Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with HEUR:Backdoor.Win32.Generic..."Banzo.exe"


  • This topic is locked This topic is locked
4 replies to this topic

#1 Jordan09

Jordan09

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 23 December 2008 - 04:11 AM

Ok on the 20th of December i noticed a HUGE slow down of my pc So i scanned it with kaspersky 09 virus scanner and it detected the virus Banzo.exe located in a CAB file from NERO 9. So i uninstalled Nero And ran CC cleaner and done a registry clean with that program then i ran spybot search and destroy and it came up clean. I also have Had Kaspersky 09 Run clean in the past few days but i still notice very poor performance since that was detected. So below i have the RSIT log files and i tried the kaspersky online scanner but everytime i try to run it my computer crashes and restarts no blue screen just restarts automaticly :thumbsup: . Thank you in advance for taking the time to help me, and happy holidays.



Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2008-12-23 02:34:03
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (5%) free of 234 GB
Total RAM: 894 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:34:15 AM, on 12/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\Firefox Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.new.rr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\RunServices: [BUNGIE] banzo.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1227737545078
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60D15896-0B1E-4306-BE3D-486C85ABB436}: NameServer = 24.94.163.100,24.94.163.101
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 6315 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-11-11 206088]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-04-17 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-09-26 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-01 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-09-12 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-11-26 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PrismXL"=2
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"UleadBurningHelper"=2
"idsvc"=3
"getPlus® Helper"=3

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\1227599193\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1227599193\EE\AOLServiceHost.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\TVersity\Media Server\MediaServer.exe"="C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server"
"C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe"="C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe:*:Enabled:River Past Video Cleaner Pro"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\setup.exe


======List of files/folders created in the last 1 months======

2008-12-23 02:34:03 ----D---- C:\rsit
2008-12-20 18:16:13 ----D---- C:\Program Files\Common Files\Sony Shared
2008-12-20 17:58:50 ----D---- C:\WINDOWS\Minidump
2008-12-20 08:24:45 ----SHD---- C:\Config.Msi
2008-12-20 08:04:28 ----D---- C:\Program Files\Trend Micro
2008-12-20 03:27:36 ----D---- C:\Program Files\MSXML 4.0
2008-12-20 00:55:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-20 00:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-19 05:28:45 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-19 05:09:57 ----D---- C:\Program Files\Unlocker
2008-12-19 04:13:05 ----D---- C:\Documents and Settings\Owner\Application Data\Nero
2008-12-19 03:40:15 ----A---- C:\WINDOWS\Irremote.ini
2008-12-19 03:37:19 ----D---- C:\Program Files\Windows Sidebar
2008-12-19 03:20:32 ----D---- C:\Program Files\Common Files\Nero
2008-12-19 03:20:32 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-19 02:58:46 ----D---- C:\Program Files\MSBuild
2008-12-19 02:00:37 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-19 01:45:50 ----A---- C:\WINDOWS\system32\bungie.exe
2008-12-19 01:26:32 ----D---- C:\Program Files\Reference Assemblies
2008-12-19 01:24:39 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-19 01:05:35 ----D---- C:\Program Files\Nero
2008-12-18 23:26:58 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-18 23:26:58 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-18 23:26:57 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-18 23:26:55 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-18 23:26:55 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-18 23:26:54 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-18 23:26:52 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-18 23:26:50 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-18 23:26:50 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-18 23:26:47 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-18 23:26:44 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-18 23:26:43 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-18 23:26:43 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-18 23:26:41 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-18 23:26:40 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-18 23:26:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-18 23:26:38 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-18 23:26:35 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-18 23:26:35 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-18 23:26:30 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-18 23:26:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-18 23:26:26 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-18 23:26:25 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-18 23:26:23 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-18 23:26:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-18 23:26:18 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-18 23:26:18 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-18 23:26:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-18 23:26:14 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-12-18 23:26:14 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-18 23:26:12 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-12-18 23:26:12 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-18 23:26:08 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-18 23:26:05 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-18 23:25:57 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-18 23:25:51 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-18 23:25:50 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-18 23:25:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-18 23:25:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-18 23:25:16 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-18 23:25:13 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-18 23:25:11 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-18 23:25:11 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-18 23:25:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-18 23:25:07 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-18 23:25:06 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-18 23:25:05 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-18 23:25:03 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-18 23:25:02 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-18 23:24:58 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-18 23:24:56 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-18 23:24:56 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-18 23:24:54 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-18 23:24:51 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-18 23:24:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-18 23:24:46 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-18 23:24:43 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-18 23:24:41 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-18 23:24:32 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-18 23:18:53 ----D---- C:\WINDOWS\Logs
2008-12-18 23:01:06 ----A---- C:\WINDOWS\system32\libusb0.dll
2008-12-18 22:38:16 ----D---- C:\Program Files\CAPCOM
2008-12-18 21:24:09 ----D---- C:\Program Files\WMV9_VCM
2008-12-18 21:23:59 ----D---- C:\Documents and Settings\Owner\Application Data\River Past G5
2008-12-18 21:23:59 ----D---- C:\Documents and Settings\All Users\Application Data\River Past G5
2008-12-17 20:36:01 ----D---- C:\Program Files\TVersity Codec Pack
2008-12-17 20:34:17 ----D---- C:\Program Files\TVersity
2008-12-17 19:44:50 ----D---- C:\Program Files\AC3Filter
2008-12-17 19:44:33 ----D---- C:\Program Files\Haali
2008-12-16 22:52:37 ----D---- C:\Documents and Settings\Owner\Application Data\Windows Search
2008-12-16 22:47:12 ----D---- C:\Program Files\Windows Desktop Search
2008-12-16 22:47:11 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-12-16 22:28:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-16 16:20:04 ----D---- C:\Documents and Settings\Owner\Application Data\Ulead Systems
2008-12-16 15:53:41 ----D---- C:\Program Files\Common Files\InterVideo
2008-12-16 15:53:29 ----D---- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresize.dll
2008-12-16 15:52:17 ----D---- C:\Program Files\Windows Media Components
2008-12-16 15:51:18 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-12-16 15:51:18 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-12-15 00:19:11 ----A---- C:\WINDOWS\Wininit.ini
2008-12-15 00:19:09 ----D---- C:\WINDOWS\Ulead.dat
2008-12-15 00:19:08 ----D---- C:\WINDOWS\Noslip
2008-12-15 00:16:49 ----A---- C:\WINDOWS\ULEAD32.INI
2008-12-15 00:16:47 ----D---- C:\Program Files\Ulead Systems
2008-12-14 22:03:26 ----D---- C:\iPod_Control
2008-12-14 22:03:26 ----D---- C:\Contacts
2008-12-14 22:02:59 ----D---- C:\Program Files\EphPod
2008-12-14 21:56:19 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-12-14 21:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-14 19:00:35 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-11 18:18:37 ----D---- C:\Program Files\Symantec
2008-12-10 15:16:39 ----D---- C:\Program Files\Jnes 0.6
2008-12-10 01:16:55 ----D---- C:\Program Files\Common Files\Adobe
2008-12-10 01:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-10 01:13:15 ----D---- C:\Program Files\NOS
2008-12-09 16:09:51 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-12-08 19:57:14 ----D---- C:\Program Files\CCleaner
2008-12-08 04:30:00 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-06 05:52:32 ----D---- C:\Documents and Settings\Owner\Application Data\Media Player Classic
2008-12-06 05:46:02 ----A---- C:\WINDOWS\system32\unrar.dll
2008-12-06 05:46:02 ----A---- C:\WINDOWS\avisplitter.ini
2008-12-06 05:46:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\divx.dll
2008-12-06 05:45:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-12-06 05:45:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-12-06 05:45:58 ----D---- C:\Program Files\K-Lite Codec Pack
2008-12-06 05:15:56 ----D---- C:\Program Files\Xilisoft
2008-12-04 20:13:49 ----D---- C:\Program Files\DIFX
2008-12-04 20:13:32 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-04 20:13:30 ----D---- C:\Program Files\BlueAntDFU_Z9i
2008-12-01 02:08:06 ----D---- C:\Program Files\YouTube Downloader
2008-11-30 21:11:34 ----D---- C:\Documents and Settings\Owner\Application Data\Leadertech
2008-11-30 21:04:31 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-30 21:04:30 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-11-30 21:04:17 ----D---- C:\Program Files\Windows Media Connect 2
2008-11-30 21:04:07 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-11-30 21:03:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-11-30 21:02:38 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-11-30 21:01:27 ----A---- C:\WINDOWS\ModemLog_PCI Soft Data Fax Modem with SmartCP.txt
2008-11-29 07:35:01 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-11-29 05:55:39 ----A---- C:\WINDOWS\system32\muweb.dll
2008-11-29 05:55:39 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-29 05:55:39 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-29 05:20:46 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-11-29 05:20:05 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-11-29 05:08:21 ----D---- C:\Program Files\Imageshackert
2008-11-27 18:00:47 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-11-27 16:50:25 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-11-27 16:50:23 ----D---- C:\Program Files\StuffPlug3
2008-11-27 16:35:51 ----D---- C:\WINDOWS\SxsCaPendDel
2008-11-27 14:06:11 ----D---- C:\Documents and Settings\Owner\Application Data\WinRAR
2008-11-26 21:28:47 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-11-26 21:28:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-11-26 21:24:04 ----D---- C:\WINDOWS\Prefetch
2008-11-26 21:14:57 ----D---- C:\WINDOWS\system32\scripting
2008-11-26 21:14:52 ----D---- C:\WINDOWS\l2schemas
2008-11-26 21:14:51 ----D---- C:\WINDOWS\system32\en
2008-11-26 21:14:51 ----D---- C:\WINDOWS\system32\bits
2008-11-26 21:11:43 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-26 21:06:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-26 20:54:17 ----D---- C:\Documents and Settings\Owner\Application Data\Logitech
2008-11-26 20:49:53 ----D---- C:\Program Files\Common Files\LogiShared
2008-11-26 20:48:00 ----A---- C:\WINDOWS\system32\WdfCoInstaller01005.dll
2008-11-26 20:48:00 ----A---- C:\WINDOWS\KHALMNPR.Exe
2008-11-26 20:47:58 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-26 20:47:37 ----A---- C:\WINDOWS\system32\KemXML.dll
2008-11-26 20:47:37 ----A---- C:\WINDOWS\system32\KemWnd.dll
2008-11-26 20:47:37 ----A---- C:\WINDOWS\system32\KemUtil.dll
2008-11-26 20:47:37 ----A---- C:\WINDOWS\system32\kemutb.dll
2008-11-26 20:47:13 ----D---- C:\Program Files\Common Files\Logitech
2008-11-26 20:46:55 ----D---- C:\Documents and Settings\Owner\Application Data\InstallShield
2008-11-26 19:13:27 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-11-26 19:13:23 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-11-26 19:13:20 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-11-26 19:13:20 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-11-26 19:13:10 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-11-26 19:13:09 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-11-26 19:13:03 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-11-26 19:13:03 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-11-26 19:13:01 ----N---- C:\WINDOWS\system32\slserv.exe
2008-11-26 19:13:01 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-11-26 19:13:01 ----N---- C:\WINDOWS\slrundll.exe
2008-11-26 19:13:00 ----N---- C:\WINDOWS\system32\slgen.dll
2008-11-26 19:13:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-11-26 19:13:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-11-26 19:12:58 ----N---- C:\WINDOWS\system32\setupn.exe
2008-11-26 19:12:53 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-11-26 19:12:51 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-11-26 19:12:50 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-11-26 19:12:50 ----N---- C:\WINDOWS\system32\qutil.dll
2008-11-26 19:12:48 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-11-26 19:12:48 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-11-26 19:12:48 ----N---- C:\WINDOWS\system32\qagent.dll
2008-11-26 19:12:45 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-11-26 19:12:43 ----N---- C:\WINDOWS\system32\onex.dll
2008-11-26 19:12:36 ----N---- C:\WINDOWS\system32\napstat.exe
2008-11-26 19:12:35 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-11-26 19:12:35 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-11-26 19:12:35 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-11-26 19:12:34 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-11-26 19:12:34 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-11-26 19:12:34 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-11-26 19:12:34 ----N---- C:\WINDOWS\system32\mssha.dll
2008-11-26 19:12:16 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-11-26 19:12:15 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-11-26 19:12:15 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-11-26 19:12:15 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-11-26 19:12:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-11-26 19:12:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-11-26 19:12:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-11-26 19:12:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-11-26 19:12:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-11-26 19:12:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-11-26 19:11:53 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-11-26 19:11:52 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-11-26 19:11:49 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-11-26 19:11:40 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-11-26 19:11:35 ----A---- C:\WINDOWS\002946_.tmp
2008-11-26 19:11:34 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-11-26 19:11:33 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-11-26 19:11:27 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-11-26 19:11:27 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-11-26 19:11:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-11-26 19:11:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-11-26 19:11:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-11-26 19:11:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-11-26 19:11:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-11-26 19:11:22 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-11-26 19:11:22 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-11-26 19:11:21 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-11-26 19:11:14 ----N---- C:\WINDOWS\system32\credssp.dll
2008-11-26 19:11:01 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-11-26 19:11:01 ----N---- C:\WINDOWS\system32\azroles.dll
2008-11-26 19:11:00 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-11-26 19:11:00 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-11-26 19:11:00 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-11-26 19:11:00 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-11-26 19:10:59 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-11-26 19:10:59 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-11-26 19:10:59 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-11-26 19:10:49 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-11-26 17:37:14 ----RA---- C:\WINDOWS\system32\lvci1110.dll
2008-11-26 17:37:14 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2008-11-26 17:37:14 ----A---- C:\WINDOWS\system32\LVUI2.dll
2008-11-26 17:37:14 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2008-11-26 17:37:13 ----A---- C:\WINDOWS\system32\lvcodec2.dll
2008-11-26 17:26:27 ----R---- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2008-11-26 17:24:08 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-11-26 17:24:05 ----D---- C:\Program Files\Logitech
2008-11-26 17:24:05 ----D---- C:\Program Files\Common Files\LogiShrd
2008-11-26 17:23:01 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-11-26 17:12:20 ----D---- C:\Program Files\PeerGuardian2
2008-11-26 17:02:09 ----D---- C:\Program Files\WinRAR
2008-11-26 16:58:30 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-26 16:54:30 ----D---- C:\WINDOWS\ie7updates
2008-11-26 16:54:11 ----D---- C:\WINDOWS\WBEM
2008-11-26 16:54:10 ----D---- C:\WINDOWS\system32\en-US
2008-11-26 16:53:25 ----HDC---- C:\WINDOWS\ie7
2008-11-26 16:53:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-26 16:53:07 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-26 16:52:49 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-11-26 16:52:05 ----D---- C:\WINDOWS\network diagnostic
2008-11-26 16:45:59 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-26 16:16:07 ----N---- C:\WINDOWS\kb913800.exe
2008-11-26 16:13:51 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-26 16:10:12 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-26 16:07:49 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-26 16:07:49 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-26 16:07:48 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-11-26 16:07:48 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-26 16:07:48 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-26 15:43:52 ----D---- C:\Program Files\Kaspersky Lab
2008-11-26 15:43:52 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-11-26 15:36:10 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-11-26 15:35:53 ----D---- C:\Program Files\Messenger Plus! Live
2008-11-26 15:32:20 ----D---- C:\WINDOWS\Sun
2008-11-26 15:32:20 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2008-11-26 15:27:46 ----D---- C:\Program Files\Microsoft
2008-11-26 15:27:12 ----D---- C:\Program Files\Windows Live
2008-11-26 15:25:09 ----D---- C:\Program Files\Common Files\Windows Live
2008-11-26 15:18:58 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-11-26 15:18:51 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-11-26 15:18:18 ----D---- C:\WINDOWS\Internet Logs
2008-11-26 15:14:56 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-11-26 15:07:34 ----D---- C:\Program Files\uTorrent
2008-11-26 15:07:15 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-11-26 14:51:50 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-11-26 14:51:47 ----D---- C:\Program Files\Mozilla Firefox
2008-11-26 13:57:53 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-11-25 04:11:20 ----A---- C:\WINDOWS\RtlRack.ini
2008-11-25 03:57:38 ----D---- C:\Program Files\Common Files\Ahead
2008-11-25 03:55:21 ----D---- C:\WINDOWS\pss
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-11-25 03:50:43 ----N---- C:\WINDOWS\system32\px.dll
2008-11-25 03:50:40 ----D---- C:\Program Files\Winamp
2008-11-25 03:50:40 ----D---- C:\Documents and Settings\Owner\Application Data\Winamp
2008-11-25 03:47:31 ----D---- C:\Program Files\Common Files\Stardock
2008-11-25 03:46:21 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-25 02:08:23 ----A---- C:\WINDOWS\msoffice.ini
2008-11-25 02:02:52 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
2008-11-25 02:02:24 ----ASH---- C:\Documents and Settings\Owner\Application Data\desktop.ini
2008-11-25 02:02:23 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-11-25 02:02:23 ----D---- C:\Documents and Settings\Owner\Application Data\You've Got Pictures Screensaver
2008-11-25 02:02:23 ----D---- C:\Documents and Settings\Owner\Application Data\Identities
2008-11-25 01:55:13 ----SHD---- C:\RECYCLER
2008-11-25 01:49:24 ----A---- C:\WINDOWS\POWERCFG.EXE
2008-11-25 01:49:17 ----D---- C:\Program Files\CyberLink
2008-11-25 01:48:39 ----D---- C:\Program Files\MSN Encarta Plus
2008-11-25 01:48:10 ----D---- C:\WINDOWS\Downloaded Installations
2008-11-25 01:47:28 ----D---- C:\Program Files\Common Files\Nullsoft
2008-11-25 01:47:18 ----A---- C:\WINDOWS\unvise32qt.exe
2008-11-25 01:47:14 ----D---- C:\Program Files\QuickTime
2008-11-25 01:47:14 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-11-25 01:47:10 ----D---- C:\My Music
2008-11-25 01:47:07 ----D---- C:\Program Files\Common Files\Real
2008-11-25 01:47:02 ----A---- C:\WINDOWS\system32\Msstdfmt.dll
2008-11-25 01:47:02 ----A---- C:\WINDOWS\system32\aamd532.dll
2008-11-25 01:47:01 ----A---- C:\WINDOWS\system32\SimpleRegistry.dll
2008-11-25 01:46:57 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-11-25 01:46:32 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-11-25 01:46:19 ----D---- C:\Program Files\Common Files\Roxio Shared
2008-11-25 01:46:11 ----D---- C:\Documents and Settings\All Users\Application Data\Napster
2008-11-25 01:45:47 ----D---- C:\WINDOWS\nview
2008-11-25 01:45:47 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-11-25 01:45:39 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-11-25 01:45:29 ----D---- C:\Program Files\Realtek Sound Manager
2008-11-25 01:45:28 ----D---- C:\Program Files\AvRack
2008-11-25 01:45:28 ----A---- C:\WINDOWS\avrack.ini
2008-11-25 01:45:24 ----D---- C:\Program Files\Realtek AC97
2008-11-25 01:45:24 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2008-11-25 01:45:23 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-25 01:45:23 ----A---- C:\WINDOWS\soundman.exe
2008-11-25 01:45:22 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-25 01:45:22 ----A---- C:\WINDOWS\alcupd.exe
2008-11-25 01:45:22 ----A---- C:\WINDOWS\alcrmv.exe
2008-11-25 01:44:39 ----A---- C:\WINDOWS\system32\atl71.dll
2008-11-25 01:44:33 ----D---- C:\Program Files\Adobe
2008-11-25 01:44:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-25 01:44:22 ----A---- C:\WINDOWS\system32\Marker32.exe
2008-11-25 01:44:14 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-25 01:44:14 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-25 01:44:14 ----A---- C:\WINDOWS\system32\java.exe
2008-11-25 01:43:55 ----D---- C:\Program Files\Java
2008-11-25 01:43:55 ----D---- C:\Program Files\Common Files\Java
2008-11-25 01:43:44 ----A---- C:\WINDOWS\wallpg.exe
2008-11-25 01:42:22 ----D---- C:\Program Files\Google
2008-11-25 01:42:07 ----A---- C:\WINDOWS\BigFixClientOverride.dll
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\PCDLIB32.DLL
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\ochlp30e.dll
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\msvcr70.dll
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\msvcp70.dll
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\msvci70.dll
2008-11-25 01:41:56 ----RA---- C:\WINDOWS\system32\msls2.dll
2008-11-25 01:41:55 ----RA---- C:\WINDOWS\system32\Ltwvc11n.dll
2008-11-25 01:41:55 ----RA---- C:\WINDOWS\system32\ltfil11n.DLL
2008-11-25 01:41:55 ----RA---- C:\WINDOWS\system32\Lfpng11n.dll
2008-11-25 01:41:55 ----RA---- C:\WINDOWS\system32\lfgif11n.dll
2008-11-25 01:41:55 ----RA---- C:\WINDOWS\system32\hlp95en.dll
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LTKRN11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LTIMG11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LTDIS11n.dll
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFWMF11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFTIF11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFTGA11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFPSD11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFPCX11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFPCD11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFFAX11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFEPS11N.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFCMP11n.DLL
2008-11-25 01:41:55 ----A---- C:\WINDOWS\system32\LFBMP11N.DLL
2008-11-25 01:41:39 ----D---- C:\Documents and Settings\All Users\Application Data\Prism Deploy
2008-11-25 01:41:38 ----D---- C:\Program Files\Common Files\New Boundary
2008-11-25 01:41:30 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-11-25 01:41:29 ----A---- C:\WINDOWS\system32\nvusmb.exe
2008-11-25 01:41:22 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-25 01:41:20 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-11-25 01:41:19 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-25 01:39:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-11-25 01:39:27 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-25 01:39:10 ----D---- C:\Program Files\CONEXANT
2008-11-25 01:38:49 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-11-25 01:37:45 ----SHD---- C:\System Volume Information
2008-11-25 00:43:03 ----HD---- C:\WINDOWS\PIF
2008-11-25 00:18:46 ----D---- C:\Documents and Settings\Owner\Application Data\Ahead
2008-11-25 00:13:36 ----D---- C:\Program Files\UltraISO
2008-11-25 00:13:36 ----D---- C:\Program Files\Common Files\EZB Systems
2008-11-25 00:11:00 ----N---- C:\WINDOWS\system32\msxml3a.dll
2008-11-25 00:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2008-11-25 00:09:34 ----D---- C:\Program Files\Ahead
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-11-24 12:29:57 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-11-24 12:29:56 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-11-24 12:29:55 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-11-24 12:29:54 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nview.dll
2008-11-24 12:29:53 ----A---- C:\WINDOWS\system32\nvhwvid.dll
2008-11-24 12:29:52 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-11-24 12:29:50 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-11-24 12:29:49 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-11-24 12:29:49 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-11-24 12:29:49 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-11-24 12:29:49 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-11-24 12:29:49 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-11-24 12:29:47 ----A---- C:\WINDOWS\system32\keystone.exe
2008-11-24 12:28:01 ----A---- C:\WINDOWS\system32\nvconrm.dll
2008-11-24 12:28:00 ----A---- C:\WINDOWS\system32\fdco1ins.dll
2008-11-24 12:28:00 ----A---- C:\WINDOWS\system32\fdco1.dll
2008-11-24 12:28:00 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2008-11-24 12:28:00 ----A---- C:\WINDOWS\system32\bdco1.dll
2008-11-24 11:43:17 ----D---- C:\WINDOWS\creator
2008-11-24 11:43:16 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-11-24 11:43:16 ----A---- C:\WINDOWS\system32\HSFCI011.dll
2008-11-24 11:43:15 ----D---- C:\WINDOWS\SMINST
2008-11-24 11:42:30 ----D---- C:\WINDOWS\I386
2008-11-24 11:42:18 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2008-11-24 11:42:15 ----A---- C:\WINDOWS\system32\wowfax.dll
2008-11-24 11:42:08 ----A---- C:\WINDOWS\system32\usrvpa.dll
2008-11-24 11:42:05 ----A---- C:\WINDOWS\system32\usrvoica.dll
2008-11-24 11:42:02 ----A---- C:\WINDOWS\system32\usrv80a.dll
2008-11-24 11:41:59 ----A---- C:\WINDOWS\system32\usrv42a.dll
2008-11-24 11:41:56 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2008-11-24 11:41:53 ----A---- C:\WINDOWS\system32\usrshuta.exe
2008-11-24 11:41:50 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2008-11-24 11:41:47 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2008-11-24 11:41:44 ----A---- C:\WINDOWS\system32\usrprbda.exe
2008-11-24 11:41:41 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2008-11-24 11:41:38 ----A---- C:\WINDOWS\system32\usrlbva.dll
2008-11-24 11:41:35 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2008-11-24 11:41:32 ----A---- C:\WINDOWS\system32\usrdtea.dll
2008-11-24 11:41:29 ----A---- C:\WINDOWS\system32\usrdpa.dll
2008-11-24 11:41:26 ----A---- C:\WINDOWS\system32\usrcoina.dll
2008-11-24 11:41:23 ----A---- C:\WINDOWS\system32\usrcntra.dll
2008-11-24 11:41:23 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-24 11:41:20 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2008-11-24 11:41:17 ----A---- C:\WINDOWS\system32\streamci.dll
2008-11-24 11:41:17 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-24 11:41:14 ----A---- C:\WINDOWS\system32\sprio800.dll
2008-11-24 11:41:11 ----A---- C:\WINDOWS\system32\sprio600.dll
2008-11-24 11:41:07 ----A---- C:\WINDOWS\system32\spnike.dll
2008-11-24 11:41:02 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-11-24 11:41:02 ----A---- C:\WINDOWS\system32\pid.dll
2008-11-24 11:41:00 ----A---- C:\WINDOWS\system32\paqsp.dll
2008-11-24 11:40:56 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-11-24 11:40:55 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-11-24 11:40:51 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-11-24 11:40:46 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2008-11-24 11:40:44 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-11-24 11:40:44 ----A---- C:\WINDOWS\system32\hid.dll
2008-11-24 11:40:42 ----A---- C:\WINDOWS\system32\dvdplay.exe
2008-11-24 11:39:57 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-11-24 11:39:55 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-11-24 11:21:45 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-11-24 11:21:42 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-11-24 11:21:41 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshisn.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wship6.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshext.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wshatm.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wscript.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\write.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wowexec.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wowdeb.exe
2008-11-24 11:21:40 ----A---- C:\WINDOWS\system32\wow32.dll
2008-11-24 11:21:38 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-11-24 11:21:38 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-11-24 11:21:38 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-11-24 11:21:37 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2008-11-24 11:21:37 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-11-24 11:21:37 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-11-24 11:21:37 ----A---- C:\WINDOWS\system32\wmpencen.dll
2008-11-24 11:21:36 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-11-24 11:21:36 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-11-24 11:21:36 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-11-24 11:21:36 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-11-24 11:21:34 ----A---- C:\WINDOWS\system32\wmiscmgr.dll
2008-11-24 11:21:34 ----A---- C:\WINDOWS\system32\wmiprop.dll
2008-11-24 11:21:33 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-11-24 11:21:33 ----A---- C:\WINDOWS\system32\wmi.dll
2008-11-24 11:21:33 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-11-24 11:21:33 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winver.exe
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winstrm.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winsta.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winspool.exe
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winsock.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winscard.dll
2008-11-24 11:21:32 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-11-24 11:21:31 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\winhlp32.exe
2008-11-24 11:21:30 ----A---- C:\WINDOWS\winhelp.exe
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winnls.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winmsd.exe
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winmm.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winmine.exe
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\wininet.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-11-24 11:21:30 ----A---- C:\WINDOWS\system32\winhlp32.exe
2008-11-24 11:21:29 ----A---- C:\WINDOWS\system32\winfax.dll
2008-11-24 11:21:29 ----A---- C:\WINDOWS\system32\winchat.exe
2008-11-24 11:21:29 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-11-24 11:21:29 ----A---- C:\WINDOWS\system32\win87em.dll
2008-11-24 11:21:29 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\win.com
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wifeman.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiavusd.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-11-24 11:21:28 ----A---- C:\WINDOWS\system32\wextract.exe
2008-11-24 11:21:27 ----A---- C:\WINDOWS\system32\webvw.dll
2008-11-24 11:21:27 ----A---- C:\WINDOWS\system32\webhits.dll
2008-11-24 11:21:27 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-11-24 11:21:27 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-11-24 11:21:27 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\w32topl.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\w32tm.exe
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\w32time.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\vwipxspx.exe
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\vwipxspx.dll
2008-11-24 11:21:24 ----A---- C:\WINDOWS\system32\vss_ps.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\vmmreg32.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vssadmin.exe
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vjoy.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vga64k.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vga256.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vga.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\version.dll
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\verifier.exe
2008-11-24 11:21:23 ----A---- C:\WINDOWS\system32\verifier.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\ver.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\vcdex.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\utilman.exe
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\utildll.dll
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-11-24 11:21:22 ----A---- C:\WINDOWS\system32\usp10.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\userinit.exe
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\userenv.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\user32.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\user.exe
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\url.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\ureg.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\ups.exe
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-11-24 11:21:21 ----A---- C:\WINDOWS\system32\upnp.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\untfs.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\unlodctr.exe
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-11-24 11:21:20 ----A---- C:\WINDOWS\system32\ulib.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\twunk_32.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\twunk_16.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\twain_32.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\twain.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\ufat.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\typeperf.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\typelib.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\txflog.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\twext.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tskill.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-11-24 11:21:19 ----A---- C:\WINDOWS\system32\tsd32.dll
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tscon.exe
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tree.com
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\traffic.dll
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tracert6.exe
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tracert.exe
2008-11-24 11:21:18 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\toolhelp.dll
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-11-24 11:21:17 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\themeui.dll
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tftp.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\telnet.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcpmon.ini
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\taskman.exe
2008-11-24 11:21:15 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapiui.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapiperf.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\tapi.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-11-24 11:21:14 ----A---- C:\WINDOWS\system32\systray.exe
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\syskey.exe
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\sysinv.dll
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\sysedit.exe
2008-11-24 11:21:13 ----A---- C:\WINDOWS\system32\syncui.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\synceng.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\syncapp.exe
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\sxs.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\swprv.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\svcpack.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\svchost.exe
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\subst.exe
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\storage.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\stobject.dll
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\stimon.exe
2008-11-24 11:21:12 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-11-24 11:21:11 ----A---- C:\WINDOWS\system32\sti.dll
2008-11-24 11:21:11 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-24 11:21:11 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-11-24 11:21:11 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\sqlwid.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-11-24 11:21:10 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-11-24 11:21:09 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-11-24 11:21:09 ----A---- C:\WINDOWS\system32\sprestrt.exe
2008-11-24 11:21:07 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-11-24 11:21:07 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-11-24 11:21:07 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-11-24 11:21:07 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-11-24 11:21:07 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-24 11:21:06 ----A---- C:\WINDOWS\system32\sort.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\sol.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\softpub.dll
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\smss.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-11-24 11:21:05 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\slbcsp.dll
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\skeys.exe
2008-11-24 11:21:04 ----A---- C:\WINDOWS\system32\skdll.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\sisbkup.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shgina.dll
2008-11-24 11:21:03 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\shell32.dll
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\shell.dll
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\share.exe
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\shadow.exe
2008-11-24 11:21:02 ----A---- C:\WINDOWS\system32\sfmapi.dll
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\sfc.exe
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\sfc.dll
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\setver.exe
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\setupdll.dll
2008-11-24 11:21:01 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\setup.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sethc.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\services.msc
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\services.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\serialui.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\senscfg.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sens.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\security.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\secur32.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\secpol.msc
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\secedit.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sdpblb.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-11-24 11:21:00 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scriptpw.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scredir.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\schannel.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scecli.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\sccbase.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scardssp.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\sc.exe
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\savedump.exe
2008-11-24 11:20:59 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-11-24 11:20:58 ----A---- C:\WINDOWS\system32\samlib.dll
2008-11-24 11:20:58 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-24 11:20:58 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-24 11:20:58 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-24 11:20:58 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\runonce.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\runas.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rtm.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsvp.ini
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsvp.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsopprov.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsop.msc
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsmui.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsmsink.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsm.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsh.exe
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsfsaps.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-11-24 11:20:57 ----A---- C:\WINDOWS\system32\rpcns4.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\routetab.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\routemon.exe
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\route.exe
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\rnr20.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\riched32.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\riched20.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\rexec.exe
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\resutils.dll
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\reset.exe
2008-11-24 11:20:56 ----A---- C:\WINDOWS\system32\replace.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rend.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\relog.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regwiz.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regini.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regedt32.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\regapi.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\reg.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\redir.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\recover.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rcp.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rastls.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rasser.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rasrad.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-11-24 11:20:55 ----A---- C:\WINDOWS\regedit.exe
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasmxs.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasmontr.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasman.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasdial.exe
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasctrs.ini
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasctrs.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\raschap.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasautou.exe
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-11-24 11:20:54 ----A---- C:\WINDOWS\system32\query.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qosname.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qedit.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qdv.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qcap.dll
2008-11-24 11:20:53 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\pubprn.vbs
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\psnppagn.dll
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\pschdprf.ini
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\pschdprf.dll
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\psbase.dll
2008-11-24 11:20:52 ----A---- C:\WINDOWS\system32\psapi.dll
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\proquota.exe
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\progman.exe
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\profmap.dll
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prodspec.ini
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prnqctl.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prnport.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prnmngr.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prnjobs.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prndrvr.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prncnfg.vbs
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\printui.dll
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\print.exe
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-11-24 11:20:47 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-11-24 11:20:46 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\polstore.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\pmspl.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\plustab.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\ping6.exe
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\ping.exe
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\pifmgr.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-11-24 11:20:46 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfwci.ini
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfts.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfos.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfnw.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfmon.msc
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perffilt.ini
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\perfci.ini
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\pentnt.exe
2008-11-24 11:20:45 ----A---- C:\WINDOWS\system32\pdh.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\pathping.exe
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\panmap.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\pagefileconfig.vbs
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\packager.exe
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\p2p.dll
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\osuninst.exe
2008-11-24 11:20:43 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-11-24 11:20:42 ----N---- C:\WINDOWS\system32\oleaut32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\osk.exe
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olethk32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olesvr32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olesvr.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\olecli.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\oleacc.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\ole32.dll
2008-11-24 11:20:42 ----A---- C:\WINDOWS\system32\ole2nls.dll
2008-11-24 11:20:41 ----A---- C:\WINDOWS\system32\ole2disp.dll
2008-11-24 11:20:41 ----A---- C:\WINDOWS\system32\ole2.dll
2008-11-24 11:20:41 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-11-24 11:20:37 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-11-24 11:20:36 ----N---- C:\WINDOWS\system32\occache.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-11-24 11:20:36 ----A---- C:\WINDOWS\system32\objsel.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\oakley.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwscript.exe
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwevent.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwcfg.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nwapi16.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\nw16.exe
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-11-24 11:20:35 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-11-24 11:20:34 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2008-11-24 11:20:34 ----A---- C:\WINDOWS\system32\ntsd.exe
2008-11-24 11:20:34 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntlanui.dll
2008-11-24 11:20:33 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-11-24 11:20:32 ----A---- C:\WINDOWS\system32\ntdsbcli.dll
2008-11-24 11:20:32 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-11-24 11:20:31 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-11-24 11:20:31 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-11-24 11:20:30 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-11-24 11:20:30 ----A---- C:\WINDOWS\system32\npptools.dll
2008-11-24 11:20:30 ----A---- C:\WINDOWS\system32\notepad.exe
2008-11-24 11:20:30 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-24 11:20:30 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-11-24 11:20:30 ----A---- C:\WINDOWS\notepad.exe
2008-11-24 11:20:29 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2008-11-24 11:20:29 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\newdev.dll
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\netui2.dll
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\netui1.dll
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\netui0.dll
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\netstat.exe
2008-11-24 11:20:28 ----A---- C:\WINDOWS\system32\netsh.exe
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netrap.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netmsg.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netman.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netid.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\neth.dll
2008-11-24 11:20:27 ----A---- C:\WINDOWS\system32\netevent.dll
2008-11-24 11:20:26 ----A---- C:\WINDOWS\system32\netdde.exe
2008-11-24 11:20:26 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-11-24 11:20:26 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-11-24 11:20:26 ----A---- C:\WINDOWS\system32\netapi.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\net1.exe
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\net.exe
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\nbtstat.exe
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\narrhook.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\narrator.exe
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-11-24 11:20:25 ----A---- C:\WINDOWS\system32\mycomput.dll
2008-11-24 11:20:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-24 11:20:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-24 11:20:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-24 11:20:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-24 11:20:24 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-11-24 11:20:23 ----N---- C:\WINDOWS\system32\msxml3r.dll
2008-11-24 11:20:23 ----N---- C:\WINDOWS\system32\msxml3.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\msxmlr.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\msxml2r.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\msxml.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\mswstr10.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-11-24 11:20:23 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\mswdat10.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvideo.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvidc32.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcp50.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-11-24 11:20:22 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-11-24 11:20:21 ----N---- C:\WINDOWS\system32\mstime.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\msutb.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\msswchx.exe
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\msswch.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mssip32.dll
2008-11-24 11:20:21 ----A---- C:\WINDOWS\system32\mssign32.dll
2008-11-24 11:20:20 ----N---- C:\WINDOWS\system32\msrating.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\mssap.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrecr40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msrclr40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msratelc.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msr2c.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msports.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-11-24 11:20:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-24 11:20:19 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-24 11:20:19 ----A---- C:\WINDOWS\system32\msobjs.dll
2008-11-24 11:20:18 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msls31.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msjter40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-11-24 11:20:12 ----A---- C:\WINDOWS\system32\msisip.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msimsg.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msidntld.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msidle.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msident.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\msi.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-11-24 11:20:11 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\mshta.exe
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\msgina.dll
2008-11-24 11:20:10 ----A---- C:\WINDOWS\system32\msg.exe
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msencode.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\system32\msdart.dll
2008-11-24 11:20:09 ----A---- C:\WINDOWS\msdfmap.ini
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msctf.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\mscms.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\mscat32.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msaudite.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-11-24 11:20:08 ----A---- C:\WINDOWS\system32\msafd.dll
2008-11-24 11:20:07 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-11-24 11:20:07 ----A---- C:\WINDOWS\system32\msacm.dll
2008-11-24 11:20:07 ----A---- C:\WINDOWS\system32\msaatext.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mrinfo.exe
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqperf.ini
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqperf.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqise.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqgentr.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqcertui.dll
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-11-24 11:20:06 ----A---- C:\WINDOWS\system32\mqad.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mprui.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mprmsg.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mprddm.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mpr.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mpnotify.exe
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-11-24 11:20:05 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-11-24 11:20:04 ----A---- C:\WINDOWS\system32\mountvol.exe
2008-11-24 11:20:04 ----A---- C:\WINDOWS\system32\moricons.dll
2008-11-24 11:20:04 ----A---- C:\WINDOWS\system32\more.com
2008-11-24 11:20:04 ----A---- C:\WINDOWS\system32\modex.dll
2008-11-24 11:20:04 ----A---- C:\WINDOWS\system32\modemui.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mode.com
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mmutilse.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mmsystem.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mmdrv.dll
2008-11-24 11:20:03 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mmc.exe
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mll_qic.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mll_hp.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mlang.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\migpwd.exe
2008-11-24 11:20:02 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\midimap.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\mfc42u.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-11-24 11:20:01 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-11-24 11:20:00 ----A---- C:\WINDOWS\system32\mfc40.dll
2008-11-24 11:20:00 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-11-24 11:20:00 ----A---- C:\WINDOWS\system32\mem.exe
2008-11-24 11:19:59 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mdhcp.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciole32.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciole16.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mcicda.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mcd32.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\mapistub.dll
2008-11-24 11:19:58 ----A---- C:\WINDOWS\system32\makecab.exe
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\magnify.exe
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\mag_hook.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lzexpand.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lz32.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lsass.exe
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lprmonui.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lpr.exe
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lpq.exe
2008-11-24 11:19:57 ----A---- C:\WINDOWS\system32\lpk.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\logonui.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\logoff.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\logman.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\login.cmd
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\loghours.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\lodctr.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\locator.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\localui.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\localspl.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\localsec.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\loadfix.com
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\lnkstub.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\lights.exe
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-11-24 11:19:56 ----A---- C:\WINDOWS\system32\licdll.dll
2008-11-24 11:19:55 ----A---- C:\WINDOWS\system32\langwrbk.dll
2008-11-24 11:19:17 ----A---- C:\WINDOWS\system32\label.exe
2008-11-24 11:19:17 ----A---- C:\WINDOWS\system32\krnl386.exe
2008-11-24 11:19:17 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-11-24 11:19:17 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kdcom.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdycl.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdycc.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbduzb.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdusx.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdusr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdusl.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdus.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdur.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbduk.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdtat.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsw.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsp.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsl.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsg.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdsf.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdru1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdru.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdro.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdpo.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdpl.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdno.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdne.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdmon.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdmac.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdlv.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdlt.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdla.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdit142.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdit.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdir.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdic.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhu.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhept.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdhe.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdgr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdgae.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdfr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdfo.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdfi.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdfc.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdest.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdes.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbddv.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdda.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdcz.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdcr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdcan.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdca.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdbu.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdbr.dll
2008-11-24 11:19:16 ----A---- C:\WINDOWS\system32\kbdblr.dll
2008-11-24 11:19:15 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\kbdbene.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\kbdbe.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\kbdazel.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\kbdaze.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\kb16.com
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\jscript.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\jobexec.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\jet500.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\itss.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\itircl.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\irclass.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-11-24 11:19:15 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ir32_32.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxsap.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxrip.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipsec6.exe
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\iprtprio.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\iprop.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-11-24 11:19:14 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\iologmsg.dll
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\inseng.dll
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\input.dll
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\initpki.dll
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\infosoft.dll
2008-11-24 11:19:13 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetcplc.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\imm32.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\imapi.exe
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-11-24 11:19:12 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-24 11:19:11 ----A---- C:\WINDOWS\system32\iissuba.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-11-24 11:19:10 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\ifsutil.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-11-24 11:19:10 ----A---- C:\WINDOWS\system32\idq.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icmui.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icmp.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icm32.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iassvcs.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iassdo.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iassam.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iasrecst.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iasnap.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iashlpr.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iasads.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\iasacct.dll
2008-11-24 11:19:09 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-24 11:19:08 ----A---- C:\WINDOWS\system32\htui.dll
2008-11-24 11:19:08 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-11-24 11:19:08 ----A---- C:\WINDOWS\system32\hticons.dll
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hostname.exe
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hnetmon.dll
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-11-24 11:19:07 ----A---- C:\WINDOWS\system32\hlink.dll
2008-11-24 11:19:06 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-11-24 11:19:06 ----A---- C:\WINDOWS\system32\help.exe
2008-11-24 11:19:06 ----A---- C:\WINDOWS\hh.exe
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\graphics.com
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\graftabl.com
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gpupdate.exe
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gptext.dll
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2008-11-24 11:19:05 ----A---- C:\WINDOWS\system32\gpedit.msc
2008-11-24 11:19:04 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\glu32.dll
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\glmf32.dll
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\getuname.dll
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\getmac.exe
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-11-24 11:19:03 ----A---- C:\WINDOWS\system32\gdi.exe
2008-11-24 11:19:02 ----A---- C:\WINDOWS\system32\gcdef.dll
2008-11-24 11:19:02 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-11-24 11:19:02 ----A---- C:\WINDOWS\system32\ftsrch.dll
2008-11-24 11:19:02 ----A---- C:\WINDOWS\system32\ftp.exe
2008-11-24 11:19:02 ----A---- C:\WINDOWS\system32\fsutil.exe
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fsusd.dll
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\freecell.exe
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\format.com
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fontview.exe
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-11-24 11:19:01 ----A---- C:\WINDOWS\system32\fontext.dll
2008-11-24 11:19:00 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fmifs.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fixmapi.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\finger.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\findstr.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\find.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\feclient.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fde.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fc.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\fastopen.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\exts.dll
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-11-24 11:19:00 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\expand.exe
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\exe2bin.exe
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventvwr.msc
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventvwr.exe
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventquery.vbs
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-11-24 11:18:59 ----A---- C:\WINDOWS\system32\eventcls.dll
2008-11-24 11:18:59 ----A---- C:\WINDOWS\explorer.exe
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\esentutl.exe
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\esentprf.ini
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\esentprf.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\esent97.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\esent.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\es.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\encapi.dll
2008-11-24 11:18:58 ----A---- C:\WINDOWS\system32\els.dll
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\edlin.exe
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\edit.com
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-11-24 11:18:57 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\duser.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dswave.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dssec.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsound.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\dsauth.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2008-11-24 11:18:56 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\drwatson.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\drprov.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpwsock.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpserial.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-11-24 11:18:55 ----A---- C:\WINDOWS\system32\dplay.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dosx.exe
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\doskey.exe
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\docprop.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmocx.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmintf.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmime.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmdskres.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmconfig.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmband.dll
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2008-11-24 11:18:54 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\dispex.dll
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskperf.exe
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskcopy.com
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\diskcomp.com
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\dinput.dll
2008-11-24 11:18:52 ----A---- C:\WINDOWS\system32\dimap.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\digest.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\diantz.exe
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\diactfrm.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-11-24 11:18:51 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dfrgres.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dfrg.msc
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\devmgmt.msc
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\devenum.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\deskperf.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\deskmon.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\deskadp.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\defrag.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\debug.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\ddeml.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-11-24 11:18:50 ----A---- C:\WINDOWS\system32\dbgeng.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\datime.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\danim.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3dxof.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3drm.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3dramp.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3dim.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-11-24 11:18:49 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-11-24 11:18:48 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\ctl3dv2.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\csseqchk.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\csrss.exe
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cscui.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cscript.exe
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\crtdll.dll
2008-11-24 11:18:47 ----A---- C:\WINDOWS\system32\credui.dll
2008-11-24 11:18:46 ----N---- C:\WINDOWS\system32\corpol.dll
2008-11-24 11:18:46 ----A---- C:\WINDOWS\system32\convert.exe
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\control.exe
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\console.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\conime.exe
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\comres.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\compstui.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\compobj.dll
2008-11-24 11:18:45 ----A---- C:\WINDOWS\system32\compmgmt.msc
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\compatui.dll
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\compact.exe
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\comp.exe
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\commdlg.dll
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\command.com
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-11-24 11:18:40 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\shellstyle.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\comcat.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cnvfat.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmd.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\clb.dll
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\ckcnv.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\cipher.exe
2008-11-24 11:18:39 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\cidaemon.exe
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\cic.dll
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\ciadv.msc
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\ciadmin.dll
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\chkntfs.exe
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\chkdsk.exe
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\chcp.com
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\charmap.exe
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\certmgr.msc
2008-11-24 11:18:38 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\certcli.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cdm.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cards.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\camocx.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\calc.exe
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cacls.exe
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cabview.dll
2008-11-24 11:18:37 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\bthci.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\browseui.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\browser.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\browselc.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\bootvid.dll
2008-11-24 11:18:36 ----A---- C:\WINDOWS\system32\bootok.exe
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-11-24 11:18:35 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avwav.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avifile.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avicap32.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\avicap.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\autodisc.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\autochk.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\authz.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\audiodev.dll
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\attrib.exe
2008-11-24 11:18:34 ----A---- C:\WINDOWS\system32\atrace.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atl.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\atkctrs.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\at.exe
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2008-11-24 11:18:33 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-11-24 11:18:26 ----A---- C:\WINDOWS\system32\asferror.dll
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\arp.exe
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\append.exe
2008-11-24 11:18:24 ----A---- C:\WINDOWS\system32\apcups.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\amstream.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\alg.exe
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\ahui.exe
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\advpack.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\adsnds.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-11-24 11:18:23 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\adptif.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\admparse.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\activeds.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\aclui.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\acledit.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\acctres.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\aaaamon.dll
2008-11-24 11:18:22 ----A---- C:\WINDOWS\system32\6to4svc.dll

======List of files/folders modified in the last 1 months======

2008-12-23 02:33:27 ----D---- C:\WINDOWS\Temp
2008-12-23 02:14:02 ----D---- C:\WINDOWS\Registration
2008-12-23 02:13:32 ----D---- C:\WINDOWS
2008-12-23 02:12:34 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-23 02:10:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-23 01:20:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-23 01:20:07 ----HD---- C:\WINDOWS\inf
2008-12-23 01:19:17 ----SHD---- C:\WINDOWS\Installer
2008-12-23 01:19:08 ----D---- C:\WINDOWS\system32
2008-12-23 01:07:38 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-20 18:16:22 ----RD---- C:\Program Files
2008-12-20 18:16:13 ----D---- C:\Program Files\Common Files
2008-12-20 08:50:49 ----SH---- C:\boot.ini
2008-12-20 08:50:49 ----A---- C:\WINDOWS\win.ini
2008-12-20 08:50:49 ----A---- C:\WINDOWS\system.ini
2008-12-20 08:24:45 ----SD---- C:\WINDOWS\Tasks
2008-12-20 08:21:38 ----D---- C:\WINDOWS\Debug
2008-12-20 03:27:37 ----D---- C:\WINDOWS\WinSxS
2008-12-19 06:07:10 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 05:24:44 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 03:31:22 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-19 03:31:21 ----RSD---- C:\WINDOWS\assembly
2008-12-19 02:59:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 01:59:24 ----RSD---- C:\WINDOWS\Fonts
2008-12-19 01:25:00 ----D---- C:\WINDOWS\system32\spool
2008-12-19 01:24:42 ----DC---- C:\WINDOWS\system32\dllcache
2008-12-18 23:27:03 ----D---- C:\WINDOWS\system32\DirectX
2008-12-17 15:12:28 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-16 23:17:06 ----D---- C:\WINDOWS\system32\mui
2008-12-16 22:55:40 ----D---- C:\WINDOWS\system32\wbem
2008-12-16 22:49:40 ----D---- C:\WINDOWS\ehome
2008-12-16 15:50:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-11 11:32:23 ----D---- C:\Program Files\Internet Explorer
2008-12-08 20:10:05 ----D---- C:\WINDOWS\security
2008-11-30 22:55:37 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-30 21:13:58 ----D---- C:\WINDOWS\Help
2008-11-30 21:04:26 ----D---- C:\Program Files\Windows Media Player
2008-11-27 16:40:10 ----D---- C:\WINDOWS\pchealth
2008-11-26 21:23:42 ----D---- C:\WINDOWS\system32\Setup
2008-11-26 21:23:42 ----D---- C:\WINDOWS\AppPatch
2008-11-26 21:23:42 ----D---- C:\Program Files\Outlook Express
2008-11-26 21:19:22 ----D---- C:\Program Files\Messenger
2008-11-26 21:15:11 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-26 21:15:10 ----D---- C:\WINDOWS\ime
2008-11-26 21:14:58 ----D---- C:\WINDOWS\system32\usmt
2008-11-26 21:14:51 ----D---- C:\WINDOWS\PeerNet
2008-11-26 21:14:51 ----D---- C:\Program Files\Movie Maker
2008-11-26 21:11:31 ----D---- C:\WINDOWS\system32\Restore
2008-11-26 21:11:31 ----D---- C:\WINDOWS\system32\npp
2008-11-26 21:11:31 ----D---- C:\WINDOWS\mui
2008-11-26 21:11:30 ----D---- C:\WINDOWS\msagent
2008-11-26 21:11:29 ----D---- C:\WINDOWS\srchasst
2008-11-26 21:11:27 ----D---- C:\Program Files\NetMeeting
2008-11-26 21:11:25 ----D---- C:\WINDOWS\system32\Com
2008-11-26 21:11:23 ----D---- C:\Program Files\Windows NT
2008-11-26 21:11:20 ----D---- C:\Program Files\Common Files\System
2008-11-26 21:11:05 ----D---- C:\WINDOWS\system32\oobe
2008-11-26 21:11:03 ----D---- C:\WINDOWS\system
2008-11-26 17:37:13 ----D---- C:\WINDOWS\twain_32
2008-11-26 16:54:16 ----D---- C:\WINDOWS\system32\config
2008-11-26 16:54:05 ----D---- C:\WINDOWS\Media
2008-11-26 16:12:30 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-25 04:01:13 ----D---- C:\Program Files\Online Services
2008-11-25 02:02:22 ----D---- C:\Documents and Settings
2008-11-25 01:55:16 ----D---- C:\WINDOWS\OPTIONS
2008-11-25 01:53:06 ----A---- C:\WINDOWS\system32\emver.ini
2008-11-25 01:49:33 ----D---- C:\WINDOWS\RegisteredPackages
2008-11-24 11:42:23 ----D---- C:\Program Files\Common Files\Services
2008-11-24 11:41:03 ----D---- C:\WINDOWS\system32\ras
2008-11-24 11:40:44 ----D---- C:\WINDOWS\system32\icsxml
2008-11-24 11:40:44 ----D---- C:\WINDOWS\system32\ias
2008-11-24 11:39:51 ----D---- C:\WINDOWS\system32\1033
2008-11-24 11:39:46 ----RD---- C:\WINDOWS\Web
2008-11-24 11:39:30 ----D---- C:\WINDOWS\Cursors
2008-11-24 11:39:28 ----D---- C:\Program Files\xerox
2008-11-24 11:39:24 ----D---- C:\Program Files\Windows Plus
2008-11-24 11:39:24 ----D---- C:\Program Files\MSN Gaming Zone
2008-11-24 11:39:24 ----D---- C:\Program Files\MSN
2008-11-24 11:39:24 ----D---- C:\Program Files\microsoft frontpage
2008-11-24 11:39:23 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-11-24 11:39:23 ----D---- C:\Program Files\Common Files\ODBC
2008-11-24 11:39:23 ----D---- C:\Program Files\Common Files\MSSoap
2008-11-24 11:39:23 ----D---- C:\Drivers
2008-11-24 11:38:58 ----D---- C:\CMPNENTS
2008-11-24 11:38:37 ----D---- C:\WINDOWS\msapps
2008-11-24 11:38:02 ----D---- C:\WINDOWS\Resources
2008-11-24 11:38:01 ----D---- C:\WINDOWS\Provisioning
2008-11-24 11:38:00 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-24 11:37:46 ----SHD---- C:\WINDOWS\CSC
2008-11-24 11:37:46 ----D---- C:\WINDOWS\Driver Cache
2008-11-24 11:37:38 ----D---- C:\WINDOWS\system32\URTTemp
2008-11-24 11:37:37 ----D---- C:\WINDOWS\system32\MsDtc
2008-11-24 11:37:37 ----D---- C:\WINDOWS\system32\Macromed
2008-11-24 11:37:37 ----D---- C:\WINDOWS\system32\IME
2008-11-24 11:37:32 ----D---- C:\WINDOWS\java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-03-07 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-03-07 9464]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-11-26 227344]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-26 3644800]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ATIAVPCI;ATI Unified AVStream service; C:\WINDOWS\system32\DRIVERS\atinavrr.sys [2005-11-09 205568]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848]
R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 42752]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CSRBC01;CSRBC01.Sys CSR test driver; C:\WINDOWS\System32\Drivers\CSRBC01.sys [2004-04-08 83124]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-11-11 206088]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2008-11-27 827392]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2008-11-25 172032]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.05 2008-12-23 02:34:23

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
BlueAntDFU_Z9i-->MsiExec.exe /I{EF64B968-C1E5-403C-8DDC-70893F576D19}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
EphPod-->C:\PROGRA~1\EphPod\UNWISE.EXE C:\PROGRA~1\EphPod\INSTALL.LOG
getPlus® for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Imageshackert 2.0 beta (build 11)-->C:\Program Files\Imageshackert\uninst.exe
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
K-Lite Codec Pack 4.3.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0009 -removeonly
Logitech® Camera Driver-->"C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton PartitionMagic 8.0-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Resident Evil 4 1.10-->"C:\Program Files\Capcom\Resident Evil 4\unins000.exe"
Resident Evil 4 Ultimate Patch-->MsiExec.exe /X{30A1920E-44F3-410E-AB8F-FE43CF2CA33D}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
TVersity Codec Pack 1.2-->C:\Program Files\TVersity Codec Pack\uninst.exe
TVersity Media Server 1.0.0.8 RC5-->C:\Program Files\TVersity\Media Server\uninst.exe
Ulead GIF Animator 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe"
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x0409
Ulead WebRazor Pro 2.0 Full Version-->"C:\WINDOWS\Noslip\Uwrp20f\Setup.exe" -f"Setup.ins"
UltraISO Premium V8.62-->"C:\Program Files\UltraISO\unins000.exe"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Driver Package - Cambridge Silicon Radio (CSRBC01) USB (1/21/2002 1.20.0000.0000)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\csrbc01_CC8A39DB513C669C0A6B8B6AEE25688903E50C2B\csrbc01.inf
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xilisoft 3GP Video Converter-->C:\Program Files\Xilisoft\3GP Video Converter 3\Uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Kaspersky Internet Security
FW: Kaspersky Internet Security

System event log

Computer Name: ECHOPLEX
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Thursday, November 27, 2008 at 3:00 AM:
- Security Update for Windows XP (KB928843)
- Security Update for Windows Media Player 10 for Windows XP (KB936782)
- Security Update for Windows XP (KB944653)
- Security Update for Windows XP (KB944338)
- Security Update for Windows XP (KB914389)
- Update for Windows XP (KB953356)
- Security Update for Windows XP (KB920683)
- Security Update for Windows XP (KB908519)
- Security Update for Windows XP (KB943055)
- Security Update for Windows XP (KB935839)
- Security Update for Windows XP (KB896428)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB956390)
- Security Update for Windows XP (KB955069)
- Security Update for Windows XP (KB913580)
- Security Update for Windows XP (KB958644)
- Security Update for Windows XP (KB908531)
- Security Update for Windows XP (KB938464)
- Security Update for Microsoft .NET Framework, Version 1.0 Service Pack 3 (KB930494)
- Critical Update for Windows XP (KB886185)
- Security Update for Outlook Express for Windows XP (KB951066)
-

Record Number: 410
Source Name: Windows Update Agent
Time Written: 20081126161823.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Thursday, November 27, 2008 at 3:00 AM:
- Security Update for Windows XP (KB928843)
- Security Update for Windows Media Player 10 for Windows XP (KB936782)
- Security Update for Windows XP (KB944653)
- Security Update for Windows XP (KB944338)
- Security Update for Windows XP (KB914389)
- Update for Windows XP (KB953356)
- Security Update for Windows XP (KB920683)
- Security Update for Windows XP (KB908519)
- Security Update for Windows XP (KB943055)
- Security Update for Windows XP (KB935839)
- Security Update for Windows XP (KB896428)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB956390)
- Security Update for Windows XP (KB955069)
- Security Update for Windows XP (KB913580)
- Security Update for Windows XP (KB958644)
- Security Update for Windows XP (KB938464)
- Security Update for Microsoft .NET Framework, Version 1.0 Service Pack 3 (KB930494)
- Critical Update for Windows XP (KB886185)
- Security Update for Outlook Express for Windows XP (KB951066)
- Update for Windows XP (KB922582)
- Update fo

Record Number: 409
Source Name: Windows Update Agent
Time Written: 20081126161818.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Thursday, November 27, 2008 at 3:00 AM:
- Security Update for Windows XP (KB928843)
- Security Update for Windows Media Player 10 for Windows XP (KB936782)
- Security Update for Windows XP (KB944653)
- Security Update for Windows XP (KB944338)
- Security Update for Windows XP (KB914389)
- Update for Windows XP (KB953356)
- Security Update for Windows XP (KB920683)
- Security Update for Windows XP (KB908519)
- Security Update for Windows XP (KB943055)
- Security Update for Windows XP (KB935839)
- Security Update for Windows XP (KB896428)
- Cumulative Security Update for Internet Explorer 6 for Windows XP (KB956390)
- Security Update for Windows XP (KB955069)
- Security Update for Windows XP (KB958644)
- Security Update for Windows XP (KB938464)
- Security Update for Microsoft .NET Framework, Version 1.0 Service Pack 3 (KB930494)
- Critical Update for Windows XP (KB886185)
- Security Update for Outlook Express for Windows XP (KB951066)
- Update for Windows XP (KB922582)
- Update for Windows XP (KB952287)
- Security Update fo

Record Number: 408
Source Name: Windows Update Agent
Time Written: 20081126161818.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Thursday, November 27, 2008 at 3:00 AM:
- Security Update for Windows XP (KB928843)
- Security Update for Windows Media Player 10 for Windows XP (KB936782)
- Security Update for Windows XP (KB944653)
- Security Update for Windows XP (KB944338)
- Security Update for Windows XP (KB914389)
- Update for Windows XP (KB953356)
- Security Update for Windows XP (KB920683)
- Security Update for Windows XP (KB908519)
- Security Update for Windows XP (KB943055)
- Security Update for Windows XP (KB935839)
- Security Update for Windows XP (KB896428)
- Security Update for Windows XP (KB955069)
- Security Update for Windows XP (KB958644)
- Security Update for Windows XP (KB938464)
- Security Update for Microsoft .NET Framework, Version 1.0 Service Pack 3 (KB930494)
- Critical Update for Windows XP (KB886185)
- Security Update for Outlook Express for Windows XP (KB951066)
- Update for Windows XP (KB922582)
- Update for Windows XP (KB952287)
- Security Update for Windows XP with Windows Media Format Runtime 9.5 (KB923689)
- Security Update

Record Number: 407
Source Name: Windows Update Agent
Time Written: 20081126161813.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 18
Message: Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Thursday, November 27, 2008 at 3:00 AM:
- Security Update for Windows XP (KB928843)
- Security Update for Windows Media Player 10 for Windows XP (KB936782)
- Security Update for Windows XP (KB944653)
- Security Update for Windows XP (KB944338)
- Security Update for Windows XP (KB914389)
- Update for Windows XP (KB953356)
- Security Update for Windows XP (KB920683)
- Security Update for Windows XP (KB908519)
- Security Update for Windows XP (KB943055)
- Security Update for Windows XP (KB935839)
- Security Update for Windows XP (KB955069)
- Security Update for Windows XP (KB958644)
- Security Update for Windows XP (KB938464)
- Security Update for Microsoft .NET Framework, Version 1.0 Service Pack 3 (KB930494)
- Critical Update for Windows XP (KB886185)
- Security Update for Outlook Express for Windows XP (KB951066)
- Update for Windows XP (KB922582)
- Update for Windows XP (KB952287)
- Security Update for Windows XP with Windows Media Format Runtime 9.5 (KB923689)
- Security Update for Windows XP (KB957097)
- Security Update

Record Number: 406
Source Name: Windows Update Agent
Time Written: 20081126161807.000000-360
Event Type: information
User:

Application event log

Computer Name: ECHOPLEX
Event Code: 700
Message: msnmsgr (7792) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\nlovewithanangel@hotmail.com\SharingMetadata\Working\database_3E84_5408_8453_C157\dfsr.db'.

Record Number: 895
Source Name: ESENT
Time Written: 20081207140007.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 701
Message: msnmsgr (7792) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\nlovewithanangel@hotmail.com\SharingMetadata\Working\database_3E84_5408_8453_C157\dfsr.db'.

Record Number: 894
Source Name: ESENT
Time Written: 20081207130007.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 700
Message: msnmsgr (7792) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\nlovewithanangel@hotmail.com\SharingMetadata\Working\database_3E84_5408_8453_C157\dfsr.db'.

Record Number: 893
Source Name: ESENT
Time Written: 20081207130007.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 701
Message: msnmsgr (7792) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\nlovewithanangel@hotmail.com\SharingMetadata\Working\database_3E84_5408_8453_C157\dfsr.db'.

Record Number: 892
Source Name: ESENT
Time Written: 20081207120007.000000-360
Event Type: information
User:

Computer Name: ECHOPLEX
Event Code: 700
Message: msnmsgr (7792) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Messenger\nlovewithanangel@hotmail.com\SharingMetadata\Working\database_3E84_5408_8453_C157\dfsr.db'.

Record Number: 891
Source Name: ESENT
Time Written: 20081207120007.000000-360
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:08:12 AM

Posted 01 January 2009 - 02:24 PM

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • After it has finished, two logs will open. Please post the contents of both. log.txt will be maximized and info.txt will be minimized.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

While we are working on your HijackThis log, please:
  • Reply to this thread; do not start another!
  • Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  • Do not run any other tool until instructed to do so!
  • Let me know if any of the links do not work or if any of the tools do not work.
  • Tell me about problems or symptoms that occur during the fix.
  • Do not run any other programs or open any other windows while doing a fix.
  • Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 Jordan09

Jordan09
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:12 AM

Posted 04 January 2009 - 05:12 AM

Ok here is my new logfiles you requested... altho rst is only loading one logfile this time im not sure why


Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2009-01-04 04:09:57
Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (3%) free of 234 GB
Total RAM: 894 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:10:29 AM, on 1/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\Firefox Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.new.rr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\RunServices: [BUNGIE] banzo.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1227737545078
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60D15896-0B1E-4306-BE3D-486C85ABB436}: NameServer = 24.94.163.100,24.94.163.101
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 7881 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2008-12-19 134344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2008-12-19 482424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2008-12-30 1797880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2005-09-18 1421824]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-04-17 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-09-26 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-01 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-09-12 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2008-11-26 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PrismXL"=2
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"usnjsvc"=3
"UleadBurningHelper"=2
"idsvc"=3
"getPlus® Helper"=3

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\1227599193\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1227599193\EE\AOLServiceHost.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\TVersity\Media Server\MediaServer.exe"="C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server"
"C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe"="C:\Program Files\River Past\Video Cleaner Pro\VideoCleaner.exe:*:Enabled:River Past Video Cleaner Pro"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\setup.exe


======List of files/folders created in the last 1 months======

2009-01-03 04:16:59 ----D---- C:\Downloads
2009-01-03 04:16:45 ----D---- C:\Documents and Settings\Owner\Application Data\Orbit
2009-01-03 04:16:42 ----D---- C:\Program Files\Orbitdownloader
2009-01-01 19:18:00 ----D---- C:\Multimedia Files
2009-01-01 19:17:54 ----D---- C:\Program Files\Microsoft GIF Animator
2008-12-31 23:08:35 ----D---- C:\Program Files\Gateway
2008-12-31 23:03:45 ----D---- C:\cabs
2008-12-31 21:38:07 ----A---- C:\WINDOWS\DVDFab.INI
2008-12-31 19:15:16 ----D---- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
2008-12-31 19:14:08 ----D---- C:\Documents and Settings\Owner\Application Data\Vso
2008-12-31 19:14:08 ----A---- C:\Documents and Settings\Owner\Application Data\inst.exe
2008-12-31 19:13:56 ----D---- C:\Program Files\LG Software Innovations
2008-12-31 18:02:23 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-12-31 17:33:21 ----D---- C:\Documents and Settings\Owner\Application Data\DVDFab
2008-12-31 17:14:12 ----D---- C:\Program Files\DVDFab 5
2008-12-30 18:02:35 ----D---- C:\Program Files\Dvd-cloner
2008-12-30 15:51:00 ----D---- C:\Program Files\FLV Player
2008-12-30 13:31:29 ----D---- C:\Documents and Settings\All Users\Application Data\_comodo_
2008-12-30 13:24:57 ----A---- C:\WINDOWS\system32\guard32.dll
2008-12-30 12:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\comodo
2008-12-30 12:51:27 ----D---- C:\Program Files\COMODO
2008-12-29 22:03:14 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-12-27 05:32:14 ----D---- C:\divx
2008-12-26 00:53:01 ----D---- C:\Documents and Settings\Owner\Application Data\DivX
2008-12-25 21:46:18 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-12-25 21:46:18 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-12-25 21:45:56 ----D---- C:\Program Files\DivX
2008-12-25 05:31:27 ----D---- C:\Documents and Settings\Owner\Application Data\SampleView
2008-12-24 14:26:09 ----D---- C:\Program Files\Lavasoft
2008-12-24 14:26:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-24 13:15:04 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-12-23 02:42:33 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-23 02:42:33 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-23 02:42:33 ----A---- C:\WINDOWS\system32\java.exe
2008-12-23 02:42:33 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-23 02:34:03 ----D---- C:\rsit
2008-12-20 18:16:13 ----D---- C:\Program Files\Common Files\Sony Shared
2008-12-20 17:58:50 ----D---- C:\WINDOWS\Minidump
2008-12-20 08:04:28 ----D---- C:\Program Files\Trend Micro
2008-12-20 03:27:36 ----D---- C:\Program Files\MSXML 4.0
2008-12-20 00:55:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-20 00:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-19 05:09:57 ----D---- C:\Program Files\Unlocker
2008-12-19 03:40:15 ----A---- C:\WINDOWS\Irremote.ini
2008-12-19 03:37:19 ----D---- C:\Program Files\Windows Sidebar
2008-12-19 03:20:32 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-12-19 02:58:46 ----D---- C:\Program Files\MSBuild
2008-12-19 02:00:37 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-19 01:26:32 ----D---- C:\Program Files\Reference Assemblies
2008-12-19 01:24:39 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-18 23:26:58 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-18 23:26:58 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-18 23:26:57 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-18 23:26:55 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-18 23:26:55 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-18 23:26:54 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-18 23:26:53 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-18 23:26:52 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-18 23:26:50 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-18 23:26:50 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-18 23:26:47 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-18 23:26:45 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-18 23:26:44 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-18 23:26:43 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-18 23:26:43 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-18 23:26:41 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-18 23:26:40 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-18 23:26:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-18 23:26:38 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-18 23:26:35 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-18 23:26:35 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-18 23:26:30 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-18 23:26:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-18 23:26:26 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-18 23:26:25 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-18 23:26:23 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-18 23:26:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-18 23:26:18 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-18 23:26:18 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-18 23:26:16 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-18 23:26:14 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-12-18 23:26:14 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-18 23:26:12 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-12-18 23:26:12 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-18 23:26:08 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-18 23:26:05 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-18 23:25:57 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-18 23:25:51 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-18 23:25:50 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-18 23:25:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-18 23:25:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-18 23:25:16 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-18 23:25:13 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-18 23:25:11 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-18 23:25:11 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-18 23:25:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-18 23:25:07 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-18 23:25:06 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-18 23:25:05 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-18 23:25:03 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-18 23:25:02 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-18 23:24:58 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-18 23:24:56 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-18 23:24:56 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-18 23:24:54 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-18 23:24:51 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-18 23:24:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-18 23:24:46 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-18 23:24:43 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-18 23:24:41 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-18 23:24:32 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-18 23:18:53 ----D---- C:\WINDOWS\Logs
2008-12-18 23:01:06 ----A---- C:\WINDOWS\system32\libusb0.dll
2008-12-18 22:38:16 ----D---- C:\Program Files\CAPCOM
2008-12-18 21:24:09 ----D---- C:\Program Files\WMV9_VCM
2008-12-18 21:23:59 ----D---- C:\Documents and Settings\Owner\Application Data\River Past G5
2008-12-18 21:23:59 ----D---- C:\Documents and Settings\All Users\Application Data\River Past G5
2008-12-17 20:36:01 ----D---- C:\Program Files\TVersity Codec Pack
2008-12-17 20:34:17 ----D---- C:\Program Files\TVersity
2008-12-17 19:44:50 ----D---- C:\Program Files\AC3Filter
2008-12-17 19:44:33 ----D---- C:\Program Files\Haali
2008-12-16 22:52:37 ----D---- C:\Documents and Settings\Owner\Application Data\Windows Search
2008-12-16 22:47:12 ----D---- C:\Program Files\Windows Desktop Search
2008-12-16 22:47:11 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-12-16 22:28:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-16 16:20:04 ----D---- C:\Documents and Settings\Owner\Application Data\Ulead Systems
2008-12-16 15:53:41 ----D---- C:\Program Files\Common Files\InterVideo
2008-12-16 15:53:29 ----D---- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2008-12-16 15:53:25 ----A---- C:\WINDOWS\system32\IVIresize.dll
2008-12-16 15:52:17 ----D---- C:\Program Files\Windows Media Components
2008-12-16 15:51:18 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-12-16 15:51:18 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-12-15 00:19:11 ----A---- C:\WINDOWS\Wininit.ini
2008-12-15 00:19:09 ----D---- C:\WINDOWS\Ulead.dat
2008-12-15 00:19:08 ----D---- C:\WINDOWS\Noslip
2008-12-15 00:16:49 ----A---- C:\WINDOWS\ULEAD32.INI
2008-12-15 00:16:47 ----D---- C:\Program Files\Ulead Systems
2008-12-14 22:03:26 ----D---- C:\iPod_Control
2008-12-14 22:03:26 ----D---- C:\Contacts
2008-12-14 22:02:59 ----D---- C:\Program Files\EphPod
2008-12-14 21:56:19 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-12-14 21:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-14 19:00:35 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-11 18:18:37 ----D---- C:\Program Files\Symantec
2008-12-10 15:16:39 ----D---- C:\Program Files\Jnes 0.6
2008-12-10 01:16:55 ----D---- C:\Program Files\Common Files\Adobe
2008-12-10 01:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-10 01:13:15 ----D---- C:\Program Files\NOS
2008-12-09 16:09:51 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-12-08 19:57:14 ----D---- C:\Program Files\CCleaner
2008-12-08 04:30:00 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-06 05:52:32 ----D---- C:\Documents and Settings\Owner\Application Data\Media Player Classic
2008-12-06 05:46:02 ----A---- C:\WINDOWS\system32\unrar.dll
2008-12-06 05:46:02 ----A---- C:\WINDOWS\avisplitter.ini
2008-12-06 05:46:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-12-06 05:46:00 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-12-06 05:45:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-12-06 05:45:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-12-06 05:45:58 ----D---- C:\Program Files\K-Lite Codec Pack
2008-12-06 05:15:56 ----D---- C:\Program Files\Xilisoft

======List of files/folders modified in the last 1 months======

2009-01-04 04:10:20 ----D---- C:\Program Files\PeerGuardian2
2009-01-04 04:10:13 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2009-01-04 04:02:03 ----D---- C:\WINDOWS\Temp
2009-01-04 03:46:30 ----D---- C:\Program Files\Mozilla Firefox
2009-01-04 03:33:28 ----D---- C:\WINDOWS\Prefetch
2009-01-03 18:46:04 ----A---- C:\WINDOWS\ModemLog_PCI Soft Data Fax Modem with SmartCP.txt
2009-01-03 17:40:19 ----D---- C:\WINDOWS\Registration
2009-01-03 17:40:13 ----D---- C:\WINDOWS
2009-01-03 17:40:05 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-03 17:38:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 16:26:13 ----RD---- C:\Program Files
2009-01-03 16:26:13 ----D---- C:\Program Files\Common Files
2009-01-03 16:04:37 ----SHD---- C:\WINDOWS\Installer
2009-01-01 19:17:31 ----D---- C:\WINDOWS\system32
2009-01-01 18:01:00 ----SD---- C:\WINDOWS\Tasks
2008-12-31 22:35:23 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-31 21:41:49 ----HD---- C:\WINDOWS\inf
2008-12-31 19:14:21 ----D---- C:\WINDOWS\system32\drivers
2008-12-30 13:16:34 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-12-29 22:04:05 ----DC---- C:\WINDOWS\system32\dllcache
2008-12-29 22:03:57 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-29 22:03:31 ----D---- C:\Program Files\Common Files\LogiShrd
2008-12-29 22:03:18 ----D---- C:\Program Files\Common Files\Logitech
2008-12-28 16:24:38 ----D---- C:\WINDOWS\system32\Restore
2008-12-23 02:42:15 ----D---- C:\Program Files\Java
2008-12-23 02:39:58 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-12-23 01:20:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-23 01:17:19 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-23 01:07:38 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-20 08:50:49 ----SH---- C:\boot.ini
2008-12-20 08:50:49 ----A---- C:\WINDOWS\win.ini
2008-12-20 08:50:49 ----A---- C:\WINDOWS\system.ini
2008-12-20 08:25:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-20 08:21:38 ----D---- C:\WINDOWS\Debug
2008-12-20 03:27:37 ----D---- C:\WINDOWS\WinSxS
2008-12-20 00:36:15 ----D---- C:\WINDOWS\pss
2008-12-19 06:07:10 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-19 06:03:34 ----D---- C:\Program Files\Common Files\Stardock
2008-12-19 03:31:22 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-19 03:31:21 ----RSD---- C:\WINDOWS\assembly
2008-12-19 02:59:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-19 02:00:25 ----D---- C:\WINDOWS\system32\en-US
2008-12-19 01:59:24 ----RSD---- C:\WINDOWS\Fonts
2008-12-19 01:25:00 ----D---- C:\WINDOWS\system32\spool
2008-12-18 23:27:03 ----D---- C:\WINDOWS\system32\DirectX
2008-12-17 15:12:28 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-16 23:17:06 ----D---- C:\WINDOWS\system32\mui
2008-12-16 22:55:40 ----D---- C:\WINDOWS\system32\wbem
2008-12-16 22:49:40 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-16 22:49:40 ----D---- C:\WINDOWS\ehome
2008-12-16 15:50:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-15 00:12:43 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-14 22:22:43 ----D---- C:\My Music
2008-12-14 21:55:03 ----D---- C:\Program Files\QuickTime
2008-12-14 19:03:23 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-12-14 19:03:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-13 00:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 13:10:45 ----D---- C:\Program Files\Winamp
2008-12-12 13:08:24 ----D---- C:\Documents and Settings\Owner\Application Data\Winamp
2008-12-11 11:32:23 ----D---- C:\Program Files\Internet Explorer
2008-12-10 01:18:24 ----D---- C:\Program Files\Adobe
2008-12-09 17:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 20:10:05 ----D---- C:\WINDOWS\security

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-03-07 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-03-07 9464]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-12-30 101776]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-12-30 31504]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-09-26 3644800]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ATIAVPCI;ATI Unified AVStream service; C:\WINDOWS\system32\DRIVERS\atinavrr.sys [2005-11-09 205568]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2005-07-22 231168]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-31 47360]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848]
R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-13 42752]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CSRBC01;CSRBC01.Sys CSR test driver; C:\WINDOWS\System32\Drivers\CSRBC01.sys [2004-04-08 83124]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mxnic;Macronix MX987xx Family Fast Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\mxnic.sys [2001-08-17 19968]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2008-12-30 618232]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-23 152984]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 TVersityMediaServer;TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [2008-11-27 827392]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2008-11-25 172032]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

#4 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:08:12 AM

Posted 06 January 2009 - 06:32 PM

The item(s) below indicate(s) you have installed uTorrent.

C:\Program Files\uTorrent\uTorrent.exe

Since the nature of P2P programs are counter productive to restoring your PC to a healthy state, we ask that you remove P2P file sharing programs prior to our providing you with malware removal assistance. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer.

The people who design and distribute malware will use any method to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular method is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
To remove the P2P program:
  • Click Start > Control Panel.
  • In Control Panel, double-click Add or Remove Programs.
  • In Add or Remove Programs, highlight , click Remove.
  • Close the Add or Remove Programs and the Control Panel windows.
  • Using Windows Explorer (Windows key+e), search for the folder. If the program folder is still there, select/highlight . DELETE it. (File > Delete.) If Windows is not installed on the C drive, replace C:\ with the appropriate drive letter.
  • Close Windows Explorer.
There is a Video showing how to uninstall a program (Grinler) detailing how to add or remove program in Windows for those who find a visual aid appealing. NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

I am not asking you to do remove the P2P program(s) without giving you good reasons for doing so.
  • P2P programs form a direct conduit on to your computer.
  • P2P security measures are easily circumvented.
  • Some P2P programs will share everything on the computer with anyone by default. If your P2P program is not configured correctly, you may be sharing more files than you realize.
  • There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
  • P2P programs have always been a target of malware writers. There are more Viruses, Worms and Trojans being distributed with the downloaded files.
  • P2P programs connected to a network can be used to spread malware, share private documents, or use the file server to both store and forward malware.
  • Many of the files in P2P networks are copyrighted and legal action could result.
  • Pedophiles can use P2P communities to distribute child porn materials or attempt to make contact with children.
  • This article from InfoWorld, Seattle Man Arrested For P To P ID Theft, illustrates perfectly the dangers of a poorly configured P2P program.
  • Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.
  • When you use them, you are downloading software from an unknown source directly onto your computer bypassing your Firewall and Anti-Virus software. Many of these Downloads are being targeted to carry infections.
For more information, please read Malware Removal Forum's Policy regarding P2P programs. P2P (peer to peer) file sharing programs must be removed.

References for the risk of these programs are:If you continue to use P2P programs, you will probably get infected again.

Please uninstall all P2P programs and post a new HijackThis log.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#5 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:08:12 AM

Posted 19 January 2009 - 02:59 PM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users