Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web Search Hijacker


  • This topic is locked This topic is locked
21 replies to this topic

#1 tiloldar

tiloldar

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 23 October 2009 - 06:23 PM

I was infected with Antivirus 2000; but managed to remove it. Now I have the same pages advertising Viagra, Hot Utube videos coming up not matter what search I do. The pages 1-10 etc. return the exact same search results. I'll post the results from hijack this, dds, and root repeal.
Thanks for any help,
Tilo


DDS (Ver_09-10-13.01) - NTFSx86
Run by Owner at 18:56:37.54 on Fri 10/23/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1366 [GMT -4:00]

AV: Trend Micro AntiVirus *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
K:\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [system tool] c:\program files\roeacv\eobgsysguard.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [SunKistEM] c:\program files\digital media reader\shwiconem.exe
mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
mRun: [CHotkey] zHotkey.exe
mRun: [ShowWnd] ShowWnd.exe
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
uPolicies-system: EnableProfileQuota = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\windows\system32\lsp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1252739558828
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256261055968
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-10-22 36368]
R3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-1-23 13952]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-10-22 50704]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-10-22 689416]
S3 PPDrv;Protector Plus Driver (UnRegistered);\??\c:\protector plus\ppdrv.sys --> c:\protector plus\PPDrv.sys [?]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\ppemscan.sys --> c:\protector plus\PPEMSCAN.sys [?]

=============== Created Last 30 ================

2009-10-22 21:59 <DIR> --d----- c:\program files\MSXML 4.0
2009-10-22 21:49 221,184 a------- c:\windows\system32\wmpns.dll
2009-10-22 21:34 153,088 -c------ c:\windows\system32\dllcache\triedit.dll
2009-10-22 21:33 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll
2009-10-22 21:33 128,512 -c------ c:\windows\system32\dllcache\dhtmled.ocx
2009-10-22 21:30 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-10-22 21:30 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb
2009-10-22 21:30 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
2009-10-22 21:30 333,952 -c------ c:\windows\system32\dllcache\srv.sys
2009-10-22 21:29 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-10-22 21:29 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2009-10-22 21:29 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2009-10-22 21:29 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2009-10-22 21:28 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2009-10-22 21:28 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-10-22 21:28 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2009-10-22 18:52 158,224 a------- c:\windows\system32\drivers\tmcomm.sys
2009-10-22 18:52 59,920 a------- c:\windows\system32\drivers\tmactmon.sys
2009-10-22 18:52 50,704 a------- c:\windows\system32\drivers\tmevtmgr.sys
2009-10-22 18:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trend Micro
2009-10-22 18:50 <DIR> --d----- c:\program files\Trend Micro
2009-10-22 18:28 661,808 a------- c:\windows\system32\UfWSC.cpl
2009-10-22 18:28 1,223,832 a------- c:\windows\system32\drivers\vsapint.sys
2009-10-22 18:28 225,808 a------- c:\windows\system32\drivers\tmxpflt.sys
2009-10-22 18:28 89,872 a------- c:\windows\system32\drivers\tmtdi.sys
2009-10-22 18:28 36,368 a------- c:\windows\system32\drivers\tmpreflt.sys
2009-10-17 13:58 178,432 a------- c:\windows\system32\lsp.dll
2009-10-17 13:56 <DIR> --d----- c:\program files\roeacv
2009-10-15 18:54 <DIR> --d----- c:\program files\svuthh
2009-10-12 23:24 <DIR> --d----- c:\program files\common files\Sonic Shared
2009-10-12 23:24 <DIR> --d----- c:\program files\Roxio
2009-09-28 22:36 256 a------- c:\windows\system32\pool.bin
2009-09-28 22:36 <DIR> --d----- c:\docume~1\owner\applic~1\Research In Motion
2009-09-28 20:41 27,136 a----r-- c:\windows\system32\drivers\RimSerial.sys
2009-09-28 20:40 <DIR> --d----- c:\program files\common files\Research In Motion
2009-09-28 20:40 <DIR> --d----- c:\program files\Research In Motion
2009-09-28 20:37 <DIR> --dsh--- c:\windows\ftpcache
2009-09-26 23:20 411,368 a------- c:\windows\system32\deploytk.dll
2009-09-26 23:20 73,728 a------- c:\windows\system32\javacpl.cpl
2009-09-25 00:39 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-09-25 00:37 <DIR> --d----- c:\windows\system32\LogFiles

==================== Find3M ====================

2009-10-20 04:59 406 a------- c:\docume~1\owner\applic~1\wklnhst.dat
2009-09-17 22:22 29,360 a------- c:\windows\_SETUPD_.EXE
2009-09-17 21:57 17,757 a------- c:\windows\cafuweh.exe
2009-09-17 21:57 16,209 a------- c:\windows\ziketoq.dll
2009-09-17 21:57 16,017 a------- c:\program files\common files\ipymu.vbs
2009-09-17 21:57 15,244 a------- c:\program files\common files\ujudezev.db
2009-09-17 21:57 15,148 a------- c:\windows\system32\sycehehise.bin
2009-09-17 21:57 14,965 a------- c:\docume~1\alluse~1\applic~1\ogafiryba.bat
2009-09-17 21:57 13,942 a------- c:\windows\system32\culylumav.reg
2009-09-17 21:57 12,918 a------- c:\docume~1\alluse~1\applic~1\vupylibo.scr
2009-09-17 21:57 11,352 a------- c:\windows\system32\luvad.exe
2009-09-17 21:57 11,120 a------- c:\windows\odevel.bat
2009-09-17 21:57 10,327 a------- c:\docume~1\alluse~1\applic~1\enipa.vbs
2009-09-12 19:49 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-09-11 10:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-04 17:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-29 04:08 916,480 a------- c:\windows\system32\wininet.dll
2009-08-26 04:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-17 03:04 2,173,472 a------- c:\windows\system32\nvcplui.exe
2009-08-17 03:04 81,920 a------- c:\windows\system32\nvwddi.dll
2009-08-17 03:03 3,170,304 a------- c:\windows\system32\nvwss.dll
2009-08-17 03:03 4,026,368 a------- c:\windows\system32\nvvitvs.dll
2009-08-17 03:03 1,286,144 a------- c:\windows\system32\nvmobls.dll
2009-08-17 03:03 188,416 a------- c:\windows\system32\nvmccss.dll
2009-08-17 03:03 3,547,136 a------- c:\windows\system32\nvgames.dll
2009-08-17 03:03 4,923,392 a------- c:\windows\system32\nvdisps.dll
2009-08-17 03:03 13,877,248 a------- c:\windows\system32\nvcpl.dll
2009-08-17 03:03 168,004 a------- c:\windows\system32\nvsvc32.exe
2009-08-17 03:03 143,360 a------- c:\windows\system32\nvcolor.exe
2009-08-17 03:03 86,016 a------- c:\windows\system32\nvmctray.dll
2009-08-17 03:02 229,376 a------- c:\windows\system32\nvmccs.dll
2009-08-17 00:57 10,457,088 a------- c:\windows\system32\nvoglnt.dll
2009-08-17 00:57 5,845,760 a------- c:\windows\system32\nv4_disp.dll
2009-08-17 00:57 2,189,856 a------- c:\windows\system32\nvcuvid.dll
2009-08-17 00:57 2,002,944 a------- c:\windows\system32\nvcuda.dll
2009-08-17 00:57 1,706,528 a------- c:\windows\system32\nvcuvenc.dll
2009-08-17 00:57 1,597,690 a------- c:\windows\system32\nvdata.bin
2009-08-17 00:57 868,352 a------- c:\windows\system32\nvapi.dll
2009-08-17 00:57 485,920 a------- c:\windows\system32\nvudisp.exe
2009-08-17 00:57 155,648 a------- c:\windows\system32\nvcodins.dll
2009-08-17 00:57 155,648 a------- c:\windows\system32\nvcod.dll
2009-08-14 13:36 70,936 a------- c:\windows\system32\PhysXLoader.dll
2009-08-11 12:35 485,920 a------- c:\windows\system32\NVUNINST.EXE
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-04 11:13 2,145,280 a------- c:\windows\system32\ntoskrnl.exe
2009-08-04 10:20 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe
2009-07-29 00:37 119,808 a------- c:\windows\system32\t2embed.dll
2009-07-29 00:37 81,920 a------- c:\windows\system32\fontsub.dll

============= FINISH: 18:56:58.10 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:02 AM

Posted 31 October 2009 - 10:37 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 31 October 2009 - 11:19 PM

The problem I was asking about seems to have been fixed.
I was having the same results for any search I did, no matter the
search engine. They were obvious advertisements, being viagra,
adult related, etc. I am not sure what solved the problem, could
have been a change in AV ( from Comcast freebee to Trend Micro
or even Malwarebytes help). I appreciate the help even though
it appears to have been fixed.
Thanks for your time,
tilo

Attached Files



#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:02 PM

Posted 01 November 2009 - 03:13 AM

Hello, tiloldar
Welcome to the Bleeping Computer Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.

If you do not make a reply in 5 days, we will have to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.




Let's see if there are some leftovers :(.




  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#5 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 01 November 2009 - 02:17 PM

Tom,
Thanks very much, I appreciate your time.
I'll add the logs here, as opposed to uploading it.
Please let me know if you would rather I upload it
for ease in reading, etc.
Tilo

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-11-01 14:10:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 102 GB (67%) free of 153 GB
Total RAM: 2046 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:11:10 PM, on 11/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Browser Helper Object - {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} - C:\Program Files\Shared\lib.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gateway.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1252739558828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256261055968
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/html - {b7fe5f65-9a23-40c3-b6f0-05a160e8059f} - C:\WINDOWS\batmeter16.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 7521 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ISP signup reminder 1.job
C:\WINDOWS\tasks\ISP signup reminder 2.job
C:\WINDOWS\tasks\ISP signup reminder 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-28 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486}]
Browser Helper Object - C:\Program Files\Shared\lib.dll [2009-10-29 307213]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-11-01 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 73728]
"SunKistEM"=C:\Program Files\Digital Media Reader\shwiconem.exe [2004-03-12 135168]
"mmtask"=c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [2004-01-26 53248]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2004-05-18 543232]
"ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-06 2550272]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-12 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-09-12 122368]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-07 50688]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"BlackBerryAutoUpdate"=C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-08-31 623960]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-10-22 1020248]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-12 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-06-06 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb9b84b8-c01b-11de-9561-001111b5e292}]
shell\AutoRun\command - wscript.exe \SMRTNTKY\script.js


======List of files/folders created in the last 1 months======

2009-11-01 14:10:48 ----D---- C:\rsit
2009-10-31 23:34:53 ----SHD---- C:\Config.Msi
2009-10-31 23:34:10 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-10-31 23:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-29 16:38:45 ----D---- C:\Program Files\Shared
2009-10-28 22:18:26 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-10-28 22:18:25 ----D---- C:\Program Files\Roxio
2009-10-28 21:48:21 ----D---- C:\Documents and Settings\All Users\Application Data\Research In Motion
2009-10-23 18:44:08 ----A---- C:\ComboFix.txt
2009-10-23 18:44:07 ----D---- C:\WINDOWS\Prefetch
2009-10-23 18:34:08 ----D---- C:\WINDOWS\temp
2009-10-23 18:34:07 ----A---- C:\WINDOWS\system32\proquota.exe
2009-10-23 18:29:11 ----A---- C:\Boot.bak
2009-10-23 18:29:07 ----RASHD---- C:\cmdcons
2009-10-23 18:28:38 ----A---- C:\WINDOWS\zip.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWSC.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWREG.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\sed.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\PEV.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\grep.exe
2009-10-23 18:28:33 ----D---- C:\WINDOWS\ERDNT
2009-10-23 18:28:03 ----D---- C:\Qoobox
2009-10-23 18:03:46 ----A---- C:\RootRepeal report 10-23-09 (19-03-46).txt
2009-10-22 21:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-22 21:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-22 20:59:55 ----D---- C:\Program Files\MSXML 4.0
2009-10-22 20:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-22 20:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-22 20:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-22 20:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-22 20:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-22 20:54:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-22 20:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-22 20:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-22 20:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-22 20:51:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-22 20:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-22 20:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-22 20:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-22 20:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-22 20:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-22 20:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-22 20:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-22 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-22 20:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-22 20:49:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-22 20:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-22 20:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-22 20:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-22 20:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-22 20:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-22 20:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-22 20:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-22 20:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-22 20:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-22 20:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-22 20:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-22 20:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-22 20:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-22 20:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-22 20:44:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-22 20:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-22 20:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-22 20:43:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-22 20:43:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-22 20:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-22 20:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-22 20:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-22 20:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-22 20:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-22 20:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-22 20:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-22 20:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-22 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-22 20:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-22 20:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-22 20:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-22 20:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-22 20:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-22 20:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-22 20:30:57 -------- C:\WINDOWS\system32\xpsp4res.dll
2009-10-22 17:51:08 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-10-22 17:50:52 ----D---- C:\Program Files\Trend Micro
2009-10-17 12:56:35 ----D---- C:\Program Files\roeacv
2009-10-16 00:15:31 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-15 17:54:06 ----D---- C:\Program Files\svuthh

======List of files/folders modified in the last 1 months======

2009-11-01 12:39:33 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-01 05:44:47 ----D---- C:\WINDOWS\system32
2009-11-01 05:44:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-01 05:41:21 ----RD---- C:\Program Files
2009-11-01 05:41:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-31 23:57:07 ----D---- C:\Documents and Settings\Owner\Application Data\Canon
2009-10-31 23:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-31 23:37:04 ----SHD---- C:\WINDOWS\Installer
2009-10-31 23:37:03 ----D---- C:\Program Files\Adobe
2009-10-31 23:35:16 ----D---- C:\Program Files\Common Files\Adobe
2009-10-31 23:34:12 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-10-31 23:34:10 ----D---- C:\Program Files\Common Files
2009-10-29 00:53:53 ----D---- C:\WINDOWS
2009-10-28 22:19:48 ----HD---- C:\WINDOWS\inf
2009-10-28 22:19:48 ----D---- C:\WINDOWS\system32\drivers
2009-10-28 22:19:36 ----RSD---- C:\WINDOWS\Fonts
2009-10-28 22:18:29 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-10-28 22:08:26 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-10-28 21:47:39 ----D---- C:\WINDOWS\WinSxS
2009-10-26 18:59:15 ----D---- C:\Program Files\World of Warcraft
2009-10-23 23:00:37 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2009-10-23 19:13:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-23 18:56:21 ----D---- C:\Program Files\Messenger
2009-10-23 18:37:44 ----N---- C:\WINDOWS\system.ini
2009-10-23 18:34:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-23 18:31:57 ----D---- C:\WINDOWS\AppPatch
2009-10-23 18:29:11 ----RASH---- C:\boot.ini
2009-10-23 17:52:48 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-10-22 21:09:54 ----D---- C:\Program Files\Internet Explorer
2009-10-22 21:09:53 ----D---- C:\WINDOWS\system32\wbem
2009-10-22 21:00:14 ----A---- C:\WINDOWS\imsins.BAK
2009-10-22 20:55:12 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-22 20:51:45 ----D---- C:\WINDOWS\ie8updates
2009-10-22 20:49:50 ----D---- C:\Program Files\Outlook Express
2009-10-22 17:45:42 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-22 17:31:17 ----SD---- C:\WINDOWS\Tasks
2009-10-20 15:39:28 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2009-10-19 03:41:09 ----D---- C:\Documents and Settings\Owner\Application Data\Ventrilo
2009-10-16 00:15:46 ----D---- C:\Documents and Settings
2009-10-15 19:31:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-12 22:06:16 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-10-12 22:05:32 ----D---- C:\Program Files\Common Files\Research In Motion
2009-10-04 05:54:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-10-02 13:01:57 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-10-22 89872]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2004-09-10 8552]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-10-22 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-10-22 225808]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-10-22 1223832]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-07-07 2185408]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-09-10 28352]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-16 7729568]
R3 PPJoyBus;Parallel Port Joystick Bus device driver; C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 13952]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-18 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-06-18 220032]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-06-06 730653]
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 SunkFilt39;Alcor Micro Corp - 3239; \??\C:\WINDOWS\System32\Drivers\sunkfilt39.sys []
S3 Sunkfiltp;HP && Alcor Micro Corp for Phison; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys []
S3 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
S3 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-18 685056]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-10-22 715368]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-12 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-10-22 345352]
S3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-10-22 689416]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.06 2009-11-01 14:11:13



======Uninstall list======

-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
-->MsiExec.exe /X{85808CBD-8E3E-4F04-B626-167115874290} /Q
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\Setup.exe" -l0x9
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /I{13333239-0A15-4855-BEEB-0232DAA5B7EA}
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /i{13333239-0A15-4855-BEEB-0232DAA5B7EA}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini
Canon MP500-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{BA4DF4C3-196E-4128-969A-00996B5A46F8}\DelDrv.exe" /U:{BA4DF4C3-196E-4128-969A-00996B5A46F8} /L0x0009
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}
FMS-->C:\Program Files\FMS\Uninstall.exe
GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel® PRO Network Adapters and Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
Java™ 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaFACE II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC1D7AD2-583A-4024-9041-387E8FFA5D8C}\setup.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Picture It! Photo Premium 9-->c:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2000-->MsiExec.exe /I{00170409-78E1-11D2-B60F-006097C998E7}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multimedia Keyboard Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}\Setup.exe" -l0x9
MUSICMATCH® Jukebox-->C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
Parallel Port Joystick-->C:\WINDOWS\unvise32.exe C:\DOCUMENTS AND SETTINGS\OWNER\START MENU\PROGRAMS\GAMES\PPJOY\uninstal.log
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
Roxio Media Manager-->MsiExec.exe /X{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
SmartPropoPlus-->C:\Program Files\FMS\UninstallSPP.exe
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IURSLST5K.inf
Trend Micro AntiVirus-->C:\Program Files\Trend Micro\Internet Security\remove.exe
Trend Micro AntiVirus-->MsiExec.exe /X{9D2B0322-44AE-460E-9283-4D2D7A9205AE}
Update for Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Security center information======

AV: Trend Micro AntiVirus (disabled)

======System event log======

Computer Name: DESKTOP
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Record Number: 2592
Source Name: Service Control Manager
Time Written: 20091004130045.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Record Number: 2561
Source Name: Service Control Manager
Time Written: 20091004064934.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Record Number: 2529
Source Name: Service Control Manager
Time Written: 20091003124529.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Record Number: 2498
Source Name: Service Control Manager
Time Written: 20091003091126.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

Record Number: 2470
Source Name: Service Control Manager
Time Written: 20091002171648.000000-240
Event Type: error
User:

=====Application event log=====

Computer Name: DESKTOP
Event Code: 5603
Message: A provider, OffProv, has been registered in the WMI namespace, Root\MSAPPS, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 58
Source Name: WinMgmt
Time Written: 20090912163650.000000-240
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP
Event Code: 1015
Message: Failed to connect to server. Error: 0x800401F0

Record Number: 37
Source Name: MsiInstaller
Time Written: 20090912034137.000000-240
Event Type: warning
User: DESKTOP\Owner

Computer Name: DESKTOP
Event Code: 1
Message:
Record Number: 28
Source Name: nview_info
Time Written: 20090912032213.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 1
Message:
Record Number: 27
Source Name: nview_info
Time Written: 20090912032213.000000-240
Event Type: error
User:

Computer Name: DESKTOP
Event Code: 1
Message:
Record Number: 26
Source Name: nview_info
Time Written: 20090912032213.000000-240
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

#6 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:02 PM

Posted 01 November 2009 - 03:02 PM

Hi,

please post back with the content of C:\Combofix.txt.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#7 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 01 November 2009 - 03:10 PM

ComboFix 09-10-22.01 - Owner 10/23/2009 19:29.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1422 [GMT -4:00]
Running from: k:\malware removal\ComboFix.exe
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\enipa.vbs
c:\documents and settings\All Users\Application Data\ogafiryba.bat
c:\documents and settings\All Users\Documents\xixeku.bat
c:\documents and settings\All Users\Documents\zunasi.reg
c:\documents and settings\Owner\Application Data\asyqiz.inf
c:\documents and settings\Owner\Application Data\ekogawila.inf
c:\documents and settings\Owner\Cookies\ilumuno.db
c:\documents and settings\Owner\Cookies\oqeraruxy.sys
c:\documents and settings\Owner\Cookies\xohulydofa.db
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\detydu._dl
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\fywy.lib
c:\documents and settings\Owner\Local Settings\Temporary Internet Files\jyhigev.scr
c:\program files\Common Files\ipymu.vbs
c:\windows\cafuweh.exe
c:\windows\gomimy.inf
c:\windows\odevel.bat
c:\windows\system32\culylumav.reg
c:\windows\system32\lsp.dll
c:\windows\ziketoq.dll

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((( Files Created from 2009-09-23 to 2009-10-23 )))))))))))))))))))))))))))))))
.

2009-10-23 23:34 . 2008-04-14 00:12 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2009-10-23 23:34 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-10-23 01:59 . 2009-10-23 01:59 -------- d-----w- c:\program files\MSXML 4.0
2009-10-23 01:49 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-10-23 01:34 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-10-23 01:33 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-23 01:30 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-10-23 01:30 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-23 01:30 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-10-23 01:29 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-23 01:29 . 2008-09-04 17:15 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-10-23 01:29 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-23 01:29 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-10-23 01:28 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-23 01:28 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-23 01:28 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-22 22:52 . 2009-10-22 22:28 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-10-22 22:52 . 2009-10-22 22:28 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-10-22 22:52 . 2009-10-22 22:28 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-10-22 22:51 . 2009-10-22 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-10-22 22:50 . 2009-10-23 22:33 -------- d-----w- c:\program files\Trend Micro
2009-10-22 22:28 . 2009-10-22 22:28 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-10-22 22:28 . 2009-10-22 22:28 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-10-22 22:28 . 2009-10-22 22:28 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-10-22 22:28 . 2009-10-22 22:28 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-10-17 17:56 . 2009-10-17 19:38 -------- d-----w- c:\program files\roeacv
2009-10-16 05:16 . 2009-10-16 05:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-10-16 05:16 . 2009-10-16 05:16 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-10-15 22:54 . 2009-10-16 06:47 -------- d-----w- c:\program files\svuthh
2009-10-13 03:24 . 2009-10-13 03:24 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-13 03:24 . 2009-10-13 03:25 -------- d-----w- c:\program files\Roxio
2009-09-29 02:40 . 2009-09-29 02:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio
2009-09-29 02:40 . 2009-09-29 02:40 -------- d-----w- c:\documents and settings\Owner\Application Data\Roxio
2009-09-29 02:36 . 2009-09-29 02:43 256 ----a-w- c:\windows\system32\pool.bin
2009-09-29 02:36 . 2009-09-29 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Research In Motion
2009-09-29 00:55 . 2009-09-29 00:55 -------- d-----w- c:\documents and settings\Owner\Application Data\InstallShield
2009-09-29 00:54 . 2009-09-29 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-09-29 00:54 . 2009-09-29 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-09-29 00:50 . 2009-10-13 03:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2009-09-29 00:50 . 2009-10-13 03:28 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-09-29 00:41 . 2009-01-09 20:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2009-09-29 00:40 . 2009-10-13 03:05 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-09-29 00:40 . 2009-09-29 00:40 -------- d-----w- c:\program files\Research In Motion
2009-09-29 00:37 . 2009-09-29 00:37 -------- d-sh--w- c:\windows\ftpcache
2009-09-27 03:20 . 2009-09-27 03:20 -------- d-----w- c:\windows\Sun
2009-09-27 03:20 . 2009-09-27 03:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-27 03:20 . 2009-09-27 03:20 -------- d-----w- c:\program files\Java
2009-09-25 04:39 . 2009-09-25 04:39 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-25 04:37 . 2009-09-25 04:38 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-25 04:37 . 2009-09-25 04:37 -------- d-----w- c:\windows\system32\LogFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-22 22:45 . 2009-09-18 02:40 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:39 . 2009-09-12 21:05 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-10-20 08:59 . 2009-09-19 14:56 406 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2009-10-19 08:41 . 2009-09-17 03:43 -------- d-----w- c:\documents and settings\Owner\Application Data\Ventrilo
2009-10-16 00:31 . 2009-09-18 17:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-13 07:38 . 2009-09-15 02:43 -------- d-----w- c:\program files\World of Warcraft
2009-10-13 04:58 . 2009-09-15 06:14 71976 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-04 21:54 . 2009-09-13 19:18 -------- d-----w- c:\documents and settings\Owner\Application Data\AdobeUM
2009-10-04 10:54 . 2009-09-12 21:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-29 00:50 . 2004-09-10 20:36 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-19 14:57 . 2009-09-19 14:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Template
2009-09-19 04:21 . 2009-09-19 04:12 -------- d-----w- c:\program files\FMS
2009-09-19 04:12 . 2009-09-19 04:12 -------- d-----w- c:\program files\RcCad_V2
2009-09-19 03:22 . 2009-09-12 22:53 -------- d-----w- c:\documents and settings\Owner\Application Data\Canon
2009-09-18 17:30 . 2009-09-18 17:30 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-09-18 17:30 . 2009-09-18 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-18 02:22 . 2009-09-18 02:22 29360 ----a-w- c:\windows\_SETUPD_.EXE
2009-09-18 01:57 . 2009-09-18 01:57 18222 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\gozeko.dat
2009-09-18 01:57 . 2009-09-18 01:57 17354 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\hakyky.sys
2009-09-18 01:57 . 2009-09-18 01:57 15244 ----a-w- c:\program files\Common Files\ujudezev.db
2009-09-18 01:57 . 2009-09-18 01:57 15148 ----a-w- c:\windows\system32\sycehehise.bin
2009-09-18 01:57 . 2009-09-18 01:57 12918 ----a-w- c:\documents and settings\All Users\Application Data\vupylibo.scr
2009-09-18 01:57 . 2009-09-18 01:57 11352 ----a-w- c:\windows\system32\luvad.exe
2009-09-17 03:43 . 2009-09-17 03:43 -------- d-----w- c:\program files\Ventrilo
2009-09-17 03:42 . 2009-09-12 07:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-16 04:13 . 2009-09-16 04:13 -------- d-----w- c:\documents and settings\Owner\Application Data\ArcSoft
2009-09-16 04:08 . 2009-09-16 04:08 -------- d-----w- c:\program files\ArcSoft
2009-09-16 04:08 . 2004-09-10 20:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-15 07:43 . 2009-09-15 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-09-15 06:13 . 2009-09-14 06:28 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-15 03:55 . 2009-09-15 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-09-13 19:18 . 2009-09-13 19:18 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-12 23:01 . 2009-09-12 22:58 -------- d-----w- c:\documents and settings\Owner\Application Data\gtk-2.0
2009-09-12 22:50 . 2009-09-12 22:50 -------- d-----w- c:\program files\GIMP-2.0
2009-09-12 22:44 . 2009-09-12 22:44 -------- d-----w- c:\documents and settings\Owner\Application Data\Viewpoint
2009-09-12 22:37 . 2009-09-12 22:37 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2009-09-12 22:37 . 2009-09-12 22:36 -------- d-----w- c:\program files\Canon
2009-09-12 21:05 . 2009-09-12 21:04 -------- d-----w- c:\program files\iTunes
2009-09-12 21:05 . 2009-09-12 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-12 21:04 . 2009-09-12 21:04 -------- d-----w- c:\program files\iPod
2009-09-12 21:04 . 2009-09-12 21:04 -------- d-----w- c:\program files\Bonjour
2009-09-12 21:04 . 2009-09-12 21:03 -------- d-----w- c:\program files\QuickTime
2009-09-12 21:03 . 2009-09-12 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-12 21:03 . 2009-09-12 21:03 -------- d-----w- c:\program files\Apple Software Update
2009-09-12 21:02 . 2009-09-12 21:02 -------- d-----w- c:\program files\Common Files\Apple
2009-09-12 20:35 . 2009-09-12 20:35 -------- d-----w- c:\documents and settings\Owner\Application Data\Microsoft Web Folders
2009-09-12 20:35 . 2004-09-10 20:33 -------- d-----w- c:\program files\microsoft frontpage
2009-09-12 07:44 . 2004-09-10 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-09-12 07:43 . 2004-09-10 20:56 -------- d-----w- c:\program files\BigFix
2009-09-12 07:42 . 2004-09-10 20:55 -------- d-----w- c:\program files\Symantec
2009-09-12 07:42 . 2004-09-10 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-09-12 07:38 . 2009-09-12 07:38 -------- d-----w- c:\program files\Google
2009-09-12 07:18 . 2009-09-12 07:18 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-12 07:17 . 2009-09-12 07:17 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-12 07:17 . 2009-09-12 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-09-12 06:41 . 2009-09-12 06:41 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2009-09-11 14:18 . 2009-09-12 06:30 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 18:54 . 2009-09-18 17:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 18:53 . 2009-09-18 17:30 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2009-09-12 06:30 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2009-09-12 06:33 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2009-09-12 06:32 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 07:04 . 2009-08-17 07:04 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 07:04 . 2009-08-17 07:04 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-08-17 07:03 . 2009-08-17 07:03 3170304 ----a-w- c:\windows\system32\nvwss.dll
2009-08-17 07:03 . 2009-08-17 07:03 4026368 ----a-w- c:\windows\system32\nvvitvs.dll
2009-08-17 07:03 . 2009-08-17 07:03 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-08-17 07:03 . 2009-08-17 07:03 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-08-17 07:03 . 2009-08-17 07:03 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-08-17 07:03 . 2009-08-17 07:03 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-08-17 07:03 . 2009-08-17 07:03 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-08-17 07:03 . 2009-08-17 07:03 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-08-17 07:03 . 2009-08-17 07:03 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-08-17 07:03 . 2009-08-17 07:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-08-17 07:02 . 2009-08-17 07:02 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-08-17 04:57 . 2009-09-12 07:06 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-17 04:57 . 2009-08-17 04:57 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-17 04:57 . 2009-08-17 04:57 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-17 04:57 . 2009-08-17 04:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-17 04:57 . 2009-08-17 04:57 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-08-17 04:57 . 2007-10-09 12:36 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-08-17 04:57 . 2007-10-09 12:36 7729568 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-08-17 04:57 . 2007-10-09 12:36 5845760 ----a-w- c:\windows\system32\nv4_disp.dll
2009-08-17 04:57 . 2007-10-09 12:36 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-08-17 04:57 . 2007-10-09 12:36 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-17 04:57 . 2007-10-09 12:36 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-08-14 17:36 . 2009-08-14 17:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-11 16:35 . 2009-09-12 07:16 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-05 09:01 . 2009-09-12 06:30 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 15:13 . 2004-08-04 06:18 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-04 05:59 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:37 . 2009-09-12 06:32 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2009-09-12 06:28 81920 ----a-w- c:\windows\system32\fontsub.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-12 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-10 155648]
"SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-03-12 135168]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-01-27 53248]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-13 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-12 122368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-07-02 623960]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-04-11 236016]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-10-22 1020248]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-18 61952]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-02 73728]
"CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2004-05-18 543232]
"ShowWnd"="ShowWnd.exe" - c:\windows\ShowWnd.exe [2003-09-19 36864]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2004-07-06 2550272]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [10/22/2009 6:28 PM 36368]
R3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [1/23/2004 4:33 PM 13952]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [10/22/2009 6:52 PM 50704]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [10/22/2009 6:52 PM 689416]
S3 PPDrv;Protector Plus Driver (UnRegistered);\??\c:\protector plus\PPDrv.sys --> c:\protector plus\PPDrv.sys [?]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2009-09-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-09-12 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]

2009-09-12 c:\windows\Tasks\ISP signup reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]

2009-09-12 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-mcmscsvc
SafeBoot-MCODS



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-23 19:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3920)
c:\windows\system32\WININET.dll
c:\program files\Google\Quick Search Box\bin\1.2.1150.158\qsb.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\combofix\CF3711.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-23 19:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-23 23:43

Pre-Run: 110,691,549,184 bytes free
Post-Run: 111,859,425,280 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect

- - End Of File - - FDF0A8992641940A9581F7494BF5F769

#8 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:02 PM

Posted 01 November 2009 - 03:41 PM

Hi,



Step 1

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\documents and settings\Owner\Local Settings\Application Data\gozeko.dat
c:\documents and settings\Owner\Local Settings\Application Data\hakyky.sys
c:\program files\Common Files\ujudezev.db
c:\windows\system32\sycehehise.bin
c:\documents and settings\All Users\Application Data\vupylibo.scr
c:\windows\system32\luvad.exe

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.






Step 2

Please update your version of Malwarebytes, run a quick scan and post back with the content of the logfile.






Please post back with:
  • Combofix-Logfile
  • Malwarebytes-Logfile
  • Fresh RSIT-Logfile

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#9 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 02 November 2009 - 02:42 PM

I am just now noticing a new symptom.
Before, the search results would show up
wherever I was searching (eg. IE search bar,
google.com etc.), now a new window is opening
with the search results coming from scour.com.
Also I should mention, I added another hard drive
from an old computer, I don't know if that had
anything to do with it; but I can easily disconnect
it. I just wanted to search it and back up any info
before I discarded the old pc.
I should be done scanning after doing some running
in a couple of hours and will post the results then.
Thanks,
Tilo

#10 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 02 November 2009 - 04:13 PM

Here are the logs

Attached Files



#11 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:02 PM

Posted 02 November 2009 - 04:45 PM

Hi,

Please don't attach logfiles, just post it here in the thread :(.




1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

DirLook::
c:\program files\roeacv
c:\program files\svuthh

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#12 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 02 November 2009 - 05:38 PM

ComboFix 09-11-01.04 - Owner 11/02/2009 16:59.3.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1576 [GMT -5:00]
Running from: C:\ComboFix.exe
Command switches used :: C:\CFScript.txt
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Shared

.
((((((((((((((((((((((((( Files Created from 2009-10-02 to 2009-11-02 )))))))))))))))))))))))))))))))
.

2009-11-02 00:20 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-02 00:20 . 2009-11-02 20:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-02 00:20 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-02 00:09 . 2009-11-02 19:52 3533547 ----a-r- C:\ComboFix.exe
2009-11-01 19:10 . 2009-11-01 19:11 -------- d-----w- C:\rsit
2009-11-01 04:34 . 2009-11-01 04:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-01 04:33 . 2009-11-01 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-29 03:18 . 2009-10-29 03:18 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-10-29 03:18 . 2009-10-29 03:19 -------- d-----w- c:\program files\Roxio
2009-10-29 02:48 . 2009-10-29 02:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2009-10-23 23:34 . 2008-04-14 00:12 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2009-10-23 23:34 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-10-23 01:59 . 2009-10-23 01:59 -------- d-----w- c:\program files\MSXML 4.0
2009-10-23 01:49 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-10-23 01:34 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-10-23 01:33 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-10-23 01:30 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-10-23 01:30 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-10-23 01:30 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-10-23 01:29 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-23 01:29 . 2008-09-04 17:15 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-10-23 01:29 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-10-23 01:29 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-10-23 01:28 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-10-23 01:28 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-23 01:28 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-10-22 22:52 . 2009-10-22 22:28 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-10-22 22:52 . 2009-10-22 22:28 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-10-22 22:52 . 2009-10-22 22:28 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-10-22 22:51 . 2009-10-22 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-10-22 22:50 . 2009-10-23 22:33 -------- d-----w- c:\program files\Trend Micro
2009-10-22 22:28 . 2009-10-22 22:28 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-10-22 22:28 . 2009-10-22 22:28 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-10-22 22:28 . 2009-10-22 22:28 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-10-22 22:28 . 2009-10-22 22:28 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-10-17 17:56 . 2009-10-17 19:38 -------- d-----w- c:\program files\roeacv
2009-10-16 05:16 . 2009-10-16 05:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-10-16 05:16 . 2009-10-16 05:16 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-10-15 22:54 . 2009-10-16 06:47 -------- d-----w- c:\program files\svuthh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-02 21:44 . 2009-09-15 02:43 -------- d-----w- c:\program files\World of Warcraft
2009-11-02 00:18 . 2009-09-12 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-01 04:57 . 2009-09-12 22:53 -------- d-----w- c:\documents and settings\Owner\Application Data\Canon
2009-11-01 04:35 . 2009-09-13 19:18 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-30 01:15 . 2009-09-15 06:14 71976 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 03:18 . 2009-09-29 00:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2009-10-29 03:08 . 2009-09-29 00:50 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-24 04:00 . 2009-09-13 19:18 -------- d-----w- c:\documents and settings\Owner\Application Data\AdobeUM
2009-10-22 22:45 . 2009-09-18 02:40 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:39 . 2009-09-12 21:05 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-10-20 08:59 . 2009-09-19 14:56 406 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2009-10-19 08:41 . 2009-09-17 03:43 -------- d-----w- c:\documents and settings\Owner\Application Data\Ventrilo
2009-10-13 03:05 . 2009-09-29 00:40 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-10-04 10:54 . 2009-09-12 21:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-29 02:43 . 2009-09-29 02:36 256 ----a-w- c:\windows\system32\pool.bin
2009-09-29 02:40 . 2009-09-29 02:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio
2009-09-29 02:40 . 2009-09-29 02:40 -------- d-----w- c:\documents and settings\Owner\Application Data\Roxio
2009-09-29 02:36 . 2009-09-29 02:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Research In Motion
2009-09-29 00:55 . 2009-09-29 00:55 -------- d-----w- c:\documents and settings\Owner\Application Data\InstallShield
2009-09-29 00:54 . 2009-09-29 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-09-29 00:54 . 2009-09-29 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-09-29 00:50 . 2004-09-10 20:36 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-29 00:40 . 2009-09-29 00:40 -------- d-----w- c:\program files\Research In Motion
2009-09-27 03:20 . 2009-09-27 03:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-27 03:20 . 2009-09-27 03:20 -------- d-----w- c:\program files\Java
2009-09-25 04:39 . 2009-09-25 04:39 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-19 14:57 . 2009-09-19 14:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Template
2009-09-19 04:21 . 2009-09-19 04:12 -------- d-----w- c:\program files\FMS
2009-09-19 04:12 . 2009-09-19 04:12 -------- d-----w- c:\program files\RcCad_V2
2009-09-18 17:30 . 2009-09-18 17:30 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-09-18 17:30 . 2009-09-18 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-18 02:22 . 2009-09-18 02:22 29360 ----a-w- c:\windows\_SETUPD_.EXE
2009-09-17 03:43 . 2009-09-17 03:43 -------- d-----w- c:\program files\Ventrilo
2009-09-17 03:42 . 2009-09-12 07:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-16 04:13 . 2009-09-16 04:13 -------- d-----w- c:\documents and settings\Owner\Application Data\ArcSoft
2009-09-16 04:08 . 2009-09-16 04:08 -------- d-----w- c:\program files\ArcSoft
2009-09-16 04:08 . 2004-09-10 20:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-15 07:43 . 2009-09-15 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-09-15 06:13 . 2009-09-14 06:28 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-15 03:55 . 2009-09-15 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-09-12 23:01 . 2009-09-12 22:58 -------- d-----w- c:\documents and settings\Owner\Application Data\gtk-2.0
2009-09-12 22:50 . 2009-09-12 22:50 -------- d-----w- c:\program files\GIMP-2.0
2009-09-12 22:44 . 2009-09-12 22:44 -------- d-----w- c:\documents and settings\Owner\Application Data\Viewpoint
2009-09-12 22:37 . 2009-09-12 22:37 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2009-09-12 22:37 . 2009-09-12 22:36 -------- d-----w- c:\program files\Canon
2009-09-12 21:05 . 2009-09-12 21:04 -------- d-----w- c:\program files\iTunes
2009-09-12 21:05 . 2009-09-12 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-12 21:04 . 2009-09-12 21:04 -------- d-----w- c:\program files\iPod
2009-09-12 21:04 . 2009-09-12 21:04 -------- d-----w- c:\program files\Bonjour
2009-09-12 21:04 . 2009-09-12 21:03 -------- d-----w- c:\program files\QuickTime
2009-09-12 21:03 . 2009-09-12 21:03 -------- d-----w- c:\program files\Apple Software Update
2009-09-12 21:02 . 2009-09-12 21:02 -------- d-----w- c:\program files\Common Files\Apple
2009-09-12 20:35 . 2009-09-12 20:35 -------- d-----w- c:\documents and settings\Owner\Application Data\Microsoft Web Folders
2009-09-12 20:35 . 2004-09-10 20:33 -------- d-----w- c:\program files\microsoft frontpage
2009-09-12 07:44 . 2004-09-10 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-09-12 07:43 . 2004-09-10 20:56 -------- d-----w- c:\program files\BigFix
2009-09-12 07:42 . 2004-09-10 20:55 -------- d-----w- c:\program files\Symantec
2009-09-12 07:42 . 2004-09-10 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-09-12 07:38 . 2009-09-12 07:38 -------- d-----w- c:\program files\Google
2009-09-12 07:18 . 2009-09-12 07:18 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-12 07:17 . 2009-09-12 07:17 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-12 07:17 . 2009-09-12 07:17 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-09-12 06:41 . 2009-09-12 06:41 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2009-09-11 14:18 . 2009-09-12 06:30 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2009-09-12 06:30 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2009-09-12 06:33 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2009-09-12 06:32 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 07:04 . 2009-08-17 07:04 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 07:04 . 2009-08-17 07:04 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-08-17 07:03 . 2009-08-17 07:03 3170304 ----a-w- c:\windows\system32\nvwss.dll
2009-08-17 07:03 . 2009-08-17 07:03 4026368 ----a-w- c:\windows\system32\nvvitvs.dll
2009-08-17 07:03 . 2009-08-17 07:03 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-08-17 07:03 . 2009-08-17 07:03 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-08-17 07:03 . 2009-08-17 07:03 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-08-17 07:03 . 2009-08-17 07:03 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-08-17 07:03 . 2009-08-17 07:03 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-08-17 07:03 . 2009-08-17 07:03 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-08-17 07:03 . 2009-08-17 07:03 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-08-17 07:03 . 2009-08-17 07:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-08-17 07:02 . 2009-08-17 07:02 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-08-17 04:57 . 2009-09-12 07:06 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-17 04:57 . 2009-08-17 04:57 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-17 04:57 . 2009-08-17 04:57 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-17 04:57 . 2009-08-17 04:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-17 04:57 . 2009-08-17 04:57 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-08-17 04:57 . 2007-10-09 12:36 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-08-17 04:57 . 2007-10-09 12:36 7729568 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-08-17 04:57 . 2007-10-09 12:36 5845760 ----a-w- c:\windows\system32\nv4_disp.dll
2009-08-17 04:57 . 2007-10-09 12:36 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-08-17 04:57 . 2007-10-09 12:36 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-17 04:57 . 2007-10-09 12:36 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-08-14 17:36 . 2009-08-14 17:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-11 16:35 . 2009-09-12 07:16 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-05 09:01 . 2009-09-12 06:30 204800 ----a-w- c:\windows\system32\mswebdvd.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\roeacv ----


---- Directory of c:\program files\svuthh ----



((((((((((((((((((((((((((((( SnapShot@2009-10-23_23.37.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-29 02:49 . 2009-01-09 20:18 27136 c:\windows\system32\ReinstallBackups\0023\DriverFiles\RimSerial.sys
+ 2004-09-10 20:18 . 2009-11-01 10:44 39992 c:\windows\system32\perfc009.dat
- 2004-09-10 20:18 . 2009-10-23 02:15 39992 c:\windows\system32\perfc009.dat
+ 2009-11-01 04:34 . 2009-11-01 04:34 27648 c:\windows\Installer\eccf30.msi
+ 2009-10-29 03:23 . 2009-10-29 03:23 25214 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\NewShortcut4_8E832933A07340209FB8DBADC480B69B.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 25214 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\NewShortcut33_8E832933A07340209FB8DBADC480B69B.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 25214 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\NewShortcut24_8E832933A07340209FB8DBADC480B69B_1.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 25214 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\MediaManager8.exe_8E832933A07340209FB8DBADC480B69B.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 25214 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\ARPPRODUCTICON.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 38400 c:\windows\Installer\{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}\RoxioCentral.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 49152 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 49152 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 49152 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2009-10-29 02:48 . 2009-10-29 02:48 69632 c:\windows\Installer\{13333239-0A15-4855-BEEB-0232DAA5B7EA}\DesktopMgr.exe
+ 2009-10-29 03:23 . 2009-10-29 03:23 3638 c:\windows\Installer\{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}\NewShortcut38_8E832933A07340209FB8DBADC480B69B.exe
- 2009-04-09 05:02 . 2009-04-09 05:02 559600 c:\windows\system32\pxdrv.dll
+ 2009-06-18 05:02 . 2009-06-18 05:02 559600 c:\windows\system32\pxdrv.dll
- 2004-09-10 20:18 . 2009-10-23 02:15 311604 c:\windows\system32\perfh009.dat
+ 2004-09-10 20:18 . 2009-11-01 10:44 311604 c:\windows\system32\perfh009.dat
+ 2004-09-10 13:26 . 2009-10-29 05:51 259048 c:\windows\system32\FNTCACHE.DAT
- 2004-09-10 13:26 . 2009-10-23 02:09 259048 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-30 01:37 . 2009-06-30 01:37 507904 c:\windows\system32\btwapi.dll
- 2009-02-19 21:47 . 2009-02-19 21:47 507904 c:\windows\system32\btwapi.dll
+ 2009-11-01 04:35 . 2009-11-01 04:35 3940352 c:\windows\Installer\ecd00a.msi
+ 2009-10-29 03:23 . 2009-10-29 03:23 1135616 c:\windows\Installer\d799e8.msi
+ 2009-10-29 03:22 . 2009-10-29 03:22 28059648 c:\windows\Installer\d799e7.msi
+ 2009-10-29 02:48 . 2009-10-29 02:48 17000448 c:\windows\Installer\d78efd.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-12 39408]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-10 155648]
"SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-03-12 135168]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-01-27 53248]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-13 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-12 122368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-31 623960]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-10-22 1020248]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-18 61952]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-02 73728]
"CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2004-05-18 543232]
"ShowWnd"="ShowWnd.exe" - c:\windows\ShowWnd.exe [2003-09-19 36864]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2004-07-06 2550272]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [10/22/2009 5:28 PM 36368]
R3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [1/23/2004 3:33 PM 13952]
S3 PPDrv;Protector Plus Driver (UnRegistered);\??\c:\protector plus\PPDrv.sys --> c:\protector plus\PPDrv.sys [?]
S3 PPEMSCAN;Protector Plus Email Scan Driver;\??\c:\protector plus\PPEMSCAN.sys --> c:\protector plus\PPEMSCAN.sys [?]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [10/22/2009 5:52 PM 50704]
S3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [10/22/2009 5:52 PM 689416]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-09-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-09-12 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]

2009-09-12 c:\windows\Tasks\ISP signup reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]

2009-09-12 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2009-09-12 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-02 17:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3108)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-11-02 17:06
ComboFix-quarantined-files.txt 2009-11-02 22:06
ComboFix2.txt 2009-11-02 20:02
ComboFix3.txt 2009-10-23 23:44

Pre-Run: 109,691,195,392 bytes free
Post-Run: 109,733,564,416 bytes free

- - End Of File - - EC9A29E275BBB05995F047471526B8FE

#13 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:05:02 PM

Posted 03 November 2009 - 02:58 PM

Hi,

Please post a fresh RSIT-Logfile for my review. How is your system running right now?
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#14 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 03 November 2009 - 07:23 PM

No problems that I can tell at the moment.
I have not been on alot, so maybe it will
present itself, I am just not sure.
As mentioned in an ealier post, this search
hijacker seemed to have made it past AV,
including McAfee, and then Trend Micro.
And then for no apparent reason, maybe
initial work with Malwarebytes prior to
posting, again, sorry I am just not sure,
it seemed to be solved.
Lastly it appeared by opening a new window
directed to scour.com, whereas before it was
just controlling the returned search results.
All results, including later pages were giving
the same search results.
Here is current RSIT log ran with no open
windows. Oops, it seems someone has
started AV w/o me knowing. I will run it again
w/o any open windows or AV running and post that
next.
Thanks,
Tilo

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-11-03 19:13:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 103 GB (67%) free of 153 GB
Total RAM: 2046 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:14:04 PM, on 11/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gateway.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1252739558828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256261055968
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 7874 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ISP signup reminder 1.job
C:\WINDOWS\tasks\ISP signup reminder 2.job
C:\WINDOWS\tasks\ISP signup reminder 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-02 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-11-01 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 73728]
"SunKistEM"=C:\Program Files\Digital Media Reader\shwiconem.exe [2004-03-12 135168]
"mmtask"=c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [2004-01-26 53248]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2004-05-18 543232]
"ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-06 2550272]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-12 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-09-12 122368]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-07 50688]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"BlackBerryAutoUpdate"=C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-08-31 623960]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-10-22 1020248]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-12 39408]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-06-06 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2009-11-02 17:06:11 ----D---- C:\WINDOWS\temp
2009-11-02 17:06:08 ----A---- C:\ComboFix.txt
2009-11-02 15:02:00 ----A---- C:\log.txt
2009-11-02 14:52:39 ----A---- C:\WINDOWS\MBR.exe
2009-11-01 19:20:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-01 19:09:38 ----RA---- C:\ComboFix.exe
2009-11-01 14:10:48 ----D---- C:\rsit
2009-10-31 23:34:53 ----D---- C:\Config.Msi
2009-10-31 23:34:10 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-10-31 23:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-28 22:18:26 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-10-28 22:18:25 ----D---- C:\Program Files\Roxio
2009-10-28 21:48:21 ----D---- C:\Documents and Settings\All Users\Application Data\Research In Motion
2009-10-23 18:44:07 ----D---- C:\WINDOWS\Prefetch
2009-10-23 18:34:07 ----A---- C:\WINDOWS\system32\proquota.exe
2009-10-23 18:29:11 ----A---- C:\Boot.bak
2009-10-23 18:29:07 ----RASHD---- C:\cmdcons
2009-10-23 18:28:38 ----A---- C:\WINDOWS\zip.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWSC.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWREG.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\sed.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\PEV.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\grep.exe
2009-10-23 18:28:33 ----D---- C:\WINDOWS\ERDNT
2009-10-23 18:28:03 ----D---- C:\Qoobox
2009-10-23 18:03:46 ----A---- C:\RootRepeal report 10-23-09 (19-03-46).txt
2009-10-22 21:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-22 21:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-22 20:59:55 ----D---- C:\Program Files\MSXML 4.0
2009-10-22 20:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-22 20:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-22 20:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-22 20:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-22 20:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-22 20:54:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-22 20:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-22 20:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-22 20:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-22 20:51:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-22 20:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-22 20:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-22 20:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-22 20:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-22 20:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-22 20:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-22 20:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-22 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-22 20:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-22 20:49:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-22 20:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-22 20:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-22 20:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-22 20:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-22 20:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-22 20:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-22 20:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-22 20:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-22 20:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-22 20:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-22 20:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-22 20:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-22 20:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-22 20:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-22 20:44:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-22 20:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-22 20:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-22 20:43:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-22 20:43:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-22 20:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-22 20:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-22 20:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-22 20:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-22 20:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-22 20:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-22 20:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-22 20:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-22 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-22 20:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-22 20:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-22 20:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-22 20:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-22 20:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-22 20:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-22 20:30:57 -------- C:\WINDOWS\system32\xpsp4res.dll
2009-10-22 17:51:08 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-10-22 17:50:52 ----D---- C:\Program Files\Trend Micro
2009-10-17 12:56:35 ----D---- C:\Program Files\roeacv
2009-10-16 00:15:31 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-15 17:54:06 ----D---- C:\Program Files\svuthh
2009-09-28 21:40:01 ----D---- C:\Documents and Settings\Owner\Application Data\Roxio
2009-09-28 21:36:47 ----D---- C:\Documents and Settings\Owner\Application Data\Research In Motion
2009-09-28 19:55:04 ----D---- C:\Documents and Settings\Owner\Application Data\InstallShield
2009-09-28 19:54:35 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-09-28 19:54:29 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-28 19:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-28 19:50:16 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-09-28 19:40:22 ----D---- C:\Program Files\Common Files\Research In Motion
2009-09-28 19:40:17 ----D---- C:\Program Files\Research In Motion
2009-09-28 19:37:48 ----SHD---- C:\WINDOWS\ftpcache
2009-09-26 22:20:59 ----D---- C:\WINDOWS\Sun
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\java.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-09-26 22:20:10 ----D---- C:\Program Files\Java
2009-09-26 22:19:49 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2009-09-24 23:40:53 -------- C:\WINDOWS\system32\spmsg.dll
2009-09-24 23:40:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-24 23:39:58 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-24 23:39:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-24 23:38:02 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-24 23:37:01 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-24 23:36:55 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-23 01:05:08 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-19 09:57:02 ----D---- C:\Documents and Settings\Owner\Application Data\Template
2009-09-18 23:12:17 ----D---- C:\Program Files\FMS
2009-09-18 23:12:00 ----D---- C:\Program Files\RcCad_V2
2009-09-18 12:30:39 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2009-09-18 12:30:31 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-17 21:40:23 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-17 21:22:51 ----A---- C:\WINDOWS\_SETUPD_.EXE
2009-09-17 14:52:20 ----D---- C:\WINDOWS\ie8updates
2009-09-17 14:51:46 ----D---- C:\WINDOWS\WBEM
2009-09-17 14:50:41 ----HDC---- C:\WINDOWS\ie8
2009-09-17 14:47:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-17 14:45:44 ----D---- C:\downloaded programs
2009-09-16 22:43:26 ----D---- C:\Documents and Settings\Owner\Application Data\Ventrilo
2009-09-16 22:43:17 ----D---- C:\Program Files\Ventrilo
2009-09-16 22:43:08 ----A---- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-09-16 22:37:24 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-09-15 23:13:42 ----D---- C:\Documents and Settings\Owner\Application Data\ArcSoft
2009-09-15 23:08:09 ----D---- C:\Program Files\ArcSoft
2009-09-15 23:08:09 ----A---- C:\WINDOWS\PS_setup.ini
2009-09-15 23:08:08 ----A---- C:\WINDOWS\pcdlib32.dll
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTWND80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTTWN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTTHK80W.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTKRN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTIMG80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTFIL80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTEFX80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTANN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFWPG80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFWMF80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFAVI80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\VBAJET.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\ODBCJT16.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\NPPLG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFWFX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFTIF80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFTGA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFRAS80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPSD80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPNG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCT80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCD80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFMSP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFMAC80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFLMB80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFLMA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFKODAK.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFIMG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFICA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFGIF80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFPX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFPX7.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFAX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFEPS80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFDIC80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFCMP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFCAL80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFBMP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFAWD80N.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\MSJT3032.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\DAO350.DLL
2009-09-15 01:35:59 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2009-09-14 22:55:56 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2009-09-14 21:43:39 ----D---- C:\Program Files\World of Warcraft
2009-09-14 01:28:23 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2009-09-13 14:18:34 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2009-09-13 14:18:02 ----D---- C:\Program Files\Common Files\Adobe
2009-09-12 18:45:49 ----D---- C:\WINDOWS\system32\en-us
2009-09-12 18:45:48 ----D---- C:\WINDOWS\system32\scripting
2009-09-12 18:45:47 ----D---- C:\WINDOWS\l2schemas
2009-09-12 18:45:46 ----D---- C:\WINDOWS\system32\en
2009-09-12 18:45:46 ----D---- C:\WINDOWS\system32\bits
2009-09-12 18:39:43 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-12 18:35:44 ----D---- C:\WINDOWS\network diagnostic
2009-09-12 18:31:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-09-12 18:31:08 ----D---- C:\WINDOWS\EHome
2009-09-12 17:58:47 ----D---- C:\Documents and Settings\Owner\Application Data\gtk-2.0
2009-09-12 17:56:20 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-12 17:53:29 ----D---- C:\Documents and Settings\Owner\Application Data\Canon
2009-09-12 17:50:15 ----D---- C:\Program Files\GIMP-2.0
2009-09-12 17:44:49 ----D---- C:\Documents and Settings\Owner\Application Data\Viewpoint
2009-09-12 17:37:43 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2009-09-12 17:37:39 ----A---- C:\WINDOWS\system32\CNMVS7L.DLL
2009-09-12 17:37:38 ----A---- C:\WINDOWS\system32\CNMLM7L.DLL
2009-09-12 17:36:00 ----D---- C:\Program Files\Canon
2009-09-12 17:35:24 ----HD---- C:\WINDOWS\system32\CanonMP Uninstaller Information
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCL500.DLL
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\cncisco.dll
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCI500.DLL
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCC500.DLL
2009-09-12 17:35:15 ----D---- C:\CanonMP
2009-09-12 16:05:14 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2009-09-12 16:05:02 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-09-12 16:04:49 ----D---- C:\Program Files\iPod
2009-09-12 16:04:45 ----D---- C:\Program Files\iTunes
2009-09-12 16:04:45 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-12 16:04:28 ----D---- C:\Program Files\Bonjour
2009-09-12 16:03:38 ----D---- C:\Program Files\QuickTime
2009-09-12 16:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-12 16:03:27 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-09-12 16:03:14 ----D---- C:\Program Files\Apple Software Update
2009-09-12 16:03:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-12 16:03:08 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-09-12 16:02:56 ----D---- C:\Program Files\Common Files\Apple
2009-09-12 16:02:55 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-09-12 16:01:37 ----A---- C:\WINDOWS\unvise32.exe
2009-09-12 15:44:56 ----D---- C:\Audio
2009-09-12 15:37:00 ----A---- C:\WINDOWS\ODBC.INI
2009-09-12 15:36:22 ----D---- C:\Program Files\Common Files\Designer
2009-09-12 15:36:09 ----D---- C:\WINDOWS\ShellNew
2009-09-12 15:35:31 ----D---- C:\Documents and Settings\Owner\Application Data\Microsoft Web Folders
2009-09-12 02:53:46 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2009-09-12 02:43:59 ----A---- C:\WINDOWS\msoffice.ini
2009-09-12 02:38:13 ----D---- C:\Documents and Settings\Owner\Application Data\Google
2009-09-12 02:38:02 ----D---- C:\Program Files\Google
2009-09-12 02:38:02 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-09-12 02:18:43 ----D---- C:\WINDOWS\system32\AGEIA
2009-09-12 02:18:42 ----D---- C:\Program Files\AGEIA Technologies
2009-09-12 02:18:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-12 02:17:57 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-12 02:17:54 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2009-09-12 02:16:44 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-12 02:16:43 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-12 02:16:42 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-12 02:16:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-12 02:16:22 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-09-12 02:15:05 ----D---- C:\NVIDIA
2009-09-12 02:15:03 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wups2.dll
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-09-12 02:13:11 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-12 02:13:11 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-09-12 02:08:02 ----D---- C:\RECYCLER
2009-09-12 02:06:10 ----D---- C:\WINDOWS\nview
2009-09-12 02:06:10 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-09-12 01:44:02 ----SHD---- C:\System Volume Information
2009-09-12 01:40:51 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2009-09-12 01:40:50 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2009-09-12 01:40:40 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2009-09-12 01:40:31 ----A---- C:\WINDOWS\system32\wowfax.dll
2009-09-12 01:40:15 ----A---- C:\WINDOWS\system32\usrvpa.dll
2009-09-12 01:40:06 ----A---- C:\WINDOWS\system32\usrvoica.dll
2009-09-12 01:39:58 ----A---- C:\WINDOWS\system32\usrv80a.dll
2009-09-12 01:39:49 ----A---- C:\WINDOWS\system32\usrv42a.dll
2009-09-12 01:39:40 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2009-09-12 01:39:32 ----A---- C:\WINDOWS\system32\usrshuta.exe
2009-09-12 01:39:23 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2009-09-12 01:39:14 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2009-09-12 01:39:06 ----A---- C:\WINDOWS\system32\usrprbda.exe
2009-09-12 01:38:57 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2009-09-12 01:38:48 ----A---- C:\WINDOWS\system32\usrlbva.dll
2009-09-12 01:38:40 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2009-09-12 01:38:31 ----A---- C:\WINDOWS\system32\usrdtea.dll
2009-09-12 01:38:23 ----A---- C:\WINDOWS\system32\usrdpa.dll
2009-09-12 01:38:14 ----A---- C:\WINDOWS\system32\usrcoina.dll
2009-09-12 01:38:05 ----A---- C:\WINDOWS\system32\usrcntra.dll
2009-09-12 01:38:04 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-12 01:37:54 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2009-09-12 01:37:46 ----A---- C:\WINDOWS\system32\streamci.dll
2009-09-12 01:37:44 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-12 01:37:36 ----A---- C:\WINDOWS\system32\sprio800.dll
2009-09-12 01:37:28 ----A---- C:\WINDOWS\system32\sprio600.dll
2009-09-12 01:37:14 ----A---- C:\WINDOWS\system32\spnike.dll
2009-09-12 01:37:08 ----A---- C:\WINDOWS\system32\pjlmon.dll
2009-09-12 01:37:07 ----A---- C:\WINDOWS\system32\pid.dll
2009-09-12 01:37:00 ----A---- C:\WINDOWS\system32\paqsp.dll
2009-09-12 01:36:53 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-09-12 01:36:40 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2009-09-12 01:36:38 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-12 01:36:37 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2009-09-12 01:36:33 ----A---- C:\WINDOWS\system32\hid.dll
2009-09-12 01:36:28 ----A---- C:\WINDOWS\system32\dvdplay.exe
2009-09-12 01:34:28 ----A---- C:\WINDOWS\system32\dmutil.dll
2009-09-12 01:34:24 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2009-09-12 01:33:41 ----D---- C:\WINDOWS\SMINST
2009-09-12 01:33:26 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-09-12 01:33:23 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-09-12 01:33:23 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2009-09-12 01:33:22 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xcopy.exe
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-09-12 01:33:21 -------- C:\WINDOWS\system32\xmlprov.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-12 01:33:20 -------- C:\WINDOWS\system32\wuauclt.exe
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wsock32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshrm.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wship6.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshext.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshcon.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshbth.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wscript.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\ws2help.dll
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\write.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wpabaln.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wow32.dll
2009-09-12 01:33:18 -------- C:\WINDOWS\system32\wscntfy.exe
2009-09-12 01:33:18 -------- C:\WINDOWS\system32\ws2_32.dll
2009-09-12 01:33:17 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-09-12 01:33:17 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmpui.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-09-12 01:33:14 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpcore.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpcd.dll
2009-09-12 01:33:12 ----A---- C:\WINDOWS\system32\wmpasf.dll
2009-09-12 01:33:10 ----A---- C:\WINDOWS\system32\wmp.dll
2009-09-12 01:33:10 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2009-09-12 01:33:08 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmi.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmerror.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winver.exe
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsta.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsrv.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winspool.exe
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsock.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winshfhc.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winscard.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winrnr.dll
2009-09-12 01:33:04 ----A---- C:\WINDOWS\system32\winntbbu.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winnls.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmm.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmine.exe
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winipsec.dll
2009-09-12 01:33:01 -------- C:\WINDOWS\system32\winlogon.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\winhlp32.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\winhelp.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winhlp32.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winfax.dll
2009-09-12 01:33:00 -------- C:\WINDOWS\system32\wininet.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\winchat.exe
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\winbrand.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\win87em.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\win.com
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiavideo.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiashext.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiascr.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiadefui.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\wextract.exe
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\webvw.dll
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\webhits.dll
2009-09-12 01:32:55 ----A---- C:\WINDOWS\system32\webclnt.dll
2009-09-12 01:32:55 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-09-12 01:32:54 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-09-12 01:32:50 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w3ssl.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32time.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssvc.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-09-12 01:32:48 ----A---- C:\WINDOWS\vmmreg32.dll
2009-09-12 01:32:48 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga256.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\version.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\verifier.exe
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\verifier.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\ver.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vbajet32.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\utilman.exe
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\utildll.dll
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\usp10.dll
2009-09-12 01:32:45 -------- C:\WINDOWS\system32\userinit.exe
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\userenv.dll
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\user.exe
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\usbmon.dll
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-09-12 01:32:44 -------- C:\WINDOWS\system32\user32.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\url.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\ureg.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\ups.exe
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnpcont.exe
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnp.dll
2009-09-12 01:32:43 -------- C:\WINDOWS\system32\upnphost.dll
2009-09-12 01:32:42 ----A---- C:\WINDOWS\system32\untfs.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\uniplat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\unimdmat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\ulib.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\ufat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\typelib.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twunk_32.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twunk_16.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twain_32.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twain.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\txflog.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\twext.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tskill.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsddd.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscon.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tree.com
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\traffic.dll
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tracert.exe
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tourstart.exe
2009-09-12 01:32:36 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-09-12 01:32:33 ----A---- C:\WINDOWS\system32\themeui.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tftp.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\termmgr.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\telnet.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmon.ini
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmib.dll
2009-09-12 01:32:32 -------- C:\WINDOWS\system32\termsrv.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\taskman.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapi3.dll
2009-09-12 01:32:31 -------- C:\WINDOWS\system32\tapisrv.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\tapi.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\systray.exe
2009-09-12 01:32:28 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-09-12 01:32:28 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\syskey.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\syncui.dll
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\synceng.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\sxs.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\swprv.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-09-12 01:32:26 -------- C:\WINDOWS\system32\svchost.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\subst.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\storage.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\stobject.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\stimon.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\sti.dll
2009-09-12 01:32:24 ----A---- C:\WINDOWS\system32\stclient.dll
2009-09-12 01:32:23 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-09-12 01:32:23 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-09-12 01:32:23 -------- C:\WINDOWS\system32\ssdpsrv.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-09-12 01:32:22 -------- C:\WINDOWS\system32\srsvc.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spnpinst.exe
2009-09-12 01:32:20 -------- C:\WINDOWS\system32\spoolsv.exe
2009-09-12 01:32:19 ----A---- C:\WINDOWS\system32\spider.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\sort.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\sol.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\softpub.dll
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smss.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smbinst.exe
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbiop.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbcsp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\skeys.exe
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\skdll.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sisbkup.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\shutdown.exe
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\shscrap.dll
2009-09-12 01:32:12 -------- C:\WINDOWS\system32\shsvcs.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shrpubw.exe
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shmedia.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shgina.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-09-12 01:32:09 ----A---- C:\WINDOWS\system32\shell32.dll
2009-09-12 01:32:09 ----A---- C:\WINDOWS\system32\shell.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shdoclc.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\share.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shadow.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfmapi.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfc.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\setver.exe
2009-09-12 01:32:08 -------- C:\WINDOWS\system32\sfcfiles.dll
2009-09-12 01:32:08 -------- C:\WINDOWS\system32\sfc.dll
2009-09-12 01:32:07 ----A---- C:\WINDOWS\system32\setupdll.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\setup.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\sethc.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\services.msc
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\serialui.dll
2009-09-12 01:32:06 -------- C:\WINDOWS\system32\services.exe
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\senscfg.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sens.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sendmail.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\security.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\secur32.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\seclogon.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdpblb.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\scrrun.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\scrobj.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scredir.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\schannel.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scardssp.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scarddlg.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sc.exe
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sbeio.dll
2009-09-12 01:32:04 -------- C:\WINDOWS\system32\schedsvc.dll
2009-09-12 01:32:04 -------- C:\WINDOWS\system32\scecli.dll
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\sbe.dll
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\savedump.exe
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-09-12 01:32:02 ----A---- C:\WINDOWS\system32\samlib.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\runonce.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rundll32.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\runas.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtutils.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtm.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtcshare.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvp.ini
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvp.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmui.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmsink.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmps.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsm.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsh.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsaenh.dll
2009-09-12 01:31:59 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-09-12 01:31:59 ----A---- C:\WINDOWS\system32\rpcns4.dll
2009-09-12 01:31:59 -------- C:\WINDOWS\system32\rpcss.dll
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\routetab.dll
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\routemon.exe
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\route.exe
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\rnr20.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\riched32.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\riched20.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\rexec.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\resutils.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\reset.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\replace.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\rend.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regwizc.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regwiz.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regsvr32.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regini.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regedt32.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regapi.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\reg.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\redir.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\recover.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\regedit.exe
2009-09-12 01:31:56 -------- C:\WINDOWS\system32\regsvc.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcp.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcimlby.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rastls.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasser.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rassapi.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasrad.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasppp.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasphone.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmxs.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmontr.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmans.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasman.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasdial.exe
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasctrs.ini
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasctrs.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasautou.exe
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\query.dll
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\quartz.dll
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\qosname.dll
2009-09-12 01:31:52 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-12 01:31:52 -------- C:\WINDOWS\system32\qmgr.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qedit.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qdv.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qcap.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\qasf.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pubprn.vbs
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pstorec.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\psnppagn.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pschdprf.ini
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pschdprf.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\psbase.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\proxycfg.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\progman.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\profmap.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\prodspec.ini
2009-09-12 01:31:50 -------- C:\WINDOWS\system32\psapi.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\printui.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\print.exe
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\powercfg.exe
2009-09-12 01:31:49 -------- C:\WINDOWS\system32\powrprof.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\polstore.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pmspl.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\plustab.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\ping6.exe
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\ping.exe
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\pifmgr.dll
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\pidgen.dll
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\photowiz.dll
2009-09-12 01:31:37 ----R---- C:\WINDOWS\system32\perfmon.msc
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfwci.ini
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfts.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfproc.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfos.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfnet.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfmon.exe
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perffilt.ini
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfdisk.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfci.ini
2009-09-12 01:31:36 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-09-12 01:31:36 ----A---- C:\WINDOWS\system32\pdh.dll
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\pautoenr.dll
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\pathping.exe
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\panmap.dll
2009-09-12 01:31:33 ----A---- C:\WINDOWS\system32\packager.exe
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2psvc.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2p.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osuninst.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osk.exe
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\opengl32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olethk32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olesvr32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olesvr.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olepro32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\oleprn.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\oledlg.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\olecli32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\olecli.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleacc.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2nls.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2disp.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2.dll
2009-09-12 01:31:29 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odtext32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odpdx32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odfox32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odexl32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\oddbse32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbctrac.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcji32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcint.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbccu32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbccr32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcconf.exe
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcconf.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcad32.exe
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\ocmanage.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\occache.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\objsel.dll
2009-09-12 01:31:17 ----A---- C:\WINDOWS\system32\oakley.dll
2009-09-12 01:31:17 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntsd.exe
2009-09-12 01:31:14 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-09-12 01:31:13 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2009-09-12 01:31:13 -------- C:\WINDOWS\system32\ntmssvc.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmarta.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanui.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanman.dll
2009-09-12 01:31:10 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2009-09-12 01:31:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\npptools.dll
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\notepad.exe
2009-09-12 01:31:07 ----A---- C:\WINDOWS\notepad.exe
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2009-09-12 01:31:05 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\newdev.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui2.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui1.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui0.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netstat.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netshell.dll
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netsh.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netsetup.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netrap.dll
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netmsg.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netid.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\neth.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netevent.dll
2009-09-12 01:31:01 -------- C:\WINDOWS\system32\netman.dll
2009-09-12 01:31:01 -------- C:\WINDOWS\system32\netlogon.dll
2009-09-12 01:31:00 ----A---- C:\WINDOWS\system32\netdde.exe
2009-09-12 01:31:00 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-09-12 01:30:59 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-09-12 01:30:59 ----A---- C:\WINDOWS\system32\netapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\net1.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\net.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddeapir.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddeapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nbtstat.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\narrhook.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\narrator.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\mydocs.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\mycomput.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxclu.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\msxmlr.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\msxml3r.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml2r.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\mswstr10.dll
2009-09-12 01:30:53 -------- C:\WINDOWS\system32\mswsock.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\mswdat10.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\msw3prt.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\msvideo.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvidc32.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcp50.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcirt.dll
2009-09-12 01:30:51 -------- C:\WINDOWS\system32\msvcrt.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msutb.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msswchx.exe
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msswch.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssip32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssign32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssap.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msratelc.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msprivs.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msports.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspatcha.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msorc32r.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-12 01:30:45 ----A---- C:\WINDOWS\system32\msobjs.dll
2009-09-12 01:30:43 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-09-12 01:30:39 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msls31.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjter40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjint40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msisip.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimsg.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msidntld.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msidle.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msident.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\msi.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-12 01:30:26 ----A---- C:\WINDOWS\system32\mshta.exe
2009-09-12 01:30:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-09-12 01:30:26 -------- C:\WINDOWS\system32\mshtml.dll
2009-09-12 01:30:26 -------- C:\WINDOWS\system32\msgsvc.dll
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msgina.dll
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msg.exe
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msftedit.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msencode.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdart.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\msdfmap.ini
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msdadiag.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msctf.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscms.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscat32.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msaudite.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msapsspc.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msafd.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msacm32.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msacm.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msaatext.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mrinfo.exe
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprui.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprmsg.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprdim.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprddm.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprapi.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mpr.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mpnotify.exe
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\mountvol.exe
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\moricons.dll
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\more.com
2009-09-12 01:30:14 ----A---- C:\WINDOWS\system32\modex.dll
2009-09-12 01:30:14 ----A---- C:\WINDOWS\system32\modemui.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mode.com
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mobsync.exe
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mmutilse.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mmsystem.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmdrv.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcshext.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcbase.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mmc.exe
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_qic.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_hp.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mlang.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mimefilt.dll
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\miglibnt.dll
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\midimap.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mfc42u.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mfc42.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mfc40.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mf3216.dll
2009-09-12 01:30:08 -------- C:\WINDOWS\system32\mfc40u.dll
2009-09-12 01:30:06 ----A---- C:\WINDOWS\system32\mem.exe
2009-09-12 01:30:05 ----A---- C:\WINDOWS\system32\mdminst.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mdhcp.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciwave.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciseq.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciole32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciole16.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcicda.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciavi32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcd32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcastmib.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mapistub.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\makecab.exe
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\magnify.exe
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\mag_hook.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lzexpand.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lz32.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2009-09-12 01:30:01 -------- C:\WINDOWS\system32\lsass.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lprmonui.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lprhelp.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lpr.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lpq.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logonui.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logoff.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logman.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loghours.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logagent.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lodctr.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\locator.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localui.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localspl.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localsec.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loadperf.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loadfix.com
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-09-12 01:30:00 -------- C:\WINDOWS\system32\lpk.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lights.exe
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licdll.dll
2009-09-12 01:29:59 -------- C:\WINDOWS\system32\linkinfo.dll
2009-09-12 01:29:58 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2009-09-12 01:29:58 ----A---- C:\WINDOWS\system32\langwrbk.dll
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\label.exe
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\krnl386.exe
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\keymgr.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kdcom.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdycc.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbduzb.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusx.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusr.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdus.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdur.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdukx.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbduk.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtat.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsw.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsp.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsg.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsf.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdru1.dll
2009-09-12 01:28:32 -------- C:\WINDOWS\system32\kernel32.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdru.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpo.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdno1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdno.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdnec.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdne.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmon.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmac.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlv.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlt.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdla.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdit142.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdit.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdir.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinben.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdic.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhept.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgae.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfo.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfi.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfc.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdest.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdes.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbddv.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdda.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcan.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdca.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbu.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdblr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbene.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbe.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdazel.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdaze.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kb16.com
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\jscript.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\jobexec.dll
2009-09-12 01:28:30 -------- C:\WINDOWS\system32\jsproxy.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\jet500.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\itss.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\itircl.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\isign32.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_32.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir32_32.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxwan.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxsap.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxroute.exe
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxrip.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsec6.exe
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprtprio.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprop.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\ipmontr.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\iologmsg.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\input.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\initpki.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\infosoft.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetres.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetppui.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetpp.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetmib1.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcplc.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imapi.exe
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ifsutil.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ifmon.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\iexpress.exe
2009-09-12 01:28:23 -------- C:\WINDOWS\system32\imm32.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-09-12 01:28:22 -------- C:\WINDOWS\system32\iedkcs32.dll
2009-09-12 01:28:22 -------- C:\WINDOWS\system32\ie4uinit.exe
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\idq.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icmui.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icmp.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icm32.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iccvid.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iassvcs.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iassdo.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iassam.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasrecst.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasrad.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasnap.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iashlpr.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasads.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasacct.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\htui.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\hticons.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hotplug.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hostname.exe
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetmon.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hlink.dll
2009-09-12 01:28:15 ----A---- C:\WINDOWS\system32\hhsetup.dll
2009-09-12 01:28:15 ----A---- C:\WINDOWS\hh.exe
2009-09-12 01:28:14 ----A---- C:\WINDOWS\system32\help.exe
2009-09-12 01:28:14 ----A---- C:\WINDOWS\system32\hccoin.dll
2009-09-12 01:28:13 ----A---- C:\WINDOWS\system32\h323msp.dll
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\grpconv.exe
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\graphics.com
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\graftabl.com
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2009-09-12 01:28:09 ----A---- C:\WINDOWS\system32\glu32.dll
2009-09-12 01:28:09 ----A---- C:\WINDOWS\system32\glmf32.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\getuname.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gdi32.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gdi.exe
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gcdef.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fwcfg.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\ftsrch.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\ftp.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsutil.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsusd.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsquirt.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\freecell.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\format.com
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\forcedos.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontview.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontext.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fmifs.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\fixmapi.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\finger.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\findstr.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\find.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\filemgmt.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\feclient.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\fc.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-09-12 01:28:02 ----N---- C:\WINDOWS\explorer.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\fastopen.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\exts.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\extrac32.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\expand.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\exe2bin.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventvwr.msc
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventvwr.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventcls.dll
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eula.txt
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-09-12 01:28:00 -------- C:\WINDOWS\system32\eventlog.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentutl.exe
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentprf.ini
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentprf.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esent97.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esent.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-09-12 01:27:59 -------- C:\WINDOWS\system32\es.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\encdec.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\encapi.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\els.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\edlin.exe
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\edit.com
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-09-12 01:27:56 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-09-12 01:27:56 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\duser.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dswave.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsuiext.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dssec.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsprpres.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsound.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dskquoui.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dskquota.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsauth.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\drwatson.exe
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drprov.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpwsock.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpserial.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplay.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dosx.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\doskey.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\docprop.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmserver.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmremote.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmocx.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmintf.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmime.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmdskres.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmconfig.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmband.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmadmin.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dllhost.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dispex.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskperf.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskpart.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcopy.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcopy.com
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcomp.com
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dinput.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dimap.dll
2009-09-12 01:26:59 ----A---- C:\WINDOWS\system32\digest.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\diantz.exe
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\diactfrm.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgres.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrg.msc
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devmgmt.msc
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devenum.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskperf.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskmon.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskadp.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\defrag.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\debug.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddeshare.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddeml.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dciman32.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbghelp.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\dbgeng.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\davclnt.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\datime.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\dataclen.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\danim.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dxof.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3drm.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dim.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\ctl3dv2.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csseqchk.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csrss.exe
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscui.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscript.exe
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscdll.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptnet.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptext.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptdll.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-09-12 01:26:50 -------- C:\WINDOWS\system32\ctfmon.exe
2009-09-12 01:26:50 -------- C:\WINDOWS\system32\cryptsvc.dll
2009-09-12 01:26:49 ----A---- C:\WINDOWS\system32\crtdll.dll
2009-09-12 01:26:49 ----A---- C:\WINDOWS\system32\credui.dll
2009-09-12 01:26:48 ----A---- C:\WINDOWS\system32\corpol.dll
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\convert.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\control.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\console.dll
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\conime.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\confmsp.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comuid.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comres.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compstui.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compobj.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compmgmt.msc
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\compatui.dll
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\compact.exe
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\comp.exe
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\commdlg.dll
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\command.com
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\comcat.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\colbact.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cnvfat.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmutil.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmstp.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmmon32.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmd.exe
2009-09-12 01:26:36 -------- C:\WINDOWS\system32\comctl32.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\shellstyle.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clipsrv.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cliconfg.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cliconfg.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clb.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\ckcnv.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cisvc.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\cidaemon.exe
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\cic.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\ciadv.msc
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\ciadmin.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\chkntfs.exe
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\chkdsk.exe
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\chcp.com
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\charmap.exe
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certmgr.msc
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certmgr.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certcli.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdosys.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdm.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdfview.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cards.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\capesnpn.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\camocx.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\calc.exe
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cacls.exe
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cabview.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cabinet.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\btpanui.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\bthserv.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\bthci.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browseui.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browselc.dll
2009-09-12 01:26:30 -------- C:\WINDOWS\system32\browser.dll
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootvid.dll
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootok.exe
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\blastcln.exe
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\blackbox.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bidispl.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\batmeter.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\basesrv.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\avwav.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avifile.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avicap32.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avicap.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autofmt.exe
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autodisc.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\autochk.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\authz.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\auditusr.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\attrib.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atrace.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atmlib.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atmfd.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atmadm.exe
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atl.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atkctrs.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\at.exe
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\asycfilt.dll
2009-09-12 01:26:14 ----A---- C:\WINDOWS\system32\asferror.dll
2009-09-12 01:26:11 ----A---- C:\WINDOWS\system32\arp.exe
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\append.exe
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\apcups.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\amstream.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\alrsvc.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\alg.exe
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\ahui.exe
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\advpack.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\adptif.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\admparse.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\actxprxy.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\actmovie.exe
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\activeds.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\aclui.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\acledit.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\acctres.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\aaaamon.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-09-12 01:26:05 ----D---- C:\WINDOWS\I386
2009-09-12 01:08:10 ----RD---- C:\Program Files
2009-09-12 01:05:32 ----RD---- C:\WINDOWS\Offline Web Pages
2009-09-12 01:05:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-12 01:03:57 ----D---- C:\WINDOWS\CACHE
2009-08-17 02:04:24 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-08-17 02:04:08 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-08-17 02:03:44 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-08-17 02:03:38 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-08-17 02:03:28 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-08-17 02:03:28 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-08-17 02:03:22 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-08-17 02:03:02 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-08-17 02:02:52 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-08-14 12:36:18 ----A---- C:\WINDOWS\system32\PhysXLoader.dll

======List of files/folders modified in the last 3 months======

2009-11-03 12:06:06 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-03 06:00:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-02 17:06:11 ----D---- C:\WINDOWS
2009-11-02 17:04:32 ----N---- C:\WINDOWS\system.ini
2009-11-02 17:01:56 ----D---- C:\WINDOWS\system32\drivers
2009-11-02 17:01:56 ----D---- C:\WINDOWS\system32
2009-11-02 17:01:56 ----D---- C:\WINDOWS\AppPatch
2009-11-02 17:01:54 ----D---- C:\Program Files\Common Files
2009-11-01 05:44:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-01 05:41:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-31 23:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-31 23:37:04 ----SHD---- C:\WINDOWS\Installer
2009-10-31 23:37:03 ----D---- C:\Program Files\Adobe
2009-10-28 22:19:48 ----HD---- C:\WINDOWS\inf
2009-10-28 22:19:36 ----RSD---- C:\WINDOWS\Fonts
2009-10-28 21:47:39 ----D---- C:\WINDOWS\WinSxS
2009-10-23 18:56:21 ----D---- C:\Program Files\Messenger
2009-10-23 18:29:11 ----RASH---- C:\boot.ini
2009-10-23 17:52:48 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-10-22 21:09:54 ----D---- C:\Program Files\Internet Explorer
2009-10-22 21:09:53 ----D---- C:\WINDOWS\system32\wbem
2009-10-22 21:00:14 ----A---- C:\WINDOWS\imsins.BAK
2009-10-22 20:49:50 ----D---- C:\Program Files\Outlook Express
2009-10-22 17:31:17 ----SD---- C:\WINDOWS\Tasks
2009-10-16 00:15:46 ----D---- C:\Documents and Settings
2009-10-12 22:06:16 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-28 19:50:32 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-24 23:40:21 ----N---- C:\WINDOWS\win.ini
2009-09-24 23:39:57 ----D---- C:\Program Files\Windows Media Player
2009-09-24 23:39:54 ----D---- C:\WINDOWS\Help
2009-09-18 05:45:14 ----D---- C:\WINDOWS\Drivers
2009-09-17 22:05:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-17 21:55:02 ----A---- C:\autoexec.bat
2009-09-17 14:51:40 ----D---- C:\WINDOWS\Media
2009-09-15 23:08:07 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-12 19:04:23 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-12 19:03:27 ----A---- C:\WINDOWS\setuplog.txt
2009-09-12 19:02:52 ----D---- C:\WINDOWS\system32\Setup
2009-09-12 19:01:44 ----D---- C:\WINDOWS\security
2009-09-12 18:46:09 ----D---- C:\WINDOWS\ime
2009-09-12 18:45:49 ----D---- C:\WINDOWS\system32\usmt
2009-09-12 18:45:46 ----D---- C:\WINDOWS\PeerNet
2009-09-12 18:45:46 ----D---- C:\Program Files\Movie Maker
2009-09-12 18:39:36 ----D---- C:\WINDOWS\system32\Restore
2009-09-12 18:39:35 ----D---- C:\WINDOWS\system32\npp
2009-09-12 18:39:33 ----D---- C:\WINDOWS\msagent
2009-09-12 18:39:29 ----D---- C:\WINDOWS\srchasst
2009-09-12 18:39:28 ----D---- C:\Program Files\NetMeeting
2009-09-12 18:39:25 ----D---- C:\WINDOWS\system32\Com
2009-09-12 18:39:19 ----D---- C:\Program Files\Windows NT
2009-09-12 18:39:12 ----D---- C:\Program Files\Common Files\System
2009-09-12 18:38:45 ----D---- C:\WINDOWS\system32\oobe
2009-09-12 18:38:37 ----D---- C:\WINDOWS\system
2009-09-12 17:58:19 ----D---- C:\WINDOWS\Debug
2009-09-12 17:55:04 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-12 17:35:24 ----D---- C:\WINDOWS\twain_32
2009-09-12 16:10:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-12 15:36:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-09-12 15:35:31 ----D---- C:\Program Files\Microsoft Office
2009-09-12 15:35:25 ----D---- C:\WINDOWS\msapps
2009-09-12 15:35:25 ----D---- C:\Program Files\microsoft frontpage
2009-09-12 02:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-09-12 02:43:31 ----D---- C:\Program Files\BigFix
2009-09-12 02:42:15 ----D---- C:\Program Files\Symantec
2009-09-12 02:42:07 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-09-12 01:52:07 ----D---- C:\WINDOWS\system32\config
2009-09-12 01:51:13 ----D---- C:\WINDOWS\Registration
2009-09-12 01:43:28 ----D---- C:\WINDOWS\repair
2009-09-12 01:40:54 ----D---- C:\Program Files\Common Files\Services
2009-09-12 01:37:10 ----D---- C:\WINDOWS\system32\ras
2009-09-12 01:36:35 ----D---- C:\WINDOWS\system32\icsxml
2009-09-12 01:36:34 ----D---- C:\WINDOWS\system32\ias
2009-09-12 01:34:18 ----D---- C:\WINDOWS\system32\1033
2009-09-12 01:34:06 ----RD---- C:\WINDOWS\Web
2009-09-12 01:33:44 ----D---- C:\WINDOWS\Cursors
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-08-29 03:08:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-08-04 10:13:08 -------- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 09:20:09 -------- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-10-22 89872]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2004-09-10 8552]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-10-22 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-10-22 225808]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-10-22 1223832]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-07-07 2185408]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-09-10 28352]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-16 7729568]
R3 PPJoyBus;Parallel Port Joystick Bus device driver; C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 13952]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
R3 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
R3 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-18 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-06-18 220032]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-06-06 730653]
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 SunkFilt39;Alcor Micro Corp - 3239; \??\C:\WINDOWS\System32\Drivers\sunkfilt39.sys []
S3 Sunkfiltp;HP && Alcor Micro Corp for Phison; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-18 685056]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-10-22 715368]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-10-22 345352]
R3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-10-22 689416]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-12 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

#15 tiloldar

tiloldar
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:02 PM

Posted 03 November 2009 - 07:25 PM

No open windows,
No AV,
Option 3 months,

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-11-03 19:23:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 103 GB (67%) free of 153 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:23:47 PM, on 11/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gateway.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1252739558828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256261055968
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 7647 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ISP signup reminder 1.job
C:\WINDOWS\tasks\ISP signup reminder 2.job
C:\WINDOWS\tasks\ISP signup reminder 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-02 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-26 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-11-01 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 73728]
"SunKistEM"=C:\Program Files\Digital Media Reader\shwiconem.exe [2004-03-12 135168]
"mmtask"=c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe [2004-01-26 53248]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2004-05-18 543232]
"ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-06 2550272]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-12 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-09-12 122368]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-07 50688]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"BlackBerryAutoUpdate"=C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-08-31 623960]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-10-22 1020248]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-12 39408]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-06-06 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2009-11-02 17:06:11 ----D---- C:\WINDOWS\temp
2009-11-02 17:06:08 ----A---- C:\ComboFix.txt
2009-11-02 15:02:00 ----A---- C:\log.txt
2009-11-02 14:52:39 ----A---- C:\WINDOWS\MBR.exe
2009-11-01 19:20:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-01 19:09:38 ----RA---- C:\ComboFix.exe
2009-11-01 14:10:48 ----D---- C:\rsit
2009-10-31 23:34:53 ----D---- C:\Config.Msi
2009-10-31 23:34:10 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-10-31 23:33:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-28 22:18:26 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-10-28 22:18:25 ----D---- C:\Program Files\Roxio
2009-10-28 21:48:21 ----D---- C:\Documents and Settings\All Users\Application Data\Research In Motion
2009-10-23 18:44:07 ----D---- C:\WINDOWS\Prefetch
2009-10-23 18:34:07 ----A---- C:\WINDOWS\system32\proquota.exe
2009-10-23 18:29:11 ----A---- C:\Boot.bak
2009-10-23 18:29:07 ----RASHD---- C:\cmdcons
2009-10-23 18:28:38 ----A---- C:\WINDOWS\zip.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWSC.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\SWREG.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\sed.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\PEV.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-23 18:28:38 ----A---- C:\WINDOWS\grep.exe
2009-10-23 18:28:33 ----D---- C:\WINDOWS\ERDNT
2009-10-23 18:28:03 ----D---- C:\Qoobox
2009-10-23 18:03:46 ----A---- C:\RootRepeal report 10-23-09 (19-03-46).txt
2009-10-22 21:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-22 21:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-22 20:59:55 ----D---- C:\Program Files\MSXML 4.0
2009-10-22 20:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-22 20:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-22 20:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-22 20:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-22 20:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-22 20:54:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-22 20:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-22 20:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-22 20:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-22 20:51:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-22 20:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-22 20:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-22 20:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-22 20:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-22 20:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-22 20:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-22 20:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-22 20:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-22 20:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-22 20:49:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-22 20:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-22 20:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-22 20:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-22 20:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-22 20:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-22 20:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-22 20:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-22 20:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-22 20:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-22 20:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-22 20:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-22 20:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-22 20:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-22 20:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-22 20:44:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-22 20:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-22 20:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-22 20:43:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-22 20:43:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-22 20:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-22 20:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-22 20:42:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-22 20:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-22 20:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-22 20:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-22 20:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-22 20:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-22 20:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-22 20:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-22 20:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-22 20:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-22 20:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-22 20:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-22 20:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-22 20:30:57 -------- C:\WINDOWS\system32\xpsp4res.dll
2009-10-22 17:51:08 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-10-22 17:50:52 ----D---- C:\Program Files\Trend Micro
2009-10-17 12:56:35 ----D---- C:\Program Files\roeacv
2009-10-16 00:15:31 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-15 17:54:06 ----D---- C:\Program Files\svuthh
2009-09-28 21:40:01 ----D---- C:\Documents and Settings\Owner\Application Data\Roxio
2009-09-28 21:36:47 ----D---- C:\Documents and Settings\Owner\Application Data\Research In Motion
2009-09-28 19:55:04 ----D---- C:\Documents and Settings\Owner\Application Data\InstallShield
2009-09-28 19:54:35 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-09-28 19:54:29 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-28 19:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-28 19:50:16 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-09-28 19:40:22 ----D---- C:\Program Files\Common Files\Research In Motion
2009-09-28 19:40:17 ----D---- C:\Program Files\Research In Motion
2009-09-28 19:37:48 ----SHD---- C:\WINDOWS\ftpcache
2009-09-26 22:20:59 ----D---- C:\WINDOWS\Sun
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\java.exe
2009-09-26 22:20:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-09-26 22:20:10 ----D---- C:\Program Files\Java
2009-09-26 22:19:49 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2009-09-24 23:40:53 -------- C:\WINDOWS\system32\spmsg.dll
2009-09-24 23:40:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-24 23:39:58 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-24 23:39:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-24 23:38:02 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-24 23:37:01 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-24 23:36:55 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-23 01:05:08 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-19 09:57:02 ----D---- C:\Documents and Settings\Owner\Application Data\Template
2009-09-18 23:12:17 ----D---- C:\Program Files\FMS
2009-09-18 23:12:00 ----D---- C:\Program Files\RcCad_V2
2009-09-18 12:30:39 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2009-09-18 12:30:31 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-17 21:40:23 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-17 21:22:51 ----A---- C:\WINDOWS\_SETUPD_.EXE
2009-09-17 14:52:20 ----D---- C:\WINDOWS\ie8updates
2009-09-17 14:51:46 ----D---- C:\WINDOWS\WBEM
2009-09-17 14:50:41 ----HDC---- C:\WINDOWS\ie8
2009-09-17 14:47:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-17 14:45:44 ----D---- C:\downloaded programs
2009-09-16 22:43:26 ----D---- C:\Documents and Settings\Owner\Application Data\Ventrilo
2009-09-16 22:43:17 ----D---- C:\Program Files\Ventrilo
2009-09-16 22:43:08 ----A---- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-09-16 22:37:24 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-09-15 23:13:42 ----D---- C:\Documents and Settings\Owner\Application Data\ArcSoft
2009-09-15 23:08:09 ----D---- C:\Program Files\ArcSoft
2009-09-15 23:08:09 ----A---- C:\WINDOWS\PS_setup.ini
2009-09-15 23:08:08 ----A---- C:\WINDOWS\pcdlib32.dll
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTWND80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTTWN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTTHK80W.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTKRN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTIMG80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTFIL80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTEFX80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LTANN80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFWPG80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFWMF80N.DLL
2009-09-15 22:25:16 ----A---- C:\WINDOWS\system32\LFAVI80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\VBAJET.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\ODBCJT16.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\NPPLG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFWFX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFTIF80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFTGA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFRAS80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPSD80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPNG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCT80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFPCD80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFMSP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFMAC80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFLMB80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFLMA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFKODAK.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFIMG80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFICA80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFGIF80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFPX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFPX7.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFFAX80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFEPS80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFDIC80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFCMP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFCAL80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFBMP80N.DLL
2009-09-15 22:25:15 ----A---- C:\WINDOWS\system32\LFAWD80N.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\MSJT3032.DLL
2009-09-15 22:25:14 ----A---- C:\WINDOWS\system32\DAO350.DLL
2009-09-15 01:35:59 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2009-09-14 22:55:56 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2009-09-14 21:43:39 ----D---- C:\Program Files\World of Warcraft
2009-09-14 01:28:23 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2009-09-13 14:18:34 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2009-09-13 14:18:02 ----D---- C:\Program Files\Common Files\Adobe
2009-09-12 18:45:49 ----D---- C:\WINDOWS\system32\en-us
2009-09-12 18:45:48 ----D---- C:\WINDOWS\system32\scripting
2009-09-12 18:45:47 ----D---- C:\WINDOWS\l2schemas
2009-09-12 18:45:46 ----D---- C:\WINDOWS\system32\en
2009-09-12 18:45:46 ----D---- C:\WINDOWS\system32\bits
2009-09-12 18:39:43 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-12 18:35:44 ----D---- C:\WINDOWS\network diagnostic
2009-09-12 18:31:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-09-12 18:31:08 ----D---- C:\WINDOWS\EHome
2009-09-12 17:58:47 ----D---- C:\Documents and Settings\Owner\Application Data\gtk-2.0
2009-09-12 17:56:20 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-12 17:53:29 ----D---- C:\Documents and Settings\Owner\Application Data\Canon
2009-09-12 17:50:15 ----D---- C:\Program Files\GIMP-2.0
2009-09-12 17:44:49 ----D---- C:\Documents and Settings\Owner\Application Data\Viewpoint
2009-09-12 17:37:43 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2009-09-12 17:37:39 ----A---- C:\WINDOWS\system32\CNMVS7L.DLL
2009-09-12 17:37:38 ----A---- C:\WINDOWS\system32\CNMLM7L.DLL
2009-09-12 17:36:00 ----D---- C:\Program Files\Canon
2009-09-12 17:35:24 ----HD---- C:\WINDOWS\system32\CanonMP Uninstaller Information
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCL500.DLL
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\cncisco.dll
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCI500.DLL
2009-09-12 17:35:20 ----A---- C:\WINDOWS\system32\CNCC500.DLL
2009-09-12 17:35:15 ----D---- C:\CanonMP
2009-09-12 16:05:14 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2009-09-12 16:05:02 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-09-12 16:04:49 ----D---- C:\Program Files\iPod
2009-09-12 16:04:45 ----D---- C:\Program Files\iTunes
2009-09-12 16:04:45 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-12 16:04:28 ----D---- C:\Program Files\Bonjour
2009-09-12 16:03:38 ----D---- C:\Program Files\QuickTime
2009-09-12 16:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-09-12 16:03:27 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-09-12 16:03:14 ----D---- C:\Program Files\Apple Software Update
2009-09-12 16:03:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-12 16:03:08 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-09-12 16:02:56 ----D---- C:\Program Files\Common Files\Apple
2009-09-12 16:02:55 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-09-12 16:01:37 ----A---- C:\WINDOWS\unvise32.exe
2009-09-12 15:44:56 ----D---- C:\Audio
2009-09-12 15:37:00 ----A---- C:\WINDOWS\ODBC.INI
2009-09-12 15:36:22 ----D---- C:\Program Files\Common Files\Designer
2009-09-12 15:36:09 ----D---- C:\WINDOWS\ShellNew
2009-09-12 15:35:31 ----D---- C:\Documents and Settings\Owner\Application Data\Microsoft Web Folders
2009-09-12 02:53:46 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2009-09-12 02:43:59 ----A---- C:\WINDOWS\msoffice.ini
2009-09-12 02:38:13 ----D---- C:\Documents and Settings\Owner\Application Data\Google
2009-09-12 02:38:02 ----D---- C:\Program Files\Google
2009-09-12 02:38:02 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-09-12 02:18:43 ----D---- C:\WINDOWS\system32\AGEIA
2009-09-12 02:18:42 ----D---- C:\Program Files\AGEIA Technologies
2009-09-12 02:18:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-12 02:17:57 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-12 02:17:54 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2009-09-12 02:16:44 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-12 02:16:43 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-12 02:16:42 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-12 02:16:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-12 02:16:22 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-09-12 02:15:05 ----D---- C:\NVIDIA
2009-09-12 02:15:03 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wups2.dll
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-09-12 02:13:12 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-09-12 02:13:11 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-12 02:13:11 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-09-12 02:08:02 ----D---- C:\RECYCLER
2009-09-12 02:06:10 ----D---- C:\WINDOWS\nview
2009-09-12 02:06:10 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-09-12 01:44:02 ----SHD---- C:\System Volume Information
2009-09-12 01:40:51 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2009-09-12 01:40:50 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2009-09-12 01:40:40 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2009-09-12 01:40:31 ----A---- C:\WINDOWS\system32\wowfax.dll
2009-09-12 01:40:15 ----A---- C:\WINDOWS\system32\usrvpa.dll
2009-09-12 01:40:06 ----A---- C:\WINDOWS\system32\usrvoica.dll
2009-09-12 01:39:58 ----A---- C:\WINDOWS\system32\usrv80a.dll
2009-09-12 01:39:49 ----A---- C:\WINDOWS\system32\usrv42a.dll
2009-09-12 01:39:40 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2009-09-12 01:39:32 ----A---- C:\WINDOWS\system32\usrshuta.exe
2009-09-12 01:39:23 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2009-09-12 01:39:14 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2009-09-12 01:39:06 ----A---- C:\WINDOWS\system32\usrprbda.exe
2009-09-12 01:38:57 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2009-09-12 01:38:48 ----A---- C:\WINDOWS\system32\usrlbva.dll
2009-09-12 01:38:40 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2009-09-12 01:38:31 ----A---- C:\WINDOWS\system32\usrdtea.dll
2009-09-12 01:38:23 ----A---- C:\WINDOWS\system32\usrdpa.dll
2009-09-12 01:38:14 ----A---- C:\WINDOWS\system32\usrcoina.dll
2009-09-12 01:38:05 ----A---- C:\WINDOWS\system32\usrcntra.dll
2009-09-12 01:38:04 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-12 01:37:54 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2009-09-12 01:37:46 ----A---- C:\WINDOWS\system32\streamci.dll
2009-09-12 01:37:44 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-12 01:37:36 ----A---- C:\WINDOWS\system32\sprio800.dll
2009-09-12 01:37:28 ----A---- C:\WINDOWS\system32\sprio600.dll
2009-09-12 01:37:14 ----A---- C:\WINDOWS\system32\spnike.dll
2009-09-12 01:37:08 ----A---- C:\WINDOWS\system32\pjlmon.dll
2009-09-12 01:37:07 ----A---- C:\WINDOWS\system32\pid.dll
2009-09-12 01:37:00 ----A---- C:\WINDOWS\system32\paqsp.dll
2009-09-12 01:36:53 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-09-12 01:36:40 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2009-09-12 01:36:38 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-12 01:36:37 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2009-09-12 01:36:33 ----A---- C:\WINDOWS\system32\hid.dll
2009-09-12 01:36:28 ----A---- C:\WINDOWS\system32\dvdplay.exe
2009-09-12 01:34:28 ----A---- C:\WINDOWS\system32\dmutil.dll
2009-09-12 01:34:24 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2009-09-12 01:33:41 ----D---- C:\WINDOWS\SMINST
2009-09-12 01:33:26 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-09-12 01:33:23 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-09-12 01:33:23 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2009-09-12 01:33:22 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xcopy.exe
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-09-12 01:33:21 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-09-12 01:33:21 -------- C:\WINDOWS\system32\xmlprov.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-12 01:33:20 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-12 01:33:20 -------- C:\WINDOWS\system32\wuauclt.exe
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wsock32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshrm.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wship6.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshext.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshcon.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshbth.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-09-12 01:33:19 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wscript.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\ws2help.dll
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\write.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wpabaln.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-09-12 01:33:18 ----A---- C:\WINDOWS\system32\wow32.dll
2009-09-12 01:33:18 -------- C:\WINDOWS\system32\wscntfy.exe
2009-09-12 01:33:18 -------- C:\WINDOWS\system32\ws2_32.dll
2009-09-12 01:33:17 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-09-12 01:33:17 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-09-12 01:33:16 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmpui.dll
2009-09-12 01:33:15 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-09-12 01:33:14 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpcore.dll
2009-09-12 01:33:13 ----A---- C:\WINDOWS\system32\wmpcd.dll
2009-09-12 01:33:12 ----A---- C:\WINDOWS\system32\wmpasf.dll
2009-09-12 01:33:10 ----A---- C:\WINDOWS\system32\wmp.dll
2009-09-12 01:33:10 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2009-09-12 01:33:08 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmi.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmerror.dll
2009-09-12 01:33:07 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-09-12 01:33:06 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winver.exe
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsta.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsrv.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winspool.exe
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winsock.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winshfhc.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winscard.dll
2009-09-12 01:33:05 ----A---- C:\WINDOWS\system32\winrnr.dll
2009-09-12 01:33:04 ----A---- C:\WINDOWS\system32\winntbbu.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winnls.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmm.dll
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winmine.exe
2009-09-12 01:33:01 ----A---- C:\WINDOWS\system32\winipsec.dll
2009-09-12 01:33:01 -------- C:\WINDOWS\system32\winlogon.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\winhlp32.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\winhelp.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winhlp32.exe
2009-09-12 01:33:00 ----A---- C:\WINDOWS\system32\winfax.dll
2009-09-12 01:33:00 -------- C:\WINDOWS\system32\wininet.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\winchat.exe
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\winbrand.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\win87em.dll
2009-09-12 01:32:58 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\win.com
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiavideo.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiashext.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiascr.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiadefui.dll
2009-09-12 01:32:57 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\wextract.exe
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\webvw.dll
2009-09-12 01:32:56 ----A---- C:\WINDOWS\system32\webhits.dll
2009-09-12 01:32:55 ----A---- C:\WINDOWS\system32\webclnt.dll
2009-09-12 01:32:55 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-09-12 01:32:54 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-09-12 01:32:50 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w3ssl.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\w32time.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssvc.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-09-12 01:32:49 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-09-12 01:32:48 ----A---- C:\WINDOWS\vmmreg32.dll
2009-09-12 01:32:48 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga256.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vga.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\version.dll
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\verifier.exe
2009-09-12 01:32:47 ----A---- C:\WINDOWS\system32\verifier.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\ver.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\vbajet32.dll
2009-09-12 01:32:46 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\utilman.exe
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\utildll.dll
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-09-12 01:32:45 ----A---- C:\WINDOWS\system32\usp10.dll
2009-09-12 01:32:45 -------- C:\WINDOWS\system32\userinit.exe
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\userenv.dll
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\user.exe
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\usbmon.dll
2009-09-12 01:32:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-09-12 01:32:44 -------- C:\WINDOWS\system32\user32.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\url.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\ureg.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\ups.exe
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnpcont.exe
2009-09-12 01:32:43 ----A---- C:\WINDOWS\system32\upnp.dll
2009-09-12 01:32:43 -------- C:\WINDOWS\system32\upnphost.dll
2009-09-12 01:32:42 ----A---- C:\WINDOWS\system32\untfs.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\uniplat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\unimdmat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\ulib.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\ufat.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-09-12 01:32:41 ----A---- C:\WINDOWS\system32\typelib.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twunk_32.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twunk_16.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twain_32.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\twain.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\txflog.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\twext.dll
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-09-12 01:32:40 ----A---- C:\WINDOWS\system32\tskill.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsddd.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscon.exe
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-09-12 01:32:39 ----A---- C:\WINDOWS\system32\tree.com
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\traffic.dll
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tracert.exe
2009-09-12 01:32:38 ----A---- C:\WINDOWS\system32\tourstart.exe
2009-09-12 01:32:36 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-09-12 01:32:33 ----A---- C:\WINDOWS\system32\themeui.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tftp.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\termmgr.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\telnet.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmon.ini
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-09-12 01:32:32 ----A---- C:\WINDOWS\system32\tcpmib.dll
2009-09-12 01:32:32 -------- C:\WINDOWS\system32\termsrv.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\taskman.exe
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-09-12 01:32:31 ----A---- C:\WINDOWS\system32\tapi3.dll
2009-09-12 01:32:31 -------- C:\WINDOWS\system32\tapisrv.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\tapi.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-09-12 01:32:30 ----A---- C:\WINDOWS\system32\systray.exe
2009-09-12 01:32:28 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-09-12 01:32:28 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\syskey.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\syncui.dll
2009-09-12 01:32:27 ----A---- C:\WINDOWS\system32\synceng.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\sxs.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\swprv.dll
2009-09-12 01:32:26 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-09-12 01:32:26 -------- C:\WINDOWS\system32\svchost.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\subst.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\storage.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\stobject.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\stimon.exe
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-09-12 01:32:25 ----A---- C:\WINDOWS\system32\sti.dll
2009-09-12 01:32:24 ----A---- C:\WINDOWS\system32\stclient.dll
2009-09-12 01:32:23 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-09-12 01:32:23 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-09-12 01:32:23 -------- C:\WINDOWS\system32\ssdpsrv.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-12 01:32:22 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-09-12 01:32:22 -------- C:\WINDOWS\system32\srsvc.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2009-09-12 01:32:21 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-09-12 01:32:20 ----A---- C:\WINDOWS\system32\spnpinst.exe
2009-09-12 01:32:20 -------- C:\WINDOWS\system32\spoolsv.exe
2009-09-12 01:32:19 ----A---- C:\WINDOWS\system32\spider.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\sort.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\sol.exe
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\softpub.dll
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2009-09-12 01:32:16 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smss.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-09-12 01:32:15 ----A---- C:\WINDOWS\system32\smbinst.exe
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbiop.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slbcsp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\skeys.exe
2009-09-12 01:32:13 ----A---- C:\WINDOWS\system32\skdll.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sisbkup.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\shutdown.exe
2009-09-12 01:32:12 ----A---- C:\WINDOWS\system32\shscrap.dll
2009-09-12 01:32:12 -------- C:\WINDOWS\system32\shsvcs.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shrpubw.exe
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shmedia.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shgina.dll
2009-09-12 01:32:11 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-09-12 01:32:09 ----A---- C:\WINDOWS\system32\shell32.dll
2009-09-12 01:32:09 ----A---- C:\WINDOWS\system32\shell.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shdoclc.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\share.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\shadow.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfmapi.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\sfc.exe
2009-09-12 01:32:08 ----A---- C:\WINDOWS\system32\setver.exe
2009-09-12 01:32:08 -------- C:\WINDOWS\system32\sfcfiles.dll
2009-09-12 01:32:08 -------- C:\WINDOWS\system32\sfc.dll
2009-09-12 01:32:07 ----A---- C:\WINDOWS\system32\setupdll.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\setup.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\sethc.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\services.msc
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-09-12 01:32:06 ----A---- C:\WINDOWS\system32\serialui.dll
2009-09-12 01:32:06 -------- C:\WINDOWS\system32\services.exe
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\senscfg.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sens.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sendmail.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\security.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\secur32.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\seclogon.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdpblb.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\scrrun.dll
2009-09-12 01:32:05 ----A---- C:\WINDOWS\system32\scrobj.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scredir.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\schannel.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scardssp.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\scarddlg.dll
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sc.exe
2009-09-12 01:32:04 ----A---- C:\WINDOWS\system32\sbeio.dll
2009-09-12 01:32:04 -------- C:\WINDOWS\system32\schedsvc.dll
2009-09-12 01:32:04 -------- C:\WINDOWS\system32\scecli.dll
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\sbe.dll
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\savedump.exe
2009-09-12 01:32:03 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-09-12 01:32:02 ----A---- C:\WINDOWS\system32\samlib.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-12 01:32:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\runonce.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rundll32.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\runas.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtutils.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtm.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rtcshare.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvp.ini
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsvp.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmui.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmsink.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsmps.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsm.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsh.exe
2009-09-12 01:32:00 ----A---- C:\WINDOWS\system32\rsaenh.dll
2009-09-12 01:31:59 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-09-12 01:31:59 ----A---- C:\WINDOWS\system32\rpcns4.dll
2009-09-12 01:31:59 -------- C:\WINDOWS\system32\rpcss.dll
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\routetab.dll
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\routemon.exe
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\route.exe
2009-09-12 01:31:58 ----A---- C:\WINDOWS\system32\rnr20.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\riched32.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\riched20.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\rexec.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\resutils.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\reset.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\replace.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\rend.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regwizc.dll
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regwiz.exe
2009-09-12 01:31:57 ----A---- C:\WINDOWS\system32\regsvr32.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regini.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regedt32.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\regapi.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\reg.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\redir.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\recover.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-09-12 01:31:56 ----A---- C:\WINDOWS\regedit.exe
2009-09-12 01:31:56 -------- C:\WINDOWS\system32\regsvc.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcp.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcimlby.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rastls.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasser.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rassapi.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasrad.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasppp.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasphone.exe
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmxs.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmontr.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasmans.dll
2009-09-12 01:31:55 ----A---- C:\WINDOWS\system32\rasman.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasdial.exe
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasctrs.ini
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasctrs.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasautou.exe
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-12 01:31:54 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\query.dll
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\quartz.dll
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-09-12 01:31:53 ----A---- C:\WINDOWS\system32\qosname.dll
2009-09-12 01:31:52 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-12 01:31:52 -------- C:\WINDOWS\system32\qmgr.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qedit.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qdv.dll
2009-09-12 01:31:51 ----A---- C:\WINDOWS\system32\qcap.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\qasf.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pubprn.vbs
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pstorec.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\psnppagn.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pschdprf.ini
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\pschdprf.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\psbase.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\proxycfg.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\progman.exe
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\profmap.dll
2009-09-12 01:31:50 ----A---- C:\WINDOWS\system32\prodspec.ini
2009-09-12 01:31:50 -------- C:\WINDOWS\system32\psapi.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\printui.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\print.exe
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2009-09-12 01:31:49 ----A---- C:\WINDOWS\system32\powercfg.exe
2009-09-12 01:31:49 -------- C:\WINDOWS\system32\powrprof.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\polstore.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\pmspl.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\plustab.dll
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\ping6.exe
2009-09-12 01:31:48 ----A---- C:\WINDOWS\system32\ping.exe
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\pifmgr.dll
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\pidgen.dll
2009-09-12 01:31:47 ----A---- C:\WINDOWS\system32\photowiz.dll
2009-09-12 01:31:37 ----R---- C:\WINDOWS\system32\perfmon.msc
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfwci.ini
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfts.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfproc.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfos.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfnet.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfmon.exe
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perffilt.ini
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfdisk.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-09-12 01:31:37 ----A---- C:\WINDOWS\system32\perfci.ini
2009-09-12 01:31:36 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-09-12 01:31:36 ----A---- C:\WINDOWS\system32\pdh.dll
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\pautoenr.dll
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\pathping.exe
2009-09-12 01:31:34 ----A---- C:\WINDOWS\system32\panmap.dll
2009-09-12 01:31:33 ----A---- C:\WINDOWS\system32\packager.exe
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2psvc.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\p2p.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osuninst.dll
2009-09-12 01:31:32 ----A---- C:\WINDOWS\system32\osk.exe
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\opengl32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olethk32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olesvr32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olesvr.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olepro32.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\oleprn.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\oledlg.dll
2009-09-12 01:31:31 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\olecli32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\olecli.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\oleacc.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole32.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2nls.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2disp.dll
2009-09-12 01:31:30 ----A---- C:\WINDOWS\system32\ole2.dll
2009-09-12 01:31:29 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odtext32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odpdx32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odfox32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odexl32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\oddbse32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbctrac.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcji32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbcint.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbccu32.dll
2009-09-12 01:31:19 ----A---- C:\WINDOWS\system32\odbccr32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcconf.exe
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcconf.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbcad32.exe
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\ocmanage.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\occache.dll
2009-09-12 01:31:18 ----A---- C:\WINDOWS\system32\objsel.dll
2009-09-12 01:31:17 ----A---- C:\WINDOWS\system32\oakley.dll
2009-09-12 01:31:17 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2009-09-12 01:31:16 ----A---- C:\WINDOWS\system32\ntsd.exe
2009-09-12 01:31:14 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-09-12 01:31:13 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2009-09-12 01:31:13 -------- C:\WINDOWS\system32\ntmssvc.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntmarta.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanui.dll
2009-09-12 01:31:12 ----A---- C:\WINDOWS\system32\ntlanman.dll
2009-09-12 01:31:10 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2009-09-12 01:31:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\npptools.dll
2009-09-12 01:31:07 ----A---- C:\WINDOWS\system32\notepad.exe
2009-09-12 01:31:07 ----A---- C:\WINDOWS\notepad.exe
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-09-12 01:31:06 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2009-09-12 01:31:05 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\newdev.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui2.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui1.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netui0.dll
2009-09-12 01:31:03 ----A---- C:\WINDOWS\system32\netstat.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netshell.dll
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netsh.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netsetup.exe
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netrap.dll
2009-09-12 01:31:02 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netmsg.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netid.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\neth.dll
2009-09-12 01:31:01 ----A---- C:\WINDOWS\system32\netevent.dll
2009-09-12 01:31:01 -------- C:\WINDOWS\system32\netman.dll
2009-09-12 01:31:01 -------- C:\WINDOWS\system32\netlogon.dll
2009-09-12 01:31:00 ----A---- C:\WINDOWS\system32\netdde.exe
2009-09-12 01:31:00 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-09-12 01:30:59 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-09-12 01:30:59 ----A---- C:\WINDOWS\system32\netapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\net1.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\net.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddeapir.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nddeapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\nbtstat.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\narrhook.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\narrator.exe
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\mydocs.dll
2009-09-12 01:30:58 ----A---- C:\WINDOWS\system32\mycomput.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\mtxclu.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\msxmlr.dll
2009-09-12 01:30:54 ----A---- C:\WINDOWS\system32\msxml3r.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml2r.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxml.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-09-12 01:30:53 ----A---- C:\WINDOWS\system32\mswstr10.dll
2009-09-12 01:30:53 -------- C:\WINDOWS\system32\mswsock.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\mswdat10.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\msw3prt.dll
2009-09-12 01:30:52 ----A---- C:\WINDOWS\system32\msvideo.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvidc32.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcp50.dll
2009-09-12 01:30:51 ----A---- C:\WINDOWS\system32\msvcirt.dll
2009-09-12 01:30:51 -------- C:\WINDOWS\system32\msvcrt.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-12 01:30:50 ----A---- C:\WINDOWS\system32\msutb.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-12 01:30:49 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msswchx.exe
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msswch.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssip32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssign32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\mssap.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-09-12 01:30:48 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msratelc.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msprivs.dll
2009-09-12 01:30:47 ----A---- C:\WINDOWS\system32\msports.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspatcha.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msorc32r.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-09-12 01:30:46 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-12 01:30:45 ----A---- C:\WINDOWS\system32\msobjs.dll
2009-09-12 01:30:43 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-09-12 01:30:39 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msls31.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjter40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjint40.dll
2009-09-12 01:30:30 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msisip.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimsg.dll
2009-09-12 01:30:29 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msidntld.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msidle.dll
2009-09-12 01:30:28 ----A---- C:\WINDOWS\system32\msident.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\msi.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-09-12 01:30:27 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-12 01:30:26 ----A---- C:\WINDOWS\system32\mshta.exe
2009-09-12 01:30:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-09-12 01:30:26 -------- C:\WINDOWS\system32\mshtml.dll
2009-09-12 01:30:26 -------- C:\WINDOWS\system32\msgsvc.dll
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msgina.dll
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msg.exe
2009-09-12 01:30:25 ----A---- C:\WINDOWS\system32\msftedit.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msencode.dll
2009-09-12 01:30:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\system32\msdart.dll
2009-09-12 01:30:23 ----A---- C:\WINDOWS\msdfmap.ini
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msdadiag.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msctf.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscms.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\mscat32.dll
2009-09-12 01:30:22 ----A---- C:\WINDOWS\system32\msaudite.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msapsspc.dll
2009-09-12 01:30:21 ----A---- C:\WINDOWS\system32\msafd.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msacm32.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msacm.dll
2009-09-12 01:30:20 ----A---- C:\WINDOWS\system32\msaatext.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mrinfo.exe
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprui.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprmsg.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprdim.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprddm.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mprapi.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mpr.dll
2009-09-12 01:30:18 ----A---- C:\WINDOWS\system32\mpnotify.exe
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2009-09-12 01:30:17 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\mountvol.exe
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\moricons.dll
2009-09-12 01:30:15 ----A---- C:\WINDOWS\system32\more.com
2009-09-12 01:30:14 ----A---- C:\WINDOWS\system32\modex.dll
2009-09-12 01:30:14 ----A---- C:\WINDOWS\system32\modemui.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mode.com
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mobsync.exe
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mmutilse.dll
2009-09-12 01:30:13 ----A---- C:\WINDOWS\system32\mmsystem.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmdrv.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcshext.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-09-12 01:30:12 ----A---- C:\WINDOWS\system32\mmcbase.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mmc.exe
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_qic.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mll_hp.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mlang.dll
2009-09-12 01:30:11 ----A---- C:\WINDOWS\system32\mimefilt.dll
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\miglibnt.dll
2009-09-12 01:30:10 ----A---- C:\WINDOWS\system32\midimap.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2009-09-12 01:30:09 ----A---- C:\WINDOWS\system32\mfc42u.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mfc42.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mfc40.dll
2009-09-12 01:30:08 ----A---- C:\WINDOWS\system32\mf3216.dll
2009-09-12 01:30:08 -------- C:\WINDOWS\system32\mfc40u.dll
2009-09-12 01:30:06 ----A---- C:\WINDOWS\system32\mem.exe
2009-09-12 01:30:05 ----A---- C:\WINDOWS\system32\mdminst.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mdhcp.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciwave.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciseq.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciole32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciole16.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcicda.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mciavi32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcd32.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mcastmib.dll
2009-09-12 01:30:03 ----A---- C:\WINDOWS\system32\mapistub.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\makecab.exe
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\magnify.exe
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\mag_hook.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lzexpand.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lz32.dll
2009-09-12 01:30:02 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2009-09-12 01:30:01 -------- C:\WINDOWS\system32\lsass.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lprmonui.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lprhelp.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lpr.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lpq.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logonui.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logoff.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logman.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loghours.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\logagent.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lodctr.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\locator.exe
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localui.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localspl.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\localsec.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loadperf.dll
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\loadfix.com
2009-09-12 01:30:00 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-09-12 01:30:00 -------- C:\WINDOWS\system32\lpk.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\lights.exe
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-09-12 01:29:59 ----A---- C:\WINDOWS\system32\licdll.dll
2009-09-12 01:29:59 -------- C:\WINDOWS\system32\linkinfo.dll
2009-09-12 01:29:58 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2009-09-12 01:29:58 ----A---- C:\WINDOWS\system32\langwrbk.dll
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\label.exe
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\krnl386.exe
2009-09-12 01:28:33 ----A---- C:\WINDOWS\system32\keymgr.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kdcom.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdycc.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbduzb.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusx.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusr.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdusl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdus.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdur.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdukx.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbduk.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdtat.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsw.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsp.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsg.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdsf.dll
2009-09-12 01:28:32 ----A---- C:\WINDOWS\system32\kbdru1.dll
2009-09-12 01:28:32 -------- C:\WINDOWS\system32\kernel32.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdru.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpo.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdno1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdno.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdnec.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdne.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmon.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdmac.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlv.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdlt.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdla.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdit142.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdit.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdir.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinben.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdic.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhept.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdhe.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdgae.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfr.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfo.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfi.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdfc.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdest.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdes.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbddv.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdda.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-12 01:28:31 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdcan.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdca.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbu.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdblr.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbene.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdbe.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdazel.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kbdaze.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\kb16.com
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\jscript.dll
2009-09-12 01:28:30 ----A---- C:\WINDOWS\system32\jobexec.dll
2009-09-12 01:28:30 -------- C:\WINDOWS\system32\jsproxy.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\jet500.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\itss.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\itircl.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\isign32.dll
2009-09-12 01:28:29 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir50_32.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ir32_32.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxwan.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxsap.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxroute.exe
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxrip.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-09-12 01:28:28 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipsec6.exe
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprtprio.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\iprop.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-09-12 01:28:27 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\ipmontr.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-09-12 01:28:26 ----A---- C:\WINDOWS\system32\iologmsg.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\input.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\initpki.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\infosoft.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetres.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetppui.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetpp.dll
2009-09-12 01:28:25 ----A---- C:\WINDOWS\system32\inetmib1.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcplc.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-09-12 01:28:24 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imapi.exe
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ifsutil.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\ifmon.dll
2009-09-12 01:28:23 ----A---- C:\WINDOWS\system32\iexpress.exe
2009-09-12 01:28:23 -------- C:\WINDOWS\system32\imm32.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-09-12 01:28:22 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-09-12 01:28:22 -------- C:\WINDOWS\system32\iedkcs32.dll
2009-09-12 01:28:22 -------- C:\WINDOWS\system32\ie4uinit.exe
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\idq.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icmui.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icmp.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icm32.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iccvid.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iassvcs.dll
2009-09-12 01:28:21 ----A---- C:\WINDOWS\system32\iassdo.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iassam.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasrecst.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasrad.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasnap.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iashlpr.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasads.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\iasacct.dll
2009-09-12 01:28:20 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\htui.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-09-12 01:28:19 ----A---- C:\WINDOWS\system32\hticons.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hotplug.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hostname.exe
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetmon.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-09-12 01:28:17 ----A---- C:\WINDOWS\system32\hlink.dll
2009-09-12 01:28:15 ----A---- C:\WINDOWS\system32\hhsetup.dll
2009-09-12 01:28:15 ----A---- C:\WINDOWS\hh.exe
2009-09-12 01:28:14 ----A---- C:\WINDOWS\system32\help.exe
2009-09-12 01:28:14 ----A---- C:\WINDOWS\system32\hccoin.dll
2009-09-12 01:28:13 ----A---- C:\WINDOWS\system32\h323msp.dll
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\grpconv.exe
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\graphics.com
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\graftabl.com
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2009-09-12 01:28:12 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2009-09-12 01:28:09 ----A---- C:\WINDOWS\system32\glu32.dll
2009-09-12 01:28:09 ----A---- C:\WINDOWS\system32\glmf32.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\getuname.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gdi32.dll
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gdi.exe
2009-09-12 01:28:08 ----A---- C:\WINDOWS\system32\gcdef.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fwcfg.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\ftsrch.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\ftp.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsutil.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsusd.dll
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsquirt.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\freecell.exe
2009-09-12 01:28:06 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\format.com
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\forcedos.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontview.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fontext.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fmifs.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-09-12 01:28:04 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\fixmapi.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\finger.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\findstr.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\find.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\filemgmt.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\feclient.dll
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\fc.exe
2009-09-12 01:28:03 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-09-12 01:28:02 ----N---- C:\WINDOWS\explorer.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\fastopen.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\exts.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\extrac32.exe
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-09-12 01:28:02 ----A---- C:\WINDOWS\system32\expand.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\exe2bin.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventvwr.msc
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventvwr.exe
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eventcls.dll
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eula.txt
2009-09-12 01:28:00 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-09-12 01:28:00 -------- C:\WINDOWS\system32\eventlog.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentutl.exe
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentprf.ini
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esentprf.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esent97.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\esent.dll
2009-09-12 01:27:59 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-09-12 01:27:59 -------- C:\WINDOWS\system32\es.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\encdec.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\encapi.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\els.dll
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\edlin.exe
2009-09-12 01:27:58 ----A---- C:\WINDOWS\system32\edit.com
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-12 01:27:57 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-09-12 01:27:56 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-09-12 01:27:56 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\duser.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dswave.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsuiext.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dssec.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsprpres.dll
2009-09-12 01:27:55 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsound.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dskquoui.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dskquota.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\dsauth.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2009-09-12 01:27:54 ----A---- C:\WINDOWS\system32\drwatson.exe
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drprov.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-09-12 01:27:53 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpwsock.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpserial.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dplay.dll
2009-09-12 01:27:03 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dosx.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\doskey.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\docprop.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmserver.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmremote.exe
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmocx.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmintf.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmime.dll
2009-09-12 01:27:02 ----A---- C:\WINDOWS\system32\dmdskres.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmconfig.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmband.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dmadmin.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dllhost.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\dispex.dll
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskperf.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskpart.exe
2009-09-12 01:27:01 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcopy.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcopy.com
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\diskcomp.com
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dinput.dll
2009-09-12 01:27:00 ----A---- C:\WINDOWS\system32\dimap.dll
2009-09-12 01:26:59 ----A---- C:\WINDOWS\system32\digest.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\diantz.exe
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\diactfrm.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-09-12 01:26:58 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgres.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\dfrg.msc
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devmgmt.msc
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\devenum.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskperf.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskmon.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\deskadp.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\defrag.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\debug.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddeshare.exe
2009-09-12 01:26:57 ----A---- C:\WINDOWS\system32\ddeml.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dciman32.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-09-12 01:26:56 ----A---- C:\WINDOWS\system32\dbghelp.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\dbgeng.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\davclnt.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\datime.dll
2009-09-12 01:26:55 ----A---- C:\WINDOWS\system32\dataclen.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\danim.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dxof.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3drm.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-09-12 01:26:54 ----A---- C:\WINDOWS\system32\d3dim.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-09-12 01:26:53 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\ctl3dv2.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csseqchk.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csrss.exe
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscui.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscript.exe
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cscdll.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptnet.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptext.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptdll.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-09-12 01:26:50 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-09-12 01:26:50 -------- C:\WINDOWS\system32\ctfmon.exe
2009-09-12 01:26:50 -------- C:\WINDOWS\system32\cryptsvc.dll
2009-09-12 01:26:49 ----A---- C:\WINDOWS\system32\crtdll.dll
2009-09-12 01:26:49 ----A---- C:\WINDOWS\system32\credui.dll
2009-09-12 01:26:48 ----A---- C:\WINDOWS\system32\corpol.dll
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\convert.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\control.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\console.dll
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\conime.exe
2009-09-12 01:26:47 ----A---- C:\WINDOWS\system32\confmsp.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comuid.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comres.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compstui.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compobj.dll
2009-09-12 01:26:46 ----A---- C:\WINDOWS\system32\compmgmt.msc
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\compatui.dll
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\compact.exe
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\comp.exe
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\commdlg.dll
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\command.com
2009-09-12 01:26:37 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\comcat.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\colbact.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cnvfat.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmutil.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmstp.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmmon32.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-09-12 01:26:36 ----A---- C:\WINDOWS\system32\cmd.exe
2009-09-12 01:26:36 -------- C:\WINDOWS\system32\comctl32.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\shellstyle.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clipsrv.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cliconfg.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cliconfg.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\clb.dll
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\ckcnv.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\cisvc.exe
2009-09-12 01:26:35 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\cidaemon.exe
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\cic.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\ciadv.msc
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\ciadmin.dll
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\chkntfs.exe
2009-09-12 01:26:34 ----A---- C:\WINDOWS\system32\chkdsk.exe
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\chcp.com
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\charmap.exe
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certmgr.msc
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certmgr.dll
2009-09-12 01:26:33 ----A---- C:\WINDOWS\system32\certcli.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdosys.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdm.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cdfview.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\cards.dll
2009-09-12 01:26:32 ----A---- C:\WINDOWS\system32\capesnpn.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\camocx.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\calc.exe
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cacls.exe
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cabview.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\cabinet.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\btpanui.dll
2009-09-12 01:26:31 ----A---- C:\WINDOWS\system32\bthserv.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\bthci.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browseui.dll
2009-09-12 01:26:30 ----A---- C:\WINDOWS\system32\browselc.dll
2009-09-12 01:26:30 -------- C:\WINDOWS\system32\browser.dll
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootvid.dll
2009-09-12 01:26:29 ----A---- C:\WINDOWS\system32\bootok.exe
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\blastcln.exe
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\blackbox.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-12 01:26:28 ----A---- C:\WINDOWS\system32\bidispl.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\batmeter.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\basesrv.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\avwav.dll
2009-09-12 01:26:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avifile.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avicap32.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\avicap.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autofmt.exe
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autodisc.dll
2009-09-12 01:26:26 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\autochk.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\authz.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\auditusr.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\attrib.exe
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atrace.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2009-09-12 01:26:25 ----A---- C:\WINDOWS\system32\atmlib.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atmfd.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atmadm.exe
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atl.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\atkctrs.dll
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\at.exe
2009-09-12 01:26:24 ----A---- C:\WINDOWS\system32\asycfilt.dll
2009-09-12 01:26:14 ----A---- C:\WINDOWS\system32\asferror.dll
2009-09-12 01:26:11 ----A---- C:\WINDOWS\system32\arp.exe
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\append.exe
2009-09-12 01:26:10 ----A---- C:\WINDOWS\system32\apcups.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\amstream.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\alrsvc.dll
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\alg.exe
2009-09-12 01:26:09 ----A---- C:\WINDOWS\system32\ahui.exe
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\advpack.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-09-12 01:26:08 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\adptif.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\admparse.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\actxprxy.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\actmovie.exe
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\activeds.dll
2009-09-12 01:26:07 ----A---- C:\WINDOWS\system32\aclui.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\acledit.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\acctres.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\aaaamon.dll
2009-09-12 01:26:06 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-09-12 01:26:05 ----D---- C:\WINDOWS\I386
2009-09-12 01:08:10 ----RD---- C:\Program Files
2009-09-12 01:05:32 ----RD---- C:\WINDOWS\Offline Web Pages
2009-09-12 01:05:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-12 01:03:57 ----D---- C:\WINDOWS\CACHE
2009-08-17 02:04:24 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-08-17 02:04:08 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-08-17 02:03:44 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-08-17 02:03:38 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-08-17 02:03:28 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-08-17 02:03:28 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-08-17 02:03:22 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-08-17 02:03:02 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-08-17 02:03:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-08-17 02:02:52 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-08-14 12:36:18 ----A---- C:\WINDOWS\system32\PhysXLoader.dll

======List of files/folders modified in the last 3 months======

2009-11-03 12:06:06 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-03 06:00:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-02 17:06:11 ----D---- C:\WINDOWS
2009-11-02 17:04:32 ----N---- C:\WINDOWS\system.ini
2009-11-02 17:01:56 ----D---- C:\WINDOWS\system32\drivers
2009-11-02 17:01:56 ----D---- C:\WINDOWS\system32
2009-11-02 17:01:56 ----D---- C:\WINDOWS\AppPatch
2009-11-02 17:01:54 ----D---- C:\Program Files\Common Files
2009-11-01 05:44:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-01 05:41:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-31 23:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-31 23:37:04 ----SHD---- C:\WINDOWS\Installer
2009-10-31 23:37:03 ----D---- C:\Program Files\Adobe
2009-10-28 22:19:48 ----HD---- C:\WINDOWS\inf
2009-10-28 22:19:36 ----RSD---- C:\WINDOWS\Fonts
2009-10-28 21:47:39 ----D---- C:\WINDOWS\WinSxS
2009-10-23 18:56:21 ----D---- C:\Program Files\Messenger
2009-10-23 18:29:11 ----RASH---- C:\boot.ini
2009-10-23 17:52:48 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-10-22 21:09:54 ----D---- C:\Program Files\Internet Explorer
2009-10-22 21:09:53 ----D---- C:\WINDOWS\system32\wbem
2009-10-22 21:00:14 ----A---- C:\WINDOWS\imsins.BAK
2009-10-22 20:49:50 ----D---- C:\Program Files\Outlook Express
2009-10-22 17:31:17 ----SD---- C:\WINDOWS\Tasks
2009-10-16 00:15:46 ----D---- C:\Documents and Settings
2009-10-12 22:06:16 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-28 19:50:32 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-24 23:40:21 ----N---- C:\WINDOWS\win.ini
2009-09-24 23:39:57 ----D---- C:\Program Files\Windows Media Player
2009-09-24 23:39:54 ----D---- C:\WINDOWS\Help
2009-09-18 05:45:14 ----D---- C:\WINDOWS\Drivers
2009-09-17 22:05:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-17 21:55:02 ----A---- C:\autoexec.bat
2009-09-17 14:51:40 ----D---- C:\WINDOWS\Media
2009-09-15 23:08:07 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-12 19:04:23 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-12 19:03:27 ----A---- C:\WINDOWS\setuplog.txt
2009-09-12 19:02:52 ----D---- C:\WINDOWS\system32\Setup
2009-09-12 19:01:44 ----D---- C:\WINDOWS\security
2009-09-12 18:46:09 ----D---- C:\WINDOWS\ime
2009-09-12 18:45:49 ----D---- C:\WINDOWS\system32\usmt
2009-09-12 18:45:46 ----D---- C:\WINDOWS\PeerNet
2009-09-12 18:45:46 ----D---- C:\Program Files\Movie Maker
2009-09-12 18:39:36 ----D---- C:\WINDOWS\system32\Restore
2009-09-12 18:39:35 ----D---- C:\WINDOWS\system32\npp
2009-09-12 18:39:33 ----D---- C:\WINDOWS\msagent
2009-09-12 18:39:29 ----D---- C:\WINDOWS\srchasst
2009-09-12 18:39:28 ----D---- C:\Program Files\NetMeeting
2009-09-12 18:39:25 ----D---- C:\WINDOWS\system32\Com
2009-09-12 18:39:19 ----D---- C:\Program Files\Windows NT
2009-09-12 18:39:12 ----D---- C:\Program Files\Common Files\System
2009-09-12 18:38:45 ----D---- C:\WINDOWS\system32\oobe
2009-09-12 18:38:37 ----D---- C:\WINDOWS\system
2009-09-12 17:58:19 ----D---- C:\WINDOWS\Debug
2009-09-12 17:55:04 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-12 17:35:24 ----D---- C:\WINDOWS\twain_32
2009-09-12 16:10:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-12 15:36:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-09-12 15:35:31 ----D---- C:\Program Files\Microsoft Office
2009-09-12 15:35:25 ----D---- C:\WINDOWS\msapps
2009-09-12 15:35:25 ----D---- C:\Program Files\microsoft frontpage
2009-09-12 02:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-09-12 02:43:31 ----D---- C:\Program Files\BigFix
2009-09-12 02:42:15 ----D---- C:\Program Files\Symantec
2009-09-12 02:42:07 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-09-12 01:52:07 ----D---- C:\WINDOWS\system32\config
2009-09-12 01:51:13 ----D---- C:\WINDOWS\Registration
2009-09-12 01:43:28 ----D---- C:\WINDOWS\repair
2009-09-12 01:40:54 ----D---- C:\Program Files\Common Files\Services
2009-09-12 01:37:10 ----D---- C:\WINDOWS\system32\ras
2009-09-12 01:36:35 ----D---- C:\WINDOWS\system32\icsxml
2009-09-12 01:36:34 ----D---- C:\WINDOWS\system32\ias
2009-09-12 01:34:18 ----D---- C:\WINDOWS\system32\1033
2009-09-12 01:34:06 ----RD---- C:\WINDOWS\Web
2009-09-12 01:33:44 ----D---- C:\WINDOWS\Cursors
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-08-29 03:08:18 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-08-29 03:08:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-08-16 23:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-08-04 10:13:08 -------- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 09:20:09 -------- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-10-22 89872]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2004-09-10 8552]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-10-22 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-10-22 225808]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-10-22 1223832]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-07-07 2185408]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-09-10 28352]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-16 7729568]
R3 PPJoyBus;Parallel Port Joystick Bus device driver; C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 13952]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-18 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-06-18 220032]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-06-06 730653]
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 SunkFilt39;Alcor Micro Corp - 3239; \??\C:\WINDOWS\System32\Drivers\sunkfilt39.sys []
S3 Sunkfiltp;HP && Alcor Micro Corp for Phison; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys []
S3 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
S3 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-18 685056]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-26 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-10-22 715368]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-12 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-10-22 345352]
S3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-10-22 689416]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users