your desktop.
Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please reboot into Safe Mode
  • In Safe Mode, right click the SDFix.zip folder and choose Extract All,
  • A new folder will be extracted to your %systemdrive%, typically C:\SDFix
  • Open the extracted folder and double click RunThis.bat to start the script.
  • Type Y to begin the script.
  • It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • Your system will take longer that normal to restart as the fixtool will be running and removing files.
  • When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
  • Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt along with any other requested logs at the end of these instructions.



NEXT


Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop.

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..

Note: DO NOT mouseclick combofix's window while its running. That may cause it to stall




Post me these logs in your next reply..

1. SDFix
2. ComboFix

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 08 December 2008 - 07:08 PM

Hello fenzodahl512, thank you for the quick reply.

Ive followed the exact steps you gave me for SDFix, but when im in safemode and double click on RunThis.bat in the SDFix folder that is on my c drive, the blue command prompt displays for about 1 second and then disapears, there is no option to type "y". Any Ideas?

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 08 December 2008 - 10:02 PM

Proceed with ComboFix step please and post the log here.. Should ComboFix does not run, rename it to fenzodahl and run it.. Tell me if it still doesn't run..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#5 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 09 December 2008 - 06:51 PM

Here is the combofix log:

ComboFix 08-12-07.04 - LaFranco 2008-12-08 15:53:43.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1949 [GMT -8:00]
Running from: c:\users\LaFranco\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\acovcnt.exe

.
((((((((((((((((((((((((( Files Created from 2008-11-08 to 2008-12-08 )))))))))))))))))))))))))))))))
.

2008-12-08 15:37 . 2008-12-08 15:38 <DIR> d-------- C:\SDFix
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\.clamwin
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\programdata\.clamwin
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\program files\ClamWin
2008-12-04 08:06 . 2008-12-04 11:37 <DIR> d-------- C:\trend clean
2008-12-03 12:56 . 2008-12-03 12:58 <DIR> d-------- c:\program files\Common Files\Autodesk Shared
2008-12-03 12:56 . 2008-12-03 12:58 <DIR> d-------- c:\program files\Autodesk
2008-12-03 09:09 . 2008-12-03 09:09 <DIR> d-------- C:\rsit
2008-12-03 09:09 . 2008-12-03 09:09 <DIR> d-------- c:\program files\trend micro
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\SUPERAntiSpyware.com
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-12-03 03:31 . 2008-12-03 03:31 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-03 03:00 . 2008-12-03 03:00 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Malwarebytes
2008-12-03 03:00 . 2008-12-03 03:00 <DIR> d-------- c:\programdata\Malwarebytes
2008-12-03 03:00 . 2008-12-03 03:00 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-03 03:00 . 2008-10-22 16:10 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-03 03:00 . 2008-10-22 16:10 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-03 02:15 . 2008-04-26 00:26 891,448 --a------ c:\windows\System32\drivers\tcpip.sys
2008-12-03 02:15 . 2008-04-11 19:32 784,896 --a------ c:\windows\System32\rpcrt4.dll
2008-12-03 02:15 . 2008-10-21 19:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-12-03 02:15 . 2008-09-17 20:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-12-03 02:15 . 2008-09-17 20:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-12-03 02:15 . 2008-04-04 17:21 72,192 --a------ c:\windows\System32\drivers\pacer.sys
2008-12-03 02:15 . 2008-04-04 19:34 15,360 --a------ c:\windows\System32\pacerprf.dll
2008-12-03 00:33 . 2008-12-03 00:33 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\InstallShield
2008-12-02 23:56 . 2008-12-02 23:56 <DIR> d-------- c:\program files\Common Files\Java
2008-12-02 21:31 . 2008-12-03 01:47 <DIR> d-------- c:\program files\Panda Security
2008-12-02 21:25 . 2008-12-02 21:25 0 --ah----- C:\ntuser.dat.LOG2
2008-12-02 21:25 . 2008-12-02 21:25 0 --ah----- C:\ntuser.dat.LOG1
2008-12-02 21:25 . 2008-12-02 21:25 0 --a------ C:\ntuser.dat
2008-12-02 17:51 . 2008-12-02 17:51 95 --a------ c:\windows\wininit.ini
2008-12-01 23:36 . 2008-12-01 23:36 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\DivX
2008-12-01 16:51 . 2008-12-01 17:54 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Download Manager
2008-12-01 15:44 . 2008-12-01 15:44 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Mr Retro
2008-12-01 15:33 . 2008-12-01 15:33 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-12-01 01:54 . 2008-12-03 00:18 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\DAEMON Tools
2008-11-28 02:33 . 2008-11-28 02:33 <DIR> d-------- c:\users\LaFranco\Turbo Squid Tentacles
2008-11-28 02:30 . 2008-11-28 03:23 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Autodesk
2008-11-28 02:22 . 2008-11-28 02:22 <DIR> d-------- c:\program files\Microsoft WSE
2008-11-28 02:18 . 2008-12-03 12:56 <DIR> d-------- c:\programdata\Autodesk
2008-11-28 02:17 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2008-11-28 02:17 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2008-11-28 02:17 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\System32\d3dx9_31.dll
2008-11-28 02:17 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2008-11-28 02:17 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2008-11-28 02:17 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2008-11-28 01:01 . 2008-11-28 00:54 102,664 --a------ c:\windows\System32\drivers\tmcomm.sys
2008-11-28 00:54 . 2008-12-03 08:25 <DIR> d-------- c:\users\LaFranco\.housecall6.6
2008-11-28 00:49 . 2008-11-28 00:49 <DIR> d-------- c:\windows\Sun
2008-11-28 00:40 . 2008-12-02 23:57 <DIR> d-------- c:\program files\Java
2008-11-28 00:40 . 2008-11-10 05:43 410,984 --a------ c:\windows\System32\deploytk.dll
2008-11-28 00:08 . 2008-11-28 00:08 <DIR> d-------- c:\programdata\Martau
2008-11-28 00:08 . 2008-11-28 03:04 <DIR> d-------- c:\program files\Total Uninstall 4
2008-11-27 23:50 . 2008-12-01 01:55 717,296 --a------ c:\windows\System32\drivers\sptd.sys
2008-11-27 16:16 . 2008-11-27 16:17 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\FireShot
2008-11-27 16:16 . 2008-11-27 16:16 <DIR> d--hs---- c:\programdata\System Restore
2008-11-27 15:27 . 2008-11-27 15:27 <DIR> d-------- c:\program files\Safari
2008-11-27 15:26 . 2008-11-27 15:26 <DIR> d-------- c:\program files\Bonjour
2008-11-25 17:36 . 2008-11-25 17:36 <DIR> dr------- c:\users\LaFranco\AppData\Roaming\Brother
2008-11-25 16:56 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2008-11-25 16:52 . 2008-11-25 16:52 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-25 12:50 . 2008-11-25 12:50 <DIR> d-------- c:\program files\KarntheBetrayer
2008-11-23 20:43 . 2008-11-23 20:43 <DIR> d-------- c:\program files\SourceTec
2008-11-23 20:43 . 2008-11-23 20:43 <DIR> d-------- c:\program files\Common Files\SourceTec
2008-11-21 11:04 . 2008-12-03 00:18 <DIR> d-------- c:\programdata\Spybot - Search & Destroy
2008-11-21 11:04 . 2008-11-25 12:45 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-20 17:46 . 2008-11-25 17:45 419 --a------ c:\windows\BRWMARK.INI
2008-11-20 17:46 . 2008-11-20 17:46 27 --a------ c:\windows\BRPP2KA.INI
2008-11-20 17:43 . 2008-11-20 17:43 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-11-19 12:13 . 2008-11-19 12:13 <DIR> d-------- c:\programdata\FlashFXP
2008-11-19 12:13 . 2008-11-27 14:04 <DIR> d-------- c:\program files\FlashFXP
2008-11-19 03:45 . 2008-12-06 14:03 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\TeraCopy
2008-11-19 03:45 . 2008-12-04 21:49 <DIR> d-------- c:\program files\TeraCopy
2008-11-19 03:02 . 2008-12-07 13:34 <DIR> d-------- c:\program files\World of Warcraft
2008-11-19 03:02 . 2008-11-19 03:09 <DIR> d-------- c:\program files\Common Files\Blizzard Entertainment
2008-11-19 02:50 . 2008-11-19 02:50 <DIR> d-------- c:\programdata\FLEXnet
2008-11-19 02:39 . 2008-11-19 02:39 <DIR> d-------- c:\programdata\ALM
2008-11-19 02:33 . 2008-04-07 05:38 22,872 -ra------ c:\windows\System32\AdobePDFUI.dll
2008-11-19 02:27 . 2008-11-19 02:27 <DIR> d-------- c:\program files\Adobe Media Player
2008-11-19 02:26 . 2008-11-19 02:26 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2008-11-19 02:24 . 2008-11-19 02:24 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-19 02:18 . 2008-11-19 02:19 <DIR> d-------- c:\programdata\NVIDIA
2008-11-19 02:08 . 2008-11-19 02:08 <DIR> d-------- C:\PerfLogs
2008-11-19 01:48 . 2008-12-08 15:47 132,164 --a------ c:\programdata\nvModes.dat
2008-11-19 01:18 . 2008-01-18 23:33 2,623,488 --a------ c:\windows\System32\SLsvc.exe
2008-11-19 01:18 . 2008-01-18 23:36 1,541,120 --a------ c:\windows\System32\onex.dll
2008-11-19 01:16 . 2008-01-18 23:33 8,139,264 --a------ c:\windows\System32\ssBranded.scr
2008-11-19 01:15 . 2008-01-18 22:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2008-11-19 01:14 . 2008-01-18 23:36 704,512 --a------ c:\windows\System32\SmiEngine.dll
2008-11-19 01:14 . 2008-01-18 23:36 218,624 --a------ c:\windows\System32\wdscore.dll
2008-11-19 01:14 . 2008-01-18 23:36 139,264 --a------ c:\windows\System32\SmiInstaller.dll
2008-11-19 01:14 . 2008-01-18 23:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2008-11-19 01:14 . 2008-01-18 23:36 129,536 --a------ c:\windows\System32\sqmapi.dll
2008-11-19 01:13 . 2008-01-18 23:34 305,152 --a------ c:\windows\System32\msdelta.dll
2008-11-19 01:13 . 2008-01-18 23:34 258,560 --a------ c:\windows\System32\dpx.dll
2008-11-19 01:13 . 2008-01-18 23:34 246,784 --a------ c:\windows\System32\drvstore.dll
2008-11-19 01:13 . 2008-01-18 23:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2008-11-19 00:45 . 2008-11-19 00:45 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Netscape
2008-11-19 00:45 . 2008-11-19 00:45 <DIR> d-------- c:\program files\Netscape
2008-11-18 23:26 . 2008-11-18 23:26 269,312 --a------ c:\windows\System32\es.dll
2008-11-18 23:06 . 2008-11-18 23:06 428,544 --a------ c:\windows\System32\EncDec.dll
2008-11-18 23:06 . 2008-11-18 23:06 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-11-18 23:06 . 2008-11-18 23:06 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-11-18 23:06 . 2008-11-18 23:06 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-11-18 23:06 . 2008-11-18 23:06 80,896 --a------ c:\windows\System32\MSNP.ax
2008-11-18 23:06 . 2008-11-18 23:06 69,632 --a------ c:\windows\System32\Mpeg2Data.ax
2008-11-18 23:06 . 2008-11-18 23:06 57,856 --a------ c:\windows\System32\MSDvbNP.ax
2008-11-18 23:06 . 2008-11-18 23:06 1,820 --a------ c:\windows\System32\rasctrnm.h
2008-11-18 22:55 . 2008-12-01 23:26 <DIR> d-------- c:\program files\Common Files\Adobe
2008-11-18 19:59 . 2008-11-18 19:59 <DIR> d-------- c:\program files\IZArc
2008-11-18 18:33 . 2008-11-18 18:33 <DIR> d-------- c:\program files\DivX
2008-11-18 18:27 . 2008-11-18 18:27 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-11-18 18:27 . 2007-09-04 08:56 164,352 --a------ c:\windows\System32\unrar.dll
2008-11-18 18:25 . 2008-11-18 18:25 <DIR> d-------- c:\program files\Opera
2008-11-18 18:00 . 2008-11-18 18:00 361,984 --a------ c:\windows\System32\IPSECSVC.DLL
2008-11-18 18:00 . 2008-11-18 18:00 272,896 --a------ c:\windows\System32\polstore.dll
2008-11-18 18:00 . 2008-11-18 18:00 61,440 --a------ c:\windows\System32\winipsec.dll
2008-11-18 18:00 . 2008-11-18 18:00 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll
2008-11-18 17:59 . 2008-11-18 17:59 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-11-18 17:59 . 2008-11-18 17:59 1,695,744 --a------ c:\windows\System32\gameux.dll
2008-11-18 17:59 . 2008-11-18 17:59 28,160 --a------ c:\windows\System32\Apphlpdm.dll
2008-11-18 17:54 . 2008-11-18 17:54 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-18 17:53 . 2008-11-18 17:53 303,616 --a------ c:\windows\System32\wmpeffects.dll
2008-11-18 17:53 . 2008-11-18 17:53 2,048 --a------ c:\windows\System32\tzres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-03 08:34 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 11:15 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-26 00:57 --------- d-----w c:\programdata\Microsoft Help
2008-11-26 00:55 --------- d-----w c:\program files\MSBuild
2008-11-19 10:17 174 --sha-w c:\program files\desktop.ini
2008-11-19 10:09 --------- d-----w c:\program files\Windows Sidebar
2008-11-19 10:09 --------- d-----w c:\program files\Windows Photo Gallery
2008-11-19 10:09 --------- d-----w c:\program files\Windows Mail
2008-11-19 10:09 --------- d-----w c:\program files\Windows Journal
2008-11-19 10:09 --------- d-----w c:\program files\Windows Defender
2008-11-19 10:09 --------- d-----w c:\program files\Windows Collaboration
2008-11-19 10:09 --------- d-----w c:\program files\Windows Calendar
2008-11-19 09:58 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-11-19 09:58 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-11-19 05:20 --------- d-----w c:\programdata\~0
2008-11-19 01:59 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-19 01:59 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-19 01:59 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-11-19 01:59 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-19 01:59 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-19 00:55 --------- d-----w c:\program files\PowerForPhone
2008-11-19 00:54 --------- d-----w c:\program files\ASUS
2008-11-19 00:09 --------- d-----w c:\program files\Common Files\Ahead
2008-11-19 00:03 --------- d-----w c:\programdata\ASUS
2008-11-19 00:02 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-19 00:01 --------- d-----w c:\programdata\Symantec
2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\System32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\System32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\System32\DivX.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-01 00:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\System32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\System32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\System32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\System32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\System32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\System32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\System32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\System32\qt-dx331.dll
2008-09-19 21:55 200,704 ----a-w c:\windows\System32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\System32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\System32\DivXWMPExtType.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68}"= "c:\users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.61.dll" [2008-10-28 49152]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-26 32560]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13593120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 92704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2008-11-09 86016]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 22:43 640376 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 02:25 37232 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 07:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
--a------ 2007-06-14 06:27 33136 c:\windows\ASScrPro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-08-08 04:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 00:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-10 05:43 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2007-03-01 05:24 857648 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-18 23:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9F1E7561-C434-4500-827B-448918E73D4A}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{4CD8A6A9-E0EC-42B0-810C-0C0ED268210B}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{4819ACCC-0490-4E08-9065-B171D0075E7B}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{282741D2-86F3-4763-92A2-083D8A86AC14}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{12249948-0001-4300-BA5B-64AE91EDF673}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D1D78900-5F67-42F3-9F02-CC55507E0D2C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B5F27321-125F-4DEC-A745-0F25CFE6D30E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{4475B371-50F2-45F6-BD9A-2E45507B52D9}"= UDP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{87D7B037-D9B9-4EA3-91CE-FF2DD5E375DB}"= TCP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{A39D21EA-E70C-4F2A-AE74-4B7F4E24B13E}"= UDP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{4011C974-B021-4D93-B046-B4BB5E153773}"= TCP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{7359B68A-A1FF-4B9A-A96A-75F5C96BDA33}"= UDP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{E81B80BB-F701-4AB3-B26E-857F05CF029E}"= TCP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{394147D5-CE32-4159-A6A8-A06E41614BB3}"= UDP:c:\program files\Autodesk\3ds Max 2009\3dsmax.exe:Autodesk 3ds Max Design 2009 32-bit
"{CA4F5D35-EF12-44CB-8A26-C33D7F9231C5}"= TCP:c:\program files\Autodesk\3ds Max 2009\3dsmax.exe:Autodesk 3ds Max Design 2009 32-bit
"TCP Query User{1A08D972-96A1-49A9-8EB2-11EAA6F7D488}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{ED9EC87D-0E4B-4817-B4EE-74C985F9BE81}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{27EDF11F-DDD9-47E4-8537-168B7079E10B}"= UDP:42690:utorrent

R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit;"c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe" [2008-03-10 65536]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-11-21 809296]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-02-07 24576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01v32.sys [2007-03-14 48128]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-02-12 1245056]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
- - - - ORPHANS REMOVED - - - -

BHO-{06003348-0DEA-438F-A0CA-D5CAB0BB4729} - (no file)
BHO-{20FD3683-5F23-4079-9F96-71D3B8676310} - (no file)
BHO-{33623732-2879-415A-9DCB-B423E2A98119} - (no file)
BHO-{37E78054-D9F3-4C93-A8C0-1BE9EE9C6144} - (no file)
BHO-{427678BF-EFD8-46AF-A38D-23440B0ABB84} - (no file)
BHO-{8F60CF51-82E7-491E-A873-C5D11A5CDFE4} - (no file)
BHO-{94378A7D-1B5F-4C5F-9FC8-FBB514800E38} - (no file)
BHO-{D8A88537-718B-4025-9823-E4F7CBB1F7A1} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-MSServer - c:\windows\system32\fccbASKC.dll
HKLM-Run-50f55450 - c:\windows\system32\cjtkgkey.dll
MSConfigStartUp-50f55450 - c:\windows\system32\cjtkgkey.dll
MSConfigStartUp-MSServer - c:\windows\system32\fccbASKC.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O16 -: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FireFox -: Profile - c:\users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.ca/
FF -: plugin - c:\program files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Opera\program\plugins\npdivx32.dll
FF -: plugin - c:\program files\Opera\program\plugins\NPOFF12.DLL
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 15:56:30
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-08 15:57:52
ComboFix-quarantined-files.txt 2008-12-08 23:57:50

Pre-Run: 11,813,089,280 bytes free
Post-Run: 12,143,521,792 bytes free

325 --- E O F --- 2008-12-03 10:19:14


Here is also a hijackthis log, not surt if its needed but:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:49:10 PM, on 09/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.61.dll
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O13 - Gopher Prefix:
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 8558 bytes


Once again thanks for your time :thumbsup:

#6 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 10 December 2008 - 12:36 AM

Your log is surprisingly good.. Lets do a scan.. Then, tell me, how is your computer now? :thumbsup:


Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#7 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 10 December 2008 - 01:58 AM

Ya my pc runs fine but there are two files that run on start up,MSServer and 50f55450, when i uncheck them after doing a spybot s&d and malwarebytes scan they always reappear, the files are noticed in spybot s&d and malwarebytes they just come back after removal. Any ways here is the scan:

Malwarebytes' Anti-Malware 1.31
Database version: 1481
Windows 6.0.6001 Service Pack 1

09/12/2008 10:46:29 PM
mbam-log-2008-12-09 (22-46-29).txt

Scan type: Quick Scan
Objects scanned: 49661
Time elapsed: 3 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\50f55450 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Thanks again:)

#8 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 10 December 2008 - 02:05 AM

Please go to Start >> Run >> Copy/Paste command below >> Press Enter

REGEDIT /E "%USERPROFILE%\Desktop\result.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"

A new textfile result.txt will be created on your Desktop. Please post its content in your next reply..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#9 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 10 December 2008 - 02:33 AM

Here ya go:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\IME12\\IMESC\\IMSCMIG.EXE /INSTALL"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""
"RtHDVCpl"="RtHDVCpl.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"ClamWin"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
@=""
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 10 December 2008 - 02:45 AM

Well, I don't see it in your Registry.. Try reboot your computer.. Do you still get the same error? :thumbsup:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 10 December 2008 - 02:59 AM

I dont get an error but files are back after i have restarted my pc, here is log after restart:

Malwarebytes' Anti-Malware 1.31
Database version: 1481
Windows 6.0.6001 Service Pack 1

09/12/2008 11:55:14 PM
mbam-log-2008-12-09 (23-55-14).txt

Scan type: Quick Scan
Objects scanned: 49489
Time elapsed: 3 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\50f55450 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

and the other one:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\IME12\\IMESC\\IMSCMIG.EXE /INSTALL"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""
"RtHDVCpl"="RtHDVCpl.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"ClamWin"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"
"MSServer"="rundll32.exe C:\\Windows\\system32\\fccbASKC.dll,#1"
"50f55450"="rundll32.exe \"C:\\Windows\\system32\\cjtkgkey.dll\",b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
@=""
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

They just wont go away, anyways, thanks for replying so quick, hopefully we can get this. :thumbsup:

#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 10 December 2008 - 03:11 AM

Ok.. Do this...

Please download FileAssassin and unzip it to your Desktop.
  • Double-click FileASSASSIN and tick on Attempt FileASSASSIN's method of file processing
  • Make sure ALL four options are selected (including "Delete file")
  • Copy/paste below file to the box
    • C:\Windows\system32\fccbASKC.dll
  • Press Execute button..

Repeat the step with below file

C:\Windows\system32\cjtkgkey.dll




NEXT


Then please reboot into Safe Mode

In Safe Mode, Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before do the next step.. Please visit HERE if you don't know how..

Please copy and paste the following into a Notepad

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\IME12\\IMESC\\IMSCMIG.EXE /INSTALL"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""
"RtHDVCpl"="RtHDVCpl.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"ClamWin"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
@=""
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

Save it in desktop as Fix.reg and in Save as type: choose All Files

A new registry file will then created on your desktop. It should look like this: Posted Image

Just double-click the file and choose Yes at prompt.




NEXT


Reboot into Normal Mode and observe.. Do you still get that error?.. Then re-enable back all security programs that been disabled before..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 10 December 2008 - 03:32 AM

FileAssassin says "The file you have specified does not exist or is not visible to fileASSASSIN. But they are there:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\IME12\\IMESC\\IMSCMIG.EXE /INSTALL"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""
"RtHDVCpl"="RtHDVCpl.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""
"ClamWin"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"
"MSServer"="rundll32.exe C:\\Windows\\system32\\fccbASKC.dll,#1"
"50f55450"="rundll32.exe \"C:\\Windows\\system32\\cjtkgkey.dll\",b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
@=""
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

#14 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 10 December 2008 - 03:59 AM

Ok.. delete your ComboFix and download a fresh one from below, then run it.. As usual, post the log here..

Link 1
Link 2



Ok.. delete your ComboFix and download a fresh one from below, then run it.. As usual, post the log here..

Link 1
Link 2

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#15 franticopic

franticopic
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:00 AM

Posted 10 December 2008 - 04:20 AM

Here is the new combofix report:

ComboFix 08-12-09.02 - LaFranco 2008-12-10 1:08:13.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2048 [GMT -8:00]
Running from: c:\users\LaFranco\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-11-10 to 2008-12-10 )))))))))))))))))))))))))))))))
.

2008-12-09 21:18 . 2008-12-09 21:18 <DIR> d-------- c:\program files\Trapcode
2008-12-09 21:08 . 2004-03-29 17:23 90,112 --a------ c:\windows\unvise32.exe
2008-12-08 15:37 . 2008-12-08 15:38 <DIR> d-------- C:\SDFix
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\.clamwin
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\programdata\.clamwin
2008-12-07 15:01 . 2008-12-07 15:01 <DIR> d-------- c:\program files\ClamWin
2008-12-04 08:06 . 2008-12-04 11:37 <DIR> d-------- C:\trend clean
2008-12-03 12:56 . 2008-12-03 12:58 <DIR> d-------- c:\program files\Common Files\Autodesk Shared
2008-12-03 12:56 . 2008-12-03 12:58 <DIR> d-------- c:\program files\Autodesk
2008-12-03 09:09 . 2008-12-03 09:09 <DIR> d-------- C:\rsit
2008-12-03 09:09 . 2008-12-03 09:09 <DIR> d-------- c:\program files\trend micro
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\SUPERAntiSpyware.com
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2008-12-03 03:32 . 2008-12-03 03:32 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-12-03 03:31 . 2008-12-03 03:31 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-03 03:00 . 2008-12-03 03:00 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Malwarebytes
2008-12-03 03:00 . 2008-12-03 03:00 <DIR> d-------- c:\programdata\Malwarebytes
2008-12-03 03:00 . 2008-12-09 22:42 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-03 03:00 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-03 03:00 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-03 02:15 . 2008-04-26 00:26 891,448 --a------ c:\windows\System32\drivers\tcpip.sys
2008-12-03 02:15 . 2008-04-11 19:32 784,896 --a------ c:\windows\System32\rpcrt4.dll
2008-12-03 02:15 . 2008-10-21 19:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-12-03 02:15 . 2008-09-17 20:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-12-03 02:15 . 2008-09-17 20:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-12-03 02:15 . 2008-04-04 17:21 72,192 --a------ c:\windows\System32\drivers\pacer.sys
2008-12-03 02:15 . 2008-04-04 19:34 15,360 --a------ c:\windows\System32\pacerprf.dll
2008-12-03 00:33 . 2008-12-03 00:33 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\InstallShield
2008-12-02 23:56 . 2008-12-02 23:56 <DIR> d-------- c:\program files\Common Files\Java
2008-12-02 21:31 . 2008-12-03 01:47 <DIR> d-------- c:\program files\Panda Security
2008-12-02 21:25 . 2008-12-02 21:25 0 --ah----- C:\ntuser.dat.LOG2
2008-12-02 21:25 . 2008-12-02 21:25 0 --ah----- C:\ntuser.dat.LOG1
2008-12-02 21:25 . 2008-12-02 21:25 0 --a------ C:\ntuser.dat
2008-12-02 17:51 . 2008-12-02 17:51 95 --a------ c:\windows\wininit.ini
2008-12-01 23:36 . 2008-12-01 23:36 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\DivX
2008-12-01 16:51 . 2008-12-01 17:54 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Download Manager
2008-12-01 15:44 . 2008-12-01 15:44 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Mr Retro
2008-12-01 15:33 . 2008-12-01 15:33 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-12-01 01:54 . 2008-12-03 00:18 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\DAEMON Tools
2008-11-28 02:33 . 2008-11-28 02:33 <DIR> d-------- c:\users\LaFranco\Turbo Squid Tentacles
2008-11-28 02:30 . 2008-11-28 03:23 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Autodesk
2008-11-28 02:22 . 2008-11-28 02:22 <DIR> d-------- c:\program files\Microsoft WSE
2008-11-28 02:18 . 2008-12-03 12:56 <DIR> d-------- c:\programdata\Autodesk
2008-11-28 02:17 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2008-11-28 02:17 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2008-11-28 02:17 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\System32\d3dx9_31.dll
2008-11-28 02:17 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2008-11-28 02:17 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2008-11-28 02:17 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2008-11-28 01:01 . 2008-11-28 00:54 102,664 --a------ c:\windows\System32\drivers\tmcomm.sys
2008-11-28 00:54 . 2008-12-03 08:25 <DIR> d-------- c:\users\LaFranco\.housecall6.6
2008-11-28 00:49 . 2008-11-28 00:49 <DIR> d-------- c:\windows\Sun
2008-11-28 00:40 . 2008-12-02 23:57 <DIR> d-------- c:\program files\Java
2008-11-28 00:40 . 2008-11-10 05:43 410,984 --a------ c:\windows\System32\deploytk.dll
2008-11-28 00:08 . 2008-11-28 00:08 <DIR> d-------- c:\programdata\Martau
2008-11-28 00:08 . 2008-11-28 03:04 <DIR> d-------- c:\program files\Total Uninstall 4
2008-11-27 23:50 . 2008-12-01 01:55 717,296 --a------ c:\windows\System32\drivers\sptd.sys
2008-11-27 16:16 . 2008-11-27 16:17 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\FireShot
2008-11-27 16:16 . 2008-11-27 16:16 <DIR> d--hs---- c:\programdata\System Restore
2008-11-27 15:27 . 2008-11-27 15:27 <DIR> d-------- c:\program files\Safari
2008-11-27 15:26 . 2008-11-27 15:26 <DIR> d-------- c:\program files\Bonjour
2008-11-25 17:36 . 2008-11-25 17:36 <DIR> dr------- c:\users\LaFranco\AppData\Roaming\Brother
2008-11-25 16:56 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2008-11-25 16:52 . 2008-11-25 16:52 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-25 12:50 . 2008-11-25 12:50 <DIR> d-------- c:\program files\KarntheBetrayer
2008-11-23 20:43 . 2008-11-23 20:43 <DIR> d-------- c:\program files\SourceTec
2008-11-23 20:43 . 2008-11-23 20:43 <DIR> d-------- c:\program files\Common Files\SourceTec
2008-11-21 11:04 . 2008-12-03 00:18 <DIR> d-------- c:\programdata\Spybot - Search & Destroy
2008-11-21 11:04 . 2008-11-25 12:45 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-20 17:46 . 2008-11-25 17:45 419 --a------ c:\windows\BRWMARK.INI
2008-11-20 17:46 . 2008-11-20 17:46 27 --a------ c:\windows\BRPP2KA.INI
2008-11-20 17:43 . 2008-11-20 17:43 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-11-19 12:13 . 2008-11-19 12:13 <DIR> d-------- c:\programdata\FlashFXP
2008-11-19 12:13 . 2008-11-27 14:04 <DIR> d-------- c:\program files\FlashFXP
2008-11-19 03:45 . 2008-12-10 00:21 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\TeraCopy
2008-11-19 03:45 . 2008-12-04 21:49 <DIR> d-------- c:\program files\TeraCopy
2008-11-19 03:02 . 2008-12-07 13:34 <DIR> d-------- c:\program files\World of Warcraft
2008-11-19 03:02 . 2008-11-19 03:09 <DIR> d-------- c:\program files\Common Files\Blizzard Entertainment
2008-11-19 02:50 . 2008-11-19 02:50 <DIR> d-------- c:\programdata\FLEXnet
2008-11-19 02:39 . 2008-11-19 02:39 <DIR> d-------- c:\programdata\ALM
2008-11-19 02:33 . 2008-04-07 05:38 22,872 -ra------ c:\windows\System32\AdobePDFUI.dll
2008-11-19 02:27 . 2008-11-19 02:27 <DIR> d-------- c:\program files\Adobe Media Player
2008-11-19 02:26 . 2008-11-19 02:26 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2008-11-19 02:24 . 2008-11-19 02:24 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-19 02:18 . 2008-11-19 02:19 <DIR> d-------- c:\programdata\NVIDIA
2008-11-19 02:08 . 2008-11-19 02:08 <DIR> d-------- C:\PerfLogs
2008-11-19 01:48 . 2008-12-10 00:24 132,164 --a------ c:\programdata\nvModes.dat
2008-11-19 01:18 . 2008-01-18 23:33 2,623,488 --a------ c:\windows\System32\SLsvc.exe
2008-11-19 01:18 . 2008-01-18 23:36 1,541,120 --a------ c:\windows\System32\onex.dll
2008-11-19 01:16 . 2008-01-18 23:33 8,139,264 --a------ c:\windows\System32\ssBranded.scr
2008-11-19 01:15 . 2008-01-18 22:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2008-11-19 01:14 . 2008-01-18 23:36 704,512 --a------ c:\windows\System32\SmiEngine.dll
2008-11-19 01:14 . 2008-01-18 23:36 218,624 --a------ c:\windows\System32\wdscore.dll
2008-11-19 01:14 . 2008-01-18 23:36 139,264 --a------ c:\windows\System32\SmiInstaller.dll
2008-11-19 01:14 . 2008-01-18 23:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2008-11-19 01:14 . 2008-01-18 23:36 129,536 --a------ c:\windows\System32\sqmapi.dll
2008-11-19 01:13 . 2008-01-18 23:34 305,152 --a------ c:\windows\System32\msdelta.dll
2008-11-19 01:13 . 2008-01-18 23:34 258,560 --a------ c:\windows\System32\dpx.dll
2008-11-19 01:13 . 2008-01-18 23:34 246,784 --a------ c:\windows\System32\drvstore.dll
2008-11-19 01:13 . 2008-01-18 23:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2008-11-19 00:45 . 2008-11-19 00:45 <DIR> d-------- c:\users\LaFranco\AppData\Roaming\Netscape
2008-11-19 00:45 . 2008-11-19 00:45 <DIR> d-------- c:\program files\Netscape
2008-11-18 23:26 . 2008-11-18 23:26 269,312 --a------ c:\windows\System32\es.dll
2008-11-18 23:06 . 2008-11-18 23:06 428,544 --a------ c:\windows\System32\EncDec.dll
2008-11-18 23:06 . 2008-11-18 23:06 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-11-18 23:06 . 2008-11-18 23:06 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-11-18 23:06 . 2008-11-18 23:06 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-11-18 23:06 . 2008-11-18 23:06 80,896 --a------ c:\windows\System32\MSNP.ax
2008-11-18 23:06 . 2008-11-18 23:06 69,632 --a------ c:\windows\System32\Mpeg2Data.ax
2008-11-18 23:06 . 2008-11-18 23:06 57,856 --a------ c:\windows\System32\MSDvbNP.ax
2008-11-18 23:06 . 2008-11-18 23:06 1,820 --a------ c:\windows\System32\rasctrnm.h
2008-11-18 22:55 . 2008-12-01 23:26 <DIR> d-------- c:\program files\Common Files\Adobe
2008-11-18 19:59 . 2008-11-18 19:59 <DIR> d-------- c:\program files\IZArc
2008-11-18 18:33 . 2008-11-18 18:33 <DIR> d-------- c:\program files\DivX
2008-11-18 18:27 . 2008-11-18 18:27 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-11-18 18:27 . 2007-09-04 08:56 164,352 --a------ c:\windows\System32\unrar.dll
2008-11-18 18:25 . 2008-11-18 18:25 <DIR> d-------- c:\program files\Opera
2008-11-18 18:00 . 2008-11-18 18:00 361,984 --a------ c:\windows\System32\IPSECSVC.DLL
2008-11-18 18:00 . 2008-11-18 18:00 272,896 --a------ c:\windows\System32\polstore.dll
2008-11-18 18:00 . 2008-11-18 18:00 61,440 --a------ c:\windows\System32\winipsec.dll
2008-11-18 18:00 . 2008-11-18 18:00 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll
2008-11-18 17:59 . 2008-11-18 17:59 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-11-18 17:59 . 2008-11-18 17:59 1,695,744 --a------ c:\windows\System32\gameux.dll
2008-11-18 17:59 . 2008-11-18 17:59 28,160 --a------ c:\windows\System32\Apphlpdm.dll
2008-11-18 17:54 . 2008-11-18 17:54 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 05:18 1,942 ----a-w c:\program files\trapcodehorizon.log
2008-12-03 08:34 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 11:15 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-26 00:57 --------- d-----w c:\programdata\Microsoft Help
2008-11-26 00:55 --------- d-----w c:\program files\MSBuild
2008-11-19 10:17 174 --sha-w c:\program files\desktop.ini
2008-11-19 10:09 --------- d-----w c:\program files\Windows Sidebar
2008-11-19 10:09 --------- d-----w c:\program files\Windows Photo Gallery
2008-11-19 10:09 --------- d-----w c:\program files\Windows Mail
2008-11-19 10:09 --------- d-----w c:\program files\Windows Journal
2008-11-19 10:09 --------- d-----w c:\program files\Windows Defender
2008-11-19 10:09 --------- d-----w c:\program files\Windows Collaboration
2008-11-19 10:09 --------- d-----w c:\program files\Windows Calendar
2008-11-19 09:58 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-11-19 09:58 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-11-19 05:20 --------- d-----w c:\programdata\~0
2008-11-19 01:59 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-19 01:59 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-19 01:59 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-11-19 01:59 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-19 01:59 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-19 00:55 --------- d-----w c:\program files\PowerForPhone
2008-11-19 00:54 --------- d-----w c:\program files\ASUS
2008-11-19 00:09 --------- d-----w c:\program files\Common Files\Ahead
2008-11-19 00:03 --------- d-----w c:\programdata\ASUS
2008-11-19 00:02 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-19 00:01 --------- d-----w c:\programdata\Symantec
2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\System32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\System32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\System32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\System32\DivX.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-01 00:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\System32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\System32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\System32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\System32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\System32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\System32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\System32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\System32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\System32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\System32\qt-dx331.dll
2008-09-19 21:55 200,704 ----a-w c:\windows\System32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\System32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\System32\DivXWMPExtType.dll
.

((((((((((((((((((((((((((((( snapshot@2008-12-08_15.56.59.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-10 08:24:05 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-10 08:24:05 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-12-08 23:48:54 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-12-10 08:26:16 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
- 2008-12-08 23:48:48 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-12-10 08:26:10 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-12-10 08:26:10 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-12-08 23:53:29 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2008-12-10 09:08:08 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2007-04-27 04:34:48 2,875,392 ----a-w c:\windows\System32\libmmd.dll
+ 2008-03-24 23:24:36 516,096 ----a-w c:\windows\System32\RegisterDialog.dll
- 2008-12-08 23:35:56 6,218 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3275585465-1419432489-2217980855-1000_UserData.bin
+ 2008-12-10 08:26:37 6,456 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3275585465-1419432489-2217980855-1000_UserData.bin
- 2008-12-08 23:49:16 73,602 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-10 08:26:37 73,984 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-12-08 23:49:12 32,274 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-12-10 08:26:34 32,670 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68}"= "c:\users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.61.dll" [2008-10-28 49152]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-26 32560]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13593120]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 92704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2008-11-09 86016]
"MSServer"="c:\windows\system32\fccbASKC.dll" [BU]
"50f55450"="c:\windows\system32\cjtkgkey.dll" [BU]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 22:43 640376 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 02:25 37232 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 07:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
--a------ 2007-06-14 06:27 33136 c:\windows\ASScrPro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-08-08 04:11 490952 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 00:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-10 05:43 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2007-03-01 05:24 857648 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-18 23:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9F1E7561-C434-4500-827B-448918E73D4A}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{4CD8A6A9-E0EC-42B0-810C-0C0ED268210B}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{4819ACCC-0490-4E08-9065-B171D0075E7B}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{282741D2-86F3-4763-92A2-083D8A86AC14}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{12249948-0001-4300-BA5B-64AE91EDF673}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D1D78900-5F67-42F3-9F02-CC55507E0D2C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B5F27321-125F-4DEC-A745-0F25CFE6D30E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{4475B371-50F2-45F6-BD9A-2E45507B52D9}"= UDP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{87D7B037-D9B9-4EA3-91CE-FF2DD5E375DB}"= TCP:c:\program files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{A39D21EA-E70C-4F2A-AE74-4B7F4E24B13E}"= UDP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{4011C974-B021-4D93-B046-B4BB5E153773}"= TCP:c:\program files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{7359B68A-A1FF-4B9A-A96A-75F5C96BDA33}"= UDP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{E81B80BB-F701-4AB3-B26E-857F05CF029E}"= TCP:c:\program files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{394147D5-CE32-4159-A6A8-A06E41614BB3}"= UDP:c:\program files\Autodesk\3ds Max 2009\3dsmax.exe:Autodesk 3ds Max Design 2009 32-bit
"{CA4F5D35-EF12-44CB-8A26-C33D7F9231C5}"= TCP:c:\program files\Autodesk\3ds Max 2009\3dsmax.exe:Autodesk 3ds Max Design 2009 32-bit
"TCP Query User{1A08D972-96A1-49A9-8EB2-11EAA6F7D488}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{ED9EC87D-0E4B-4817-B4EE-74C985F9BE81}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{27EDF11F-DDD9-47E4-8537-168B7079E10B}"= UDP:42690:utorrent

R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit;"c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe" [2008-03-10 65536]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-11-21 809296]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-02-07 24576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01v32.sys [2007-03-14 48128]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-02-12 1245056]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
- - - - ORPHANS REMOVED - - - -

BHO-{06003348-0DEA-438F-A0CA-D5CAB0BB4729} - (no file)
BHO-{20FD3683-5F23-4079-9F96-71D3B8676310} - (no file)
BHO-{33623732-2879-415A-9DCB-B423E2A98119} - (no file)
BHO-{37E78054-D9F3-4C93-A8C0-1BE9EE9C6144} - (no file)
BHO-{427678BF-EFD8-46AF-A38D-23440B0ABB84} - (no file)
BHO-{8F60CF51-82E7-491E-A873-C5D11A5CDFE4} - (no file)
BHO-{94378A7D-1B5F-4C5F-9FC8-FBB514800E38} - (no file)
BHO-{D8A88537-718B-4025-9823-E4F7CBB1F7A1} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm

O16 -: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FireFox -: Profile - c:\users\LaFranco\AppData\Roaming\Mozilla\Firefox\Profiles\v5t3y5cx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.ca/
FF -: plugin - c:\program files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Opera\program\plugins\npdivx32.dll
FF -: plugin - c:\program files\Opera\program\plugins\NPOFF12.DLL
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 01:11:39
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-10 1:13:03
ComboFix-quarantined-files.txt 2008-12-10 09:12:59
ComboFix2.txt 2008-12-10 02:56:14
ComboFix3.txt 2008-12-08 23:57:53

Pre-Run: 10,676,191,232 bytes free
Post-Run: 10,431,049,728 bytes free

339 --- E O F --- 2008-12-03 10:19:14


Dont stay up to late he he.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users