Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spydoctor


  • Please log in to reply
22 replies to this topic

#1 jerichosmvp

jerichosmvp

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 29 June 2006 - 12:51 AM

Hi there (again),

After doing a backup on the computer and before downloading all the anti-spyware programs my lovely brother took it upon himself to start surfin' the net. Pretty quick, we've got spyware! Anywho, I do have some programs (S&D and Adaware), but this is still showin' up. Here's the HJT log.



Logfile of HijackThis v1.99.1
Scan saved at 11:48:11 PM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {f998ffd5-5876-4369-b33c-1a8477522473} - C:\WINDOWS\system32\dbgsam.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ca\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/229?465577e15750498e8d67fa9b9abb52e
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/230?465577e15750498e8d67fa9b9abb52e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1149122810218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149172016687
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: dbgsam - C:\WINDOWS\SYSTEM32\dbgsam.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

BC AdBot (Login to Remove)

 


#2 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 02 July 2006 - 06:06 AM

Hi jerichosmvp and Welcome to the Bleeping Computer!


First download ewido anti-spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run ewido and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:
  • Lauch ewido-anti-spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • ewido will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close ewido and reboot your system back into Normal Mode and post the results of the ewido report scan along with a fresh HijackThis log.


#3 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 02 July 2006 - 05:15 PM

Hi there :thumbsup:

Did as you instructed, except when I clicked on the Reports icon, it said there were no reports available.

Here's the new HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 4:13:17 PM, on 7/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {f998ffd5-5876-4369-b33c-1a8477522473} - C:\WINDOWS\system32\dbgsam.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ca\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/229?465577e15750498e8d67fa9b9abb52e
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/230?465577e15750498e8d67fa9b9abb52e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1149122810218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149172016687
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: dbgsam - dbgsam.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#4 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 02 July 2006 - 05:49 PM

Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yet

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: (no name) - {f998ffd5-5876-4369-b33c-1a8477522473} - C:\WINDOWS\system32\dbgsam.dll (file missing)

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O20 - Winlogon Notify: dbgsam - dbgsam.dll (file missing)

Now Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button


Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!
  • Follow the Instruction on the F-Secure page for proper installation.
  • Accept the License Agreement.
  • Once the ActiveX installs,Click Full System Scan
  • Once the download completes,the scan will begin automatically.
  • The scan will take some time to finish,so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and Copy&Paste the entire report in your next reply along with a fresh HijackThis log.

Edited by Cretemonster, 02 July 2006 - 05:49 PM.


#5 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 04 July 2006 - 08:16 AM

Hey there

Diong the scan works just great, but after I click the Automatic Cleaning button, it'll start to clean...and then it just stops and freezes. :thumbsup:

#6 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 04 July 2006 - 09:32 AM

OK,that tends to happen sometimes.

Go ahead and post a fresh HijackThis log.

#7 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 04 July 2006 - 08:00 PM

Logfile of HijackThis v1.99.1
Scan saved at 6:59:31 PM, on 7/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\eMachines Bay Reader\shwiconem.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ca\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/229?465577e15750498e8d67fa9b9abb52e
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-ca\msntabres.dll/230?465577e15750498e8d67fa9b9abb52e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1149122810218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1149172016687
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#8 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 04 July 2006 - 08:30 PM

Lets try another Online Scan and see if we have better luck.

Panda Active Scan

#9 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 05 July 2006 - 09:50 PM

Just to make sure, I select the My Computer option for the scan, correct?

#10 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 05 July 2006 - 10:37 PM

Yes,thats correct.

#11 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 05 July 2006 - 11:01 PM

Here's the report:


Incident Status Location

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.advertising.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.bfast.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Dani\Application Data\Mozilla\Firefox\Profiles\puygrl3w.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Dani\Cookies\dani@247realmedia[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Dani\Cookies\dani@ad.yieldmanager[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Dani\Cookies\dani@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Dani\Cookies\dani@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Dani\Cookies\dani@atdmt[2].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Dani\Cookies\dani@bfast[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Dani\Cookies\dani@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Dani\Cookies\dani@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Dani\Cookies\dani@doubleclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Dani\Cookies\dani@ehg-dig.hitbox[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Dani\Cookies\dani@fastclick[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Dani\Cookies\dani@go[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Dani\Cookies\dani@hitbox[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Dani\Cookies\dani@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Dani\Cookies\dani@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Dani\Cookies\dani@realmedia[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Dani\Cookies\dani@rn11[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Dani\Cookies\dani@statcounter[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Dani\Cookies\dani@targetnet[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Dani\Cookies\dani@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Dani\Cookies\dani@www.burstbeacon[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Joan\Cookies\joan@realmedia[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Mac\Cookies\mac@adultfriendfinder[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Mac\Cookies\mac@realmedia[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Mac\Cookies\mac@rn11[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@atdmt[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@casalemedia[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@fastclick[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@realmedia[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@targetnet[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@tribalfusion[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Mac T\Cookies\mac t@www.burstbeacon[1].txt
Spyware:Cookie/Go Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Dani\Cookies\dani@go[2].txt
Spyware:Cookie/Atwola Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@atwola[2].txt
Spyware:Cookie/bravenetA Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@bravenet[2].txt
Spyware:Cookie/GoStats Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@c2.gostats[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@cgi-bin[1].txt
Spyware:Cookie/Go Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@go[1].txt
Spyware:Cookie/Go Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@go[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@realmedia[1].txt
Spyware:Cookie/Seeq Not disinfected C:\My Backup -- 06-05-31 0746AM\My old Documents and Settings\Danielle\Cookies\danielle@www48.seeq[1].txt

#12 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 06 July 2006 - 05:43 AM

The log got cut off.

Is there anything past these--> Spyware:Cookie

#13 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 06 July 2006 - 10:16 PM

Nope, it's all cookies.

#14 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 07 July 2006 - 06:36 AM

Download ComboFix to your desktop.
Doubleclick combo.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished and after reboot, it should open a log, combofix.txt.

Post the contents of combofix.txt into the next reply.

Edited by Cretemonster, 07 July 2006 - 06:37 AM.


#15 jerichosmvp

jerichosmvp
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 08 July 2006 - 12:17 AM

Start Time= Fri 07/07/2006 23:13:38.44
Running from: C:\Documents and Settings\Dani\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-07-07 01:45:52 ( .D... ) "C:\Program Files\CCP"
2006-07-02 10:20:04 ( .D... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-07-01 16:58:22 ( .D... ) "C:\Program Files\InterVideo"
2006-07-01 16:55:52 ( .D... ) "C:\Program Files\Common Files\Ulead Systems"
2006-07-01 16:13:48 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Ahead"
2006-06-30 00:12:22 ( .D... ) "C:\Program Files\QuickTime"
2006-06-30 00:10:00 ( .D... ) "C:\Program Files\iTunes"
2006-06-28 23:47:44 ( .D... ) "C:\Program Files\HijackThis"
2006-06-28 23:03:44 ( .D... ) "C:\Program Files\CCleaner"
2006-06-22 21:31:46 ( .D... ) "C:\Program Files\WinZip"
2006-06-22 20:32:34 2756933 ( A.... ) "C:\WINDOWS\system32\Get Electric - Round 4.scr"
2006-06-19 00:42:02 ( .D... ) "C:\Program Files\Activision"
2006-06-17 14:46:38 ( .D... ) "C:\Program Files\Windows Journal Viewer"
2006-06-15 19:21:52 ( .D... ) "C:\Program Files\Mozilla Firefox"
2006-06-15 19:21:52 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Mozilla"
2006-06-14 23:29:02 ( .D... ) "C:\Program Files\WM Recorder 10.2"
2006-06-14 23:28:56 737280 ( A.... ) "C:\WINDOWS\iun6002.exe"
2006-06-14 23:20:58 ( .D... ) "C:\Program Files\CoCSoft Stream Down"
2006-06-10 10:00:52 ( .D... ) "C:\Program Files\Lavasoft"
2006-06-08 20:59:12 58952 ( A.... ) "C:\WINDOWS\system32\MsgPlusLoader.dll"
2006-06-08 20:59:08 ( .D... ) "C:\Program Files\MessengerPlus! 3"
2006-06-08 19:19:50 5967776 ( A.... ) "C:\WINDOWS\system32\MRT.exe"
2006-06-08 18:42:50 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-06-08 18:26:54 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Lavasoft"
2006-06-03 16:43:50 ( .D... ) "C:\Program Files\EOHC"
2006-06-03 16:43:48 14672728 ( A.... ) "C:\WINDOWS\system32\Get Electric - Round 1-3 Compilation.scr"
2006-06-03 10:30:42 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Template"
2006-06-03 10:08:28 ( .D... ) "C:\Documents and Settings\Dani\Application Data\LimeWire"
2006-06-03 10:05:54 ( .D... ) "C:\Program Files\LimeWire"
2006-06-03 09:05:12 ( .D... ) "C:\Program Files\Common Files\xing shared"
2006-06-03 09:05:04 176167 ( A.... ) "C:\WINDOWS\system32\rmoc3260.dll"
2006-06-03 09:04:52 6656 ( A.... ) "C:\WINDOWS\system32\pndx5016.dll"
2006-06-03 09:04:52 5632 ( A.... ) "C:\WINDOWS\system32\pndx5032.dll"
2006-06-03 09:04:50 278528 ( A.... ) "C:\WINDOWS\system32\pncrt.dll"
2006-06-03 09:04:28 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Real"
2006-06-03 00:28:08 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Jasc"
2006-06-03 00:24:42 ( .D... ) "C:\Program Files\Fx MPEG Writer"
2006-06-03 00:01:12 ( .D... ) "C:\Program Files\Zone Labs"
2006-06-01 19:22:24 47564 ( A.SHR ) "C:\NTDETECT.COM"
2006-06-01 12:47:08 163840 ( A.... ) "C:\WINDOWS\system32\jgdw400.dll"
2006-06-01 12:47:08 27648 ( A.... ) "C:\WINDOWS\system32\jgpl400.dll"
2006-05-31 19:54:14 ( .D... ) "C:\Program Files\ABBYY FineReader 5.0 Sprint"
2006-05-31 19:50:44 ( .D... ) "C:\Program Files\Lexmark 2200 Series"
2006-05-31 19:25:34 ( .D... ) "C:\Documents and Settings\Dani\Application Data\AdobeUM"
2006-05-31 19:25:28 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Adobe"
2006-05-31 19:25:24 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-05-31 19:24:48 ( .D... ) "C:\Program Files\WinTV"
2006-05-31 19:22:32 ( .D... ) "C:\Program Files\SymNetDrv"
2006-05-31 19:13:24 ( .D... ) "C:\Program Files\Norton AntiVirus"
2006-05-31 19:07:04 ( .D... ) "C:\Program Files\MsnMusic"
2006-05-31 18:53:34 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Apple Computer"
2006-05-31 18:36:26 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Macromedia"
2006-05-31 18:35:10 ( .D... ) "C:\Program Files\MSN Toolbar Suite"
2006-05-31 18:30:28 ( .D... ) "C:\Program Files\MSN Apps"
2006-05-31 18:29:18 ( .D... ) "C:\Program Files\MSN Messenger"
2006-05-31 18:26:12 ( .DS.. ) "C:\Documents and Settings\Dani\Application Data\Microsoft"
2006-05-31 18:26:12 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Symantec"
2006-05-31 18:26:12 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Sun"
2006-05-31 18:26:12 ( .D... ) "C:\Documents and Settings\Dani\Application Data\Identities"
2006-05-31 18:26:12 ( .D... ) "C:\Documents and Settings\Dani\Application Data\CyberLink"
2006-05-29 09:30:34 1494016 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll"
2006-05-23 17:26:00 579888 ( A.... ) "C:\WINDOWS\system32\LegitCheckControl.dll"
2006-05-23 17:25:52 402736 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll"
2006-05-23 17:25:52 285488 ( ..... ) "C:\WINDOWS\system32\WgaTray.exe"
2006-05-19 09:08:32 3052544 ( A.... ) "C:\WINDOWS\system32\mshtml.dll"
2006-05-17 23:24:26 450560 ( A.... ) "C:\WINDOWS\system32\jscript.dll"
2006-05-15 18:24:34 466944 ( A.... ) "C:\WINDOWS\system32\capicom.dll"
2006-05-14 02:44:08 181248 ( A.... ) "C:\WINDOWS\system32\rasmans.dll"
2006-05-11 02:23:24 24576 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll"
2006-05-09 23:23:04 658432 ( A.... ) "C:\WINDOWS\system32\wininet.dll"
2006-05-09 23:23:02 613888 ( A.... ) "C:\WINDOWS\system32\urlmon.dll"
2006-05-09 23:23:02 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll"
2006-05-09 23:23:02 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll"
2006-05-09 23:23:02 448512 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll"
2006-05-09 23:23:02 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll"
2006-05-09 23:23:02 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll"
2006-05-09 23:23:00 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll"
2006-05-09 23:23:00 1022976 ( A.... ) "C:\WINDOWS\system32\browseui.dll"
2006-05-09 23:23:00 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll"
2006-05-09 23:23:00 251392 ( A.... ) "C:\WINDOWS\system32\iepeers.dll"
2006-05-09 23:23:00 205312 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll"
2006-05-09 23:23:00 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll"
2006-05-09 23:23:00 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll"
2006-05-09 23:23:00 55808 ( ..... ) "C:\WINDOWS\system32\extmgr.dll"
2006-05-09 23:23:00 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll"
2006-04-29 06:07:48 5533696 ( A.... ) "C:\WINDOWS\system32\wmp.dll"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-07-05 20:26 73,728 C:\WINDOWS\system32\asuninst.exe
2006-07-05 20:26 11,776 C:\WINDOWS\system32\ZPORT4AS.dll
2006-07-04 22:03 69,632 C:\WINDOWS\system32\lfgif13n.dll
2006-07-04 22:03 57,344 C:\WINDOWS\system32\lfbmp13n.dll
2006-07-04 22:03 55,808 C:\WINDOWS\system32\lfpsd13n.dll
2006-07-04 22:03 462,848 C:\WINDOWS\system32\ltkrn13n.dll
2006-07-04 22:03 450,560 C:\WINDOWS\system32\ltimg13n.dll
2006-07-04 22:03 401,408 C:\WINDOWS\system32\lfcmp13n.dll
2006-07-04 22:03 299,008 C:\WINDOWS\system32\ltdis13n.dll
2006-07-04 22:03 206,336 C:\WINDOWS\system32\ltefx13n.dll
2006-07-04 22:03 163,840 C:\WINDOWS\system32\ltfil13n.dll
2006-07-02 16:03 469,291,008 C:\hiberfil.sys
2006-07-01 16:58 204,800 C:\WINDOWS\system32\IVIresizeW7.dll
2006-07-01 16:58 200,704 C:\WINDOWS\system32\IVIresizeA6.dll
2006-07-01 16:58 20,480 C:\WINDOWS\system32\IVIresize.dll
2006-07-01 16:58 192,512 C:\WINDOWS\system32\IVIresizeP6.dll
2006-07-01 16:58 192,512 C:\WINDOWS\system32\IVIresizeM6.dll
2006-07-01 16:58 188,416 C:\WINDOWS\system32\IVIresizePX.dll
2006-06-22 20:32 2,756,933 C:\WINDOWS\system32\Get
2006-06-14 23:29 737,280 C:\WINDOWS\iun6002.exe
2006-06-08 22:12 58,952 C:\WINDOWS\system32\MsgPlusLoader.dll
2006-06-03 16:43 14,672,728 C:\WINDOWS\system32\Get
2006-06-03 16:23 303,104 C:\WINDOWS\system32\rmparser.dll
2006-06-03 16:23 1,003,520 C:\WINDOWS\system32\ltmm_n.dll
2006-06-03 10:07 49,250 C:\WINDOWS\system32\javaw.exe
2006-06-03 10:07 49,248 C:\WINDOWS\system32\java.exe
2006-06-03 10:07 127,078 C:\WINDOWS\system32\javaws.exe
2006-06-03 00:24 46,592 C:\WINDOWS\system32\buyb12ex.dll
2006-06-03 00:24 368,912 C:\WINDOWS\system32\vbar332.dll
2006-06-03 00:24 363,008 C:\WINDOWS\system32\BUYB12.dll
2006-06-03 00:24 27,136 C:\WINDOWS\system32\Dbgwproc.dll
2006-06-03 00:01 79,640 C:\WINDOWS\system32\zlcomm.dll
2006-06-03 00:01 71,448 C:\WINDOWS\system32\zlcommdb.dll
2006-06-03 00:01 71,448 C:\WINDOWS\system32\vsregexp.dll
2006-06-03 00:01 372,824 C:\WINDOWS\system32\vsdatant.sys
2006-06-03 00:01 227,096 C:\WINDOWS\system32\vspubapi.dll
2006-06-03 00:01 104,216 C:\WINDOWS\system32\vsmonapi.dll
2006-06-03 00:01 100,120 C:\WINDOWS\system32\vsxml.dll
2006-06-03 00:00 83,736 C:\WINDOWS\system32\vsdata.dll
2006-06-03 00:00 382,744 C:\WINDOWS\system32\vsutil.dll
2006-06-03 00:00 141,080 C:\WINDOWS\system32\vsinit.dll
2006-06-01 21:38 127,208 C:\WINDOWS\system32\mucltui.dll
2006-06-01 08:49 11,776 C:\WINDOWS\system32\spnpinst.exe
2006-06-01 08:18 5,967,776 C:\WINDOWS\system32\MRT.exe
2006-05-31 19:51 90,112 C:\WINDOWS\system32\LXBVCUR.DLL
2006-05-31 19:51 87,040 C:\WINDOWS\system32\wiafbdrv.dll
2006-05-31 19:51 73,728 C:\WINDOWS\system32\lxbvpwr.dll
2006-05-31 19:51 69,632 C:\WINDOWS\system32\LXBVCU.DLL
2006-05-31 19:51 40,960 C:\WINDOWS\system32\lxbvvs.dll
2006-05-31 19:51 40,960 C:\WINDOWS\system32\INSTMON.EXE
2006-05-31 19:51 311,296 C:\WINDOWS\system32\LEXBCES.EXE
2006-05-31 19:51 201,216 C:\WINDOWS\system32\LEXP2P32.DLL
2006-05-31 19:51 200,704 C:\WINDOWS\system32\lexlmpm.dll
2006-05-31 19:51 197,120 C:\WINDOWS\system32\LEX2KUSB.DLL
2006-05-31 19:51 174,592 C:\WINDOWS\system32\LEXPPS.EXE
2006-05-31 19:51 155,648 C:\WINDOWS\system32\LEXPING.EXE
2006-05-31 19:51 147,456 C:\WINDOWS\system32\LEXBCE.DLL
2006-05-31 19:50 983,107 C:\WINDOWS\system32\LXBVGF.DLL
2006-05-31 19:50 69,632 C:\WINDOWS\system32\lxbvscin.dll
2006-05-31 19:50 57,344 C:\WINDOWS\system32\lxbvcinf.dll
2006-05-31 19:50 49,152 C:\WINDOWS\system32\lxbvcoin.dll
2006-05-31 19:50 483,328 C:\WINDOWS\system32\LXBVJSWR.DLL
2006-05-31 19:50 368,640 C:\WINDOWS\system32\LXBVUTIL.DLL
2006-05-31 19:49 299,520 C:\WINDOWS\uninst.exe
2006-05-31 19:25 65,536 C:\WINDOWS\system32\dmcrypto.dll
2006-05-31 19:25 53,248 C:\WINDOWS\system32\hcwsched.dll
2006-05-31 19:25 118,784 C:\WINDOWS\system32\MSSTDFMT.DLL
2006-05-31 19:20 81,920 C:\WINDOWS\system32\nuvyuv.dll
2006-05-31 19:20 8,192 C:\WINDOWS\system32\tsbyuv.dll
2006-05-31 19:20 79,872 C:\WINDOWS\DDCheck.exe
2006-05-31 19:20 53,760 C:\WINDOWS\system32\vfwwdm32.dll
2006-05-31 19:20 49,152 C:\WINDOWS\system32\bt848wst.dll
2006-05-31 19:20 47,616 C:\WINDOWS\system32\iyuv_32.dll
2006-05-31 19:20 450,560 C:\WINDOWS\system32\hcwtvwnd.dll
2006-05-31 19:20 393,216 C:\WINDOWS\system32\hcwsnbd9.dll
2006-05-31 19:20 36,921 C:\WINDOWS\system32\hcwutl32.dll
2006-05-31 19:20 213,050 C:\WINDOWS\system32\hcwchan.dll
2006-05-31 19:20 176,184 C:\WINDOWS\system32\hcwpnp32.dll
2006-05-31 19:20 148,240 C:\WINDOWS\system32\hcwpnp.dll
2006-05-31 19:20 139,264 C:\WINDOWS\system32\NUVTwain.dll
2006-05-31 19:20 11,264 C:\WINDOWS\system32\hcwhook.dll
2006-05-31 19:20 106,559 C:\WINDOWS\system32\hcwtvdlg.dll
2006-05-31 19:12 466,944 C:\WINDOWS\system32\capicom.dll
2006-05-31 19:07 245,408 C:\WINDOWS\system32\unicows.dll
2006-05-31 19:03 1,082,368 C:\WINDOWS\system32\esent.dll
2006-05-31 18:54 22,752 C:\WINDOWS\system32\spupdsvc.exe
2006-05-31 18:50 8,192 C:\WINDOWS\system32\bitsprx2.dll
2006-05-31 18:50 7,168 C:\WINDOWS\system32\bitsprx3.dll
2006-05-31 18:50 438,784 C:\WINDOWS\system32\xpob2res.dll
2006-05-31 18:50 351,232 C:\WINDOWS\system32\winhttp.dll
2006-05-31 18:50 18,944 C:\WINDOWS\system32\qmgrprxy.dll
2006-05-31 18:47 465,176 C:\WINDOWS\system32\wuapi.dll
2006-05-31 18:47 41,240 C:\WINDOWS\system32\wups.dll
2006-05-31 18:47 194,328 C:\WINDOWS\system32\wuaueng1.dll
2006-05-31 18:47 18,200 C:\WINDOWS\system32\wups2.dll
2006-05-31 18:47 172,312 C:\WINDOWS\system32\wuauclt1.exe
2006-05-31 18:47 127,256 C:\WINDOWS\system32\wucltui.dll
2006-05-31 18:26 221,184 C:\WINDOWS\system32\wmpns.dll
2006-05-31 18:26 182,880 C:\WINDOWS\system32\iuenginenew.dll
2006-05-31 09:19 704,643,072 C:\pagefile.sys
2006-05-31 09:11 86,073 C:\WINDOWS\system32\usrfaxa.dll
2006-05-31 09:11 8,192 C:\WINDOWS\system32\streamci.dll
2006-05-31 09:11 77,891 C:\WINDOWS\system32\usrmlnka.exe
2006-05-31 09:11 77,890 C:\WINDOWS\system32\usrdpa.dll
2006-05-31 09:11 77,883 C:\WINDOWS\system32\usrrtosa.dll
2006-05-31 09:11 74,752 C:\WINDOWS\system32\storprop.dll
2006-05-31 09:11 74,240 C:\WINDOWS\system32\usbui.dll
2006-05-31 09:11 72,192 C:\WINDOWS\system32\sprio800.dll
2006-05-31 09:11 70,656 C:\WINDOWS\system32\sprio600.dll
2006-05-31 09:11 69,700 C:\WINDOWS\system32\usrshuta.exe
2006-05-31 09:11 69,699 C:\WINDOWS\system32\usrcoina.dll
2006-05-31 09:11 69,632 C:\WINDOWS\system32\spnike.dll
2006-05-31 09:11 61,508 C:\WINDOWS\system32\usrprbda.exe
2006-05-31 09:11 61,500 C:\WINDOWS\system32\usrcntra.dll
2006-05-31 09:11 53,305 C:\WINDOWS\system32\usrlbva.dll
2006-05-31 09:11 51,712 C:\WINDOWS\system32\wzcsapi.dll
2006-05-31 09:11 49,211 C:\WINDOWS\system32\usrvpa.dll
2006-05-31 09:11 49,211 C:\WINDOWS\system32\usrsdpia.dll
2006-05-31 09:11 49,209 C:\WINDOWS\system32\usrv80a.dll
2006-05-31 09:11 45,116 C:\WINDOWS\system32\usrvoica.dll
2006-05-31 09:11 41,019 C:\WINDOWS\system32\usrsvpia.dll
2006-05-31 09:11 359,936 C:\WINDOWS\system32\wzcsvc.dll
2006-05-31 09:11 35,328 C:\WINDOWS\system32\pid.dll
2006-05-31 09:11 323,641 C:\WINDOWS\system32\usrdtea.dll
2006-05-31 09:11 3,200 C:\WINDOWS\system32\wowfax.dll
2006-05-31 09:11 157,696 C:\WINDOWS\system32\paqsp.dll
2006-05-31 09:11 15,360 C:\WINDOWS\system32\pjlmon.dll
2006-05-31 09:11 147,968 C:\WINDOWS\system32\mdwmdmsp.dll
2006-05-31 09:11 13,824 C:\WINDOWS\system32\wowfaxui.dll
2006-05-31 09:11 102,457 C:\WINDOWS\system32\usrv42a.dll
2006-05-31 09:10 55,296 C:\WINDOWS\system32\dvdplay.exe
2006-05-31 09:10 52,224 C:\WINDOWS\system32\dmutil.dll
2006-05-31 09:10 47,104 C:\WINDOWS\system32\cnbjmon.dll
2006-05-31 09:10 20,992 C:\WINDOWS\system32\hid.dll
2006-05-31 09:09 99,328 C:\WINDOWS\system32\winscard.dll
2006-05-31 09:09 984,576 C:\WINDOWS\system32\syssetup.dll
2006-05-31 09:09 98,304 C:\WINDOWS\system32\verifier.exe
2006-05-31 09:09 98,304 C:\WINDOWS\system32\slbiop.dll
2006-05-31 09:09 96,768 C:\WINDOWS\system32\srvsvc.dll
2006-05-31 09:09 94,784 C:\WINDOWS\twain.dll
2006-05-31 09:09 937,984 C:\WINDOWS\system32\winbrand.dll
2006-05-31 09:09 93,696 C:\WINDOWS\system32\tscfgwmi.dll
2006-05-31 09:09 92,672 C:\WINDOWS\system32\wlnotify.dll
2006-05-31 09:09 91,648 C:\WINDOWS\system32\xactsrv.dll
2006-05-31 09:09 90,624 C:\WINDOWS\system32\trkwks.dll
2006-05-31 09:09 9,728 C:\WINDOWS\system32\sprestrt.exe
2006-05-31 09:09 9,344 C:\WINDOWS\system32\vga.dll
2006-05-31 09:09 9,216 C:\WINDOWS\system32\wshatm.dll
2006-05-31 09:09 9,216 C:\WINDOWS\system32\winfax.dll
2006-05-31 09:09 9,216 C:\WINDOWS\system32\wifeman.dll
2006-05-31 09:09 9,216 C:\WINDOWS\system32\subst.exe
2006-05-31 09:09 9,008 C:\WINDOWS\system32\ver.dll
2006-05-31 09:09 89,600 C:\WINDOWS\system32\smlogsvc.exe
2006-05-31 09:09 858,624 C:\WINDOWS\system32\tapi3.dll
2006-05-31 09:09 82,944 C:\WINDOWS\system32\ws2_32.dll
2006-05-31 09:09 82,432 C:\WINDOWS\system32\ufat.dll
2006-05-31 09:09 8,192 C:\WINDOWS\system32\winhlp32.exe
2006-05-31 09:09 78,848 C:\WINDOWS\system32\tapiui.dll
2006-05-31 09:09 77,824 C:\WINDOWS\system32\wmpstub.exe
2006-05-31 09:09 764,928 C:\WINDOWS\system32\winntbbu.dll
2006-05-31 09:09 75,776 C:\WINDOWS\system32\wiascr.dll
2006-05-31 09:09 75,776 C:\WINDOWS\system32\telnet.exe
2006-05-31 09:09 74,752 C:\WINDOWS\system32\spoolss.dll
2006-05-31 09:09 74,240 C:\WINDOWS\system32\unimdmat.dll
2006-05-31 09:09 723,456 C:\WINDOWS\system32\userenv.dll
2006-05-31 09:09 71,680 C:\WINDOWS\system32\ssdpsrv.dll
2006-05-31 09:09 704,512 C:\WINDOWS\system32\ss3dfo.scr
2006-05-31 09:09 7,680 C:\WINDOWS\system32\vcdex.dll
2006-05-31 09:09 7,168 C:\WINDOWS\system32\wshnetbs.dll
2006-05-31 09:09 679,936 C:\WINDOWS\system32\sstext3d.scr
2006-05-31 09:09 67,584 C:\WINDOWS\system32\sti.dll
2006-05-31 09:09 67,584 C:\WINDOWS\system32\srclient.dll
2006-05-31 09:09 65,536 C:\WINDOWS\system32\wshext.dll
2006-05-31 09:09 65,536 C:\WINDOWS\system32\wextract.exe
2006-05-31 09:09 610,304 C:\WINDOWS\system32\sspipes.scr
2006-05-31 09:09 6,656 C:\WINDOWS\system32\wuauserv.dll
2006-05-31 09:09 6,144 C:\WINDOWS\system32\svcpack.dll
2006-05-31 09:09 589,312 C:\WINDOWS\system32\wiashext.dll
2006-05-31 09:09 57,856 C:\WINDOWS\system32\synceng.dll
2006-05-31 09:09 56,832 C:\WINDOWS\system32\sol.exe
2006-05-31 09:09 54,272 C:\WINDOWS\system32\stclient.dll
2006-05-31 09:09 538,624 C:\WINDOWS\system32\spider.exe
2006-05-31 09:09 53,760 C:\WINDOWS\system32\winsta.dll
2006-05-31 09:09 52,224 C:\WINDOWS\system32\tsappcmp.dll
2006-05-31 09:09 51,712 C:\WINDOWS\system32\vdmredir.dll
2006-05-31 09:09 51,456 C:\WINDOWS\system32\vga256.dll
2006-05-31 09:09 51,200 C:\WINDOWS\system32\wmerrenu.dll
2006-05-31 09:09 51,200 C:\WINDOWS\system32\syncapp.exe
2006-05-31 09:09 502,272 C:\WINDOWS\system32\winlogon.exe
2006-05-31 09:09 50,688 C:\WINDOWS\twain_32.dll
2006-05-31 09:09 50,688 C:\WINDOWS\system32\smss.exe
2006-05-31 09:09 50,176 C:\WINDOWS\system32\utilman.exe
2006-05-31 09:09 5,632 C:\WINDOWS\system32\write.exe
2006-05-31 09:09 5,632 C:\WINDOWS\system32\wmi.dll
2006-05-31 09:09 5,632 C:\WINDOWS\system32\winver.exe
2006-05-31 09:09 5,632 C:\WINDOWS\system32\tapiperf.dll
2006-05-31 09:09 5,632 C:\WINDOWS\system32\softpub.dll
2006-05-31 09:09 5,632 C:\WINDOWS\system32\skdll.dll
2006-05-31 09:09 5,120 C:\WINDOWS\system32\winnls.dll
2006-05-31 09:09 49,680 C:\WINDOWS\twunk_16.exe
2006-05-31 09:09 49,664 C:\WINDOWS\system32\w32tm.exe
2006-05-31 09:09 49,179 C:\WINDOWS\system32\sqlwoa.dll
2006-05-31 09:09 49,152 C:\WINDOWS\system32\wdigest.dll
2006-05-31 09:09 47,872 C:\WINDOWS\system32\user.exe
2006-05-31 09:09 47,104 C:\WINDOWS\system32\ssmypics.scr
2006-05-31 09:09 463,360 C:\WINDOWS\system32\wiadefui.dll
2006-05-31 09:09 45,568 C:\WINDOWS\system32\tcpmonui.dll
2006-05-31 09:09 45,568 C:\WINDOWS\system32\tcpmon.dll
2006-05-31 09:09 446,464 C:\WINDOWS\system32\wmvdmoe.dll
2006-05-31 09:09 44,544 C:\WINDOWS\system32\tscupgrd.exe
2006-05-31 09:09 433,664 C:\WINDOWS\system32\wiaacmgr.exe
2006-05-31 09:09 430,592 C:\WINDOWS\system32\vssapi.dll
2006-05-31 09:09 42,496 C:\WINDOWS\system32\wsnmp32.dll
2006-05-31 09:09 406,528 C:\WINDOWS\system32\usp10.dll
2006-05-31 09:09 40,448 C:\WINDOWS\system32\webhits.dll
2006-05-31 09:09 4,608 C:\WINDOWS\system32\vjoy.dll
2006-05-31 09:09 4,208 C:\WINDOWS\system32\storage.dll
2006-05-31 09:09 4,096 C:\WINDOWS\system32\unlodctr.exe
2006-05-31 09:09 393,216 C:\WINDOWS\system32\ssflwbox.scr
2006-05-31 09:09 385,536 C:\WINDOWS\system32\themeui.dll
2006-05-31 09:09 378,368 C:\WINDOWS\system32\wzcdlg.dll
2006-05-31 09:09 37,888 C:\WINDOWS\system32\url.dll
2006-05-31 09:09 363,008 C:\WINDOWS\system32\smlogcfg.dll
2006-05-31 09:09 36,864 C:\WINDOWS\system32\syskey.exe
2006-05-31 09:09 358,400 C:\WINDOWS\system32\termmgr.dll
2006-05-31 09:09 35,840 C:\WINDOWS\system32\umandlg.dll
2006-05-31 09:09 35,328 C:\WINDOWS\system32\winchat.exe
2006-05-31 09:09 347,136 C:\WINDOWS\system32\tourstart.exe
2006-05-31 09:09 34,816 C:\WINDOWS\system32\ssdpapi.dll
2006-05-31 09:09 333,312 C:\WINDOWS\system32\wiaservc.dll
2006-05-31 09:09 33,792 C:\WINDOWS\system32\vssadmin.exe
2006-05-31 09:09 32,768 C:\WINDOWS\system32\winipsec.dll
2006-05-31 09:09 32,256 C:\WINDOWS\system32\wupdmgr.exe
2006-05-31 09:09 32,256 C:\WINDOWS\system32\wpnpinst.exe
2006-05-31 09:09 32,256 C:\WINDOWS\system32\wpabaln.exe
2006-05-31 09:09 316,416 C:\WINDOWS\system32\untfs.dll
2006-05-31 09:09 311,327 C:\WINDOWS\system32\wmv8dmod.dll
2006-05-31 09:09 31,744 C:\WINDOWS\system32\tracert6.exe
2006-05-31 09:09 31,232 C:\WINDOWS\system32\traffic.dll
2006-05-31 09:09 306,176 C:\WINDOWS\system32\slbcsp.dll
2006-05-31 09:09 303,616 C:\WINDOWS\system32\wmstream.dll
2006-05-31 09:09 30,720 C:\WINDOWS\system32\xcopy.exe
2006-05-31 09:09 3,072 C:\WINDOWS\system32\systray.exe
2006-05-31 09:09 295,424 C:\WINDOWS\system32\termsrv.dll
2006-05-31 09:09 289,792 C:\WINDOWS\system32\vssvc.exe
2006-05-31 09:09 283,648 C:\WINDOWS\winhlp32.exe
2006-05-31 09:09 28,672 C:\WINDOWS\system32\wshcon.dll
2006-05-31 09:09 276,480 C:\WINDOWS\system32\webcheck.dll
2006-05-31 09:09 275,456 C:\WINDOWS\system32\ulib.dll
2006-05-31 09:09 264,192 C:\WINDOWS\system32\wow32.dll
2006-05-31 09:09 26,112 C:\WINDOWS\system32\vdmdbg.dll
2006-05-31 09:09 26,112 C:\WINDOWS\system32\skeys.exe
2006-05-31 09:09 256,192 C:\WINDOWS\winhelp.exe
2006-05-31 09:09 25,600 C:\WINDOWS\twunk_32.exe
2006-05-31 09:09 25,600 C:\WINDOWS\system32\utildll.dll
2006-05-31 09:09 25,600 C:\WINDOWS\system32\udhisapi.dll
2006-05-31 09:09 25,088 C:\WINDOWS\system32\slayerxp.dll
2006-05-31 09:09 246,302 C:\WINDOWS\system32\strmdll.dll
2006-05-31 09:09 24,661 C:\WINDOWS\system32\spxcoins.dll
2006-05-31 09:09 24,603 C:\WINDOWS\system32\sqlwid.dll
2006-05-31 09:09 24,576 C:\WINDOWS\system32\userinit.exe
2006-05-31 09:09 239,616 C:\WINDOWS\system32\upnpui.dll
2006-05-31 09:09 23,552 C:\WINDOWS\system32\sort.exe
2006-05-31 09:09 22,528 C:\WINDOWS\system32\wsock32.dll
2006-05-31 09:09 22,016 C:\WINDOWS\system32\w32topl.dll
2006-05-31 09:09 218,624 C:\WINDOWS\system32\uxtheme.dll
2006-05-31 09:09 208,896 C:\WINDOWS\system32\wavemsp.dll
2006-05-31 09:09 20,992 C:\WINDOWS\system32\ssmarque.scr
2006-05-31 09:09 20,535 C:\WINDOWS\system32\vfpodbc.dll
2006-05-31 09:09 2,864 C:\WINDOWS\system32\winsock.dll
2006-05-31 09:09 2,736 C:\WINDOWS\system32\wowdeb.exe
2006-05-31 09:09 2,112 C:\WINDOWS\system32\winspool.exe
2006-05-31 09:09 191,488 C:\WINDOWS\system32\syncui.dll
2006-05-31 09:09 19,968 C:\WINDOWS\system32\wshtcpip.dll
2006-05-31 09:09 19,968 C:\WINDOWS\system32\ws2help.dll
2006-05-31 09:09 19,968 C:\WINDOWS\system32\ssbezier.scr
2006-05-31 09:09 19,456 C:\WINDOWS\system32\tcpsvcs.exe
2006-05-31 09:09 19,200 C:\WINDOWS\system32\tapi.dll
2006-05-31 09:09 187,392 C:\WINDOWS\system32\xpsp1res.dll
2006-05-31 09:09 185,344 C:\WINDOWS\system32\upnphost.dll
2006-05-31 09:09 182,272 C:\WINDOWS\system32\snmpsnap.dll
2006-05-31 09:09 181,760 C:\WINDOWS\system32\tapi32.dll
2006-05-31 09:09 180,800 C:\WINDOWS\system32\sqlunirl.dll
2006-05-31 09:09 18,944 C:\WINDOWS\vmmreg32.dll
2006-05-31 09:09 18,944 C:\WINDOWS\system32\wmiprop.dll
2006-05-31 09:09 18,944 C:\WINDOWS\system32\winstrm.dll
2006-05-31 09:09 18,944 C:\WINDOWS\system32\version.dll
2006-05-31 09:09 18,944 C:\WINDOWS\system32\ssmyst.scr
2006-05-31 09:09 18,944 C:\WINDOWS\system32\snmpapi.dll
2006-05-31 09:09 18,896 C:\WINDOWS\system32\sysedit.exe
2006-05-31 09:09 18,432 C:\WINDOWS\system32\wtsapi32.dll
2006-05-31 09:09 18,432 C:\WINDOWS\system32\win.com
2006-05-31 09:09 18,432 C:\WINDOWS\system32\ups.exe
2006-05-31 09:09 18,176 C:\WINDOWS\system32\vga64k.dll
2006-05-31 09:09 177,856 C:\WINDOWS\system32\typelib.dll
2006-05-31 09:09 176,640 C:\WINDOWS\system32\wintrust.dll
2006-05-31 09:09 176,128 C:\WINDOWS\system32\winmm.dll
2006-05-31 09:09 174,592 C:\WINDOWS\system32\w32time.dll
2006-05-31 09:09 174,200 C:\WINDOWS\system32\xenroll.dll
2006-05-31 09:09 172,032 C:\WINDOWS\system32\wldap32.dll
2006-05-31 09:09 170,496 C:\WINDOWS\system32\srsvc.dll
2006-05-31 09:09 17,920 C:\WINDOWS\system32\ureg.dll
2006-05-31 09:09 17,664 C:\WINDOWS\system32\watchdog.sys
2006-05-31 09:09 16,896 C:\WINDOWS\system32\winrnr.dll
2006-05-31 09:09 16,896 C:\WINDOWS\system32\vss_ps.dll
2006-05-31 09:09 16,896 C:\WINDOWS\system32\usbmon.dll
2006-05-31 09:09 16,896 C:\WINDOWS\system32\upnpcont.exe
2006-05-31 09:09 16,896 C:\WINDOWS\system32\tsshutdn.exe
2006-05-31 09:09 16,896 C:\WINDOWS\system32\tftp.exe
2006-05-31 09:09 16,384 C:\WINDOWS\system32\tskill.exe
2006-05-31 09:09 15,872 C:\WINDOWS\system32\sysinv.dll
2006-05-31 09:09 15,360 C:\WINDOWS\TASKMAN.EXE
2006-05-31 09:09 15,360 C:\WINDOWS\system32\tsd32.dll
2006-05-31 09:09 15,360 C:\WINDOWS\system32\taskman.exe
2006-05-31 09:09 145,408 C:\WINDOWS\system32\wiavusd.dll
2006-05-31 09:09 14,848 C:\WINDOWS\system32\tsdiscon.exe
2006-05-31 09:09 14,848 C:\WINDOWS\system32\tscon.exe
2006-05-31 09:09 14,848 C:\WINDOWS\system32\tcpmib.dll
2006-05-31 09:09 14,848 C:\WINDOWS\system32\stimon.exe
2006-05-31 09:09 14,848 C:\WINDOWS\system32\slbrccsp.dll
2006-05-31 09:09 14,336 C:\WINDOWS\system32\wship6.dll
2006-05-31 09:09 14,336 C:\WINDOWS\system32\svchost.exe
2006-05-31 09:09 14,336 C:\WINDOWS\system32\ssstars.scr
2006-05-31 09:09 138,752 C:\WINDOWS\system32\swprv.dll
2006-05-31 09:09 138,752 C:\WINDOWS\system32\sndvol32.exe
2006-05-31 09:09 136,704 C:\WINDOWS\system32\sti_ci.dll
2006-05-31 09:09 135,680 C:\WINDOWS\system32\webvw.dll
2006-05-31 09:09 135,680 C:\WINDOWS\system32\taskmgr.exe
2006-05-31 09:09 132,608 C:\WINDOWS\system32\upnp.dll
2006-05-31 09:09 131,584 C:\WINDOWS\system32\sndrec32.exe
2006-05-31 09:09 13,888 C:\WINDOWS\system32\toolhelp.dll
2006-05-31 09:09 13,824 C:\WINDOWS\system32\uniplat.dll
2006-05-31 09:09 13,312 C:\WINDOWS\system32\win87em.dll
2006-05-31 09:09 13,312 C:\WINDOWS\system32\verifier.dll
2006-05-31 09:09 13,312 C:\WINDOWS\system32\umdmxfrm.dll
2006-05-31 09:09 124,416 C:\WINDOWS\system32\wiadss.dll
2006-05-31 09:09 124,184 C:\WINDOWS\system32\wuauclt.exe
2006-05-31 09:09 121,856 C:\WINDOWS\system32\stobject.dll
2006-05-31 09:09 12,288 C:\WINDOWS\system32\tracert.exe
2006-05-31 09:09 12,288 C:\WINDOWS\system32\tcmsetup.exe
2006-05-31 09:09 12,168 C:\WINDOWS\system32\tsddd.dll
2006-05-31 09:09 119,808 C:\WINDOWS\system32\winmine.exe
2006-05-31 09:09 118,272 C:\WINDOWS\system32\t2embed.dll
2006-05-31 09:09 115,200 C:\WINDOWS\system32\wmsdmoe.dll
2006-05-31 09:09 114,688 C:\WINDOWS\system32\wscript.exe
2006-05-31 09:09 111,104 C:\WINDOWS\system32\wiavideo.dll
2006-05-31 09:09 11,776 C:\WINDOWS\system32\xolehlp.dll
2006-05-31 09:09 11,776 C:\WINDOWS\system32\wshrm.dll
2006-05-31 09:09 11,776 C:\WINDOWS\system32\wshisn.dll
2006-05-31 09:09 11,776 C:\WINDOWS\system32\winmsd.exe
2006-05-31 09:09 11,264 C:\WINDOWS\system32\tree.com
2006-05-31 09:09 105,984 C:\WINDOWS\system32\sysocmgr.exe
2006-05-31 09:09 101,888 C:\WINDOWS\system32\win32spl.dll
2006-05-31 09:09 10,368 C:\WINDOWS\system32\wowexec.exe
2006-05-31 09:09 1,677,312 C:\WINDOWS\system32\wmvcore2.dll
2006-05-31 09:09 1,343,768 C:\WINDOWS\system32\wuaueng.dll
2006-05-31 09:09 1,161 C:\WINDOWS\system32\usrlogon.cmd
2006-05-31 09:08 983,552 C:\WINDOWS\system32\setupapi.dll
2006-05-31 09:08 98,304 C:\WINDOWS\system32\rtm.dll
2006-05-31 09:08 96,768 C:\WINDOWS\system32\psbase.dll
2006-05-31 09:08 96,256 C:\WINDOWS\system32\occache.dll
2006-05-31 09:08 95,744 C:\WINDOWS\system32\scardsvr.exe
2006-05-31 09:08 94,282 C:\WINDOWS\system32\msencode.dll
2006-05-31 09:08 94,208 C:\WINDOWS\system32\odbcint.dll
2006-05-31 09:08 92,168 C:\WINDOWS\system32\rdpdd.dll
2006-05-31 09:08 91,136 C:\WINDOWS\system32\ntprint.dll
2006-05-31 09:08 90,624 C:\WINDOWS\system32\mydocs.dll
2006-05-31 09:08 90,112 C:\WINDOWS\system32\rsvpsp.dll
2006-05-31 09:08 90,112 C:\WINDOWS\system32\mycomput.dll
2006-05-31 09:08 9,728 C:\WINDOWS\system32\sfc.exe
2006-05-31 09:08 9,728 C:\WINDOWS\system32\rsvpperf.dll
2006-05-31 09:08 9,728 C:\WINDOWS\system32\reset.exe
2006-05-31 09:08 9,216 C:\WINDOWS\system32\scrnsave.scr
2006-05-31 09:08 9,216 C:\WINDOWS\system32\print.exe
2006-05-31 09:08 89,088 C:\WINDOWS\system32\rasauto.dll
2006-05-31 09:08 884,736 C:\WINDOWS\system32\msimsg.dll
2006-05-31 09:08 882 C:\WINDOWS\system32\share.exe
2006-05-31 09:08 875,008 C:\WINDOWS\system32\netplwiz.dll
2006-05-31 09:08 87,176 C:\WINDOWS\system32\rdpwsx.dll
2006-05-31 09:08 86,016 C:\WINDOWS\system32\netsh.exe
2006-05-31 09:08 86,016 C:\WINDOWS\system32\msapsspc.dll
2006-05-31 09:08 83,456 C:\WINDOWS\system32\olepro32.dll
2006-05-31 09:08 82,944 C:\WINDOWS\system32\olecli.dll
2006-05-31 09:08 817 C:\WINDOWS\system32\mscdexnt.exe
2006-05-31 09:08 80,896 C:\WINDOWS\system32\netui0.dll
2006-05-31 09:08 8,192 C:\WINDOWS\system32\rasadhlp.dll
2006-05-31 09:08 8,192 C:\WINDOWS\system32\qosname.dll
2006-05-31 09:08 8,192 C:\WINDOWS\system32\psnppagn.dll
2006-05-31 09:08 8,192 C:\WINDOWS\system32\ntlsapi.dll
2006-05-31 09:08 78,848 C:\WINDOWS\system32\msiexec.exe
2006-05-31 09:08 77,824 C:\WINDOWS\system32\shrpubw.exe
2006-05-31 09:08 77,312 C:\WINDOWS\system32\sdbinst.exe
2006-05-31 09:08 77,312 C:\WINDOWS\system32\rtcshare.exe
2006-05-31 09:08 76,800 C:\WINDOWS\system32\nslookup.exe
2006-05-31 09:08 73,802 C:\WINDOWS\system32\msrclr40.dll
2006-05-31 09:08 72,704 C:\WINDOWS\system32\msw3prt.dll
2006-05-31 09:08 713,728 C:\WINDOWS\system32\opengl32.dll
2006-05-31 09:08 701,440 C:\WINDOWS\system32\msxml2.dll
2006-05-31 09:08 70,144 C:\WINDOWS\system32\sigverif.exe
2006-05-31 09:08 7,680 C:\WINDOWS\system32\ncxpnt.dll
2006-05-31 09:08 7,168 C:\WINDOWS\system32\recover.exe
2006-05-31 09:08 7,168 C:\WINDOWS\system32\msr2cenu.dll
2006-05-31 09:08 7,168 C:\WINDOWS\system32\mscat32.dll
2006-05-31 09:08 7,052 C:\WINDOWS\system32\nlsfunc.exe
2006-05-31 09:08 69,632 C:\WINDOWS\system32\scarddlg.dll
2006-05-31 09:08 69,632 C:\WINDOWS\system32\raschap.dll
2006-05-31 09:08 69,632 C:\WINDOWS\system32\odbcconf.exe
2006-05-31 09:08 69,632 C:\WINDOWS\system32\msr2c.dll
2006-05-31 09:08 69,632 C:\WINDOWS\system32\msconf.dll
2006-05-31 09:08 69,120 C:\WINDOWS\system32\olethk32.dll
2006-05-31 09:08 69,120 C:\WINDOWS\system32\notepad.exe
2006-05-31 09:08 69,120 C:\WINDOWS\system32\msctfp.dll
2006-05-31 09:08 69,120 C:\WINDOWS\notepad.exe
2006-05-31 09:08 68,096 C:\WINDOWS\system32\shgina.dll
2006-05-31 09:08 67,584 C:\WINDOWS\system32\osuninst.dll
2006-05-31 09:08 67,072 C:\WINDOWS\system32\rdshost.exe
2006-05-31 09:08 67,072 C:\WINDOWS\system32\ntdsapi.dll
2006-05-31 09:08 657,920 C:\WINDOWS\system32\rasdlg.dll
2006-05-31 09:08 655,360 C:\WINDOWS\system32\mstscax.dll
2006-05-31 09:08 65,536 C:\WINDOWS\system32\shimeng.dll
2006-05-31 09:08 65,536 C:\WINDOWS\system32\odbccu32.dll
2006-05-31 09:08 65,536 C:\WINDOWS\system32\odbccr32.dll
2006-05-31 09:08 65,024 C:\WINDOWS\system32\msaudite.dll
2006-05-31 09:08 64,000 C:\WINDOWS\system32\samlib.dll
2006-05-31 09:08 622,080 C:\WINDOWS\system32\netcfgx.dll
2006-05-31 09:08 62,976 C:\WINDOWS\system32\pautoenr.dll
2006-05-31 09:08 62,464 C:\WINDOWS\system32\rdpclip.exe
2006-05-31 09:08 61,440 C:\WINDOWS\system32\rasman.dll
2006-05-31 09:08 61,440 C:\WINDOWS\system32\msvcrt40.dll
2006-05-31 09:08 60,928 C:\WINDOWS\system32\ocmanage.dll
2006-05-31 09:08 60,416 C:\WINDOWS\system32\remotepg.dll
2006-05-31 09:08 60,416 C:\WINDOWS\system32\msratelc.dll
2006-05-31 09:08 6,656 C:\WINDOWS\system32\sensapi.dll
2006-05-31 09:08 6,656 C:\WINDOWS\system32\routetab.dll
2006-05-31 09:08 6,656 C:\WINDOWS\system32\msswchx.exe
2006-05-31 09:08 6,656 C:\WINDOWS\system32\msidle.dll
2006-05-31 09:08 6,144 C:\WINDOWS\system32\msdtc.exe
2006-05-31 09:08 59,904 C:\WINDOWS\system32\regsvc.dll
2006-05-31 09:08 58,880 C:\WINDOWS\system32\resutils.dll
2006-05-31 09:08 58,880 C:\WINDOWS\system32\rastapi.dll
2006-05-31 09:08 58,880 C:\WINDOWS\system32\msdtclog.dll
2006-05-31 09:08 58,368 C:\WINDOWS\system32\packager.exe
2006-05-31 09:08 57,856 C:\WINDOWS\system32\scripto.dll
2006-05-31 09:08 57,856 C:\WINDOWS\system32\ntlanui.dll
2006-05-31 09:08 565,760 C:\WINDOWS\system32\msvcp50.dll
2006-05-31 09:08 560,640 C:\WINDOWS\system32\printui.dll
2006-05-31 09:08 56,832 C:\WINDOWS\system32\rasphone.exe
2006-05-31 09:08 56,832 C:\WINDOWS\system32\mshtmler.dll
2006-05-31 09:08 56,320 C:\WINDOWS\system32\servdeps.dll
2006-05-31 09:08 553,472 C:\WINDOWS\system32\oleaut32.dll
2006-05-31 09:08 55,808 C:\WINDOWS\system32\secur32.dll
2006-05-31 09:08 55,296 C:\WINDOWS\system32\sendmail.dll
2006-05-31 09:08 549,376 C:\WINDOWS\system32\shdoclc.dll
2006-05-31 09:08 54,784 C:\WINDOWS\system32\npptools.dll
2006-05-31 09:08 54,784 C:\WINDOWS\system32\msvcirt.dll
2006-05-31 09:08 537,088 C:\WINDOWS\system32\msftedit.dll
2006-05-31 09:08 532,480 C:\WINDOWS\system32\mstime.dll
2006-05-31 09:08 53,279 C:\WINDOWS\system32\odbcji32.dll
2006-05-31 09:08 51,712 C:\WINDOWS\system32\msident.dll
2006-05-31 09:08 506,368 C:\WINDOWS\system32\msxml.dll
2006-05-31 09:08 50,176 C:\WINDOWS\system32\reg.exe
2006-05-31 09:08 50,176 C:\WINDOWS\system32\proquota.exe
2006-05-31 09:08 5,632 C:\WINDOWS\system32\security.dll
2006-05-31 09:08 5,120 C:\WINDOWS\system32\shell.dll
2006-05-31 09:08 5,120 C:\WINDOWS\system32\sfc.dll
2006-05-31 09:08 49,664 C:\WINDOWS\system32\regapi.dll
2006-05-31 09:08 49,152 C:\WINDOWS\system32\rsmui.exe
2006-05-31 09:08 49,152 C:\WINDOWS\system32\rsm.exe
2006-05-31 09:08 488,448 C:\WINDOWS\system32\ntmsmgr.dll
2006-05-31 09:08 48,128 C:\WINDOWS\system32\msprivs.dll
2006-05-31 09:08 46,592 C:\WINDOWS\system32\pmspl.dll
2006-05-31 09:08 45,568 C:\WINDOWS\system32\safrslv.dll
2006-05-31 09:08 448,512 C:\WINDOWS\system32\mshtmled.dll
2006-05-31 09:08 44,032 C:\WINDOWS\system32\rtutils.dll
2006-05-31 09:08 44,032 C:\WINDOWS\system32\msxml3r.dll
2006-05-31 09:08 438,272 C:\WINDOWS\system32\shimgvw.dll
2006-05-31 09:08 435,200 C:\WINDOWS\system32\ntmssvc.dll
2006-05-31 09:08 431,616 C:\WINDOWS\system32\riched20.dll
2006-05-31 09:08 43,520 C:\WINDOWS\system32\safrcdlg.dll
2006-05-31 09:08 43,520 C:\WINDOWS\system32\racpldlg.dll
2006-05-31 09:08 43,520 C:\WINDOWS\system32\pstorec.dll
2006-05-31 09:08 43,520 C:\WINDOWS\system32\ntlanman.dll
2006-05-31 09:08 42,496 C:\WINDOWS\system32\shmgrate.exe
2006-05-31 09:08 42,496 C:\WINDOWS\system32\net.exe
2006-05-31 09:08 419,840 C:\WINDOWS\system32\ntvdm.exe
2006-05-31 09:08 415,744 C:\WINDOWS\system32\samsrv.dll
2006-05-31 09:08 414,208 C:\WINDOWS\system32\setupdll.dll
2006-05-31 09:08 413,696 C:\WINDOWS\system32\msvcp60.dll
2006-05-31 09:08 41,984 C:\WINDOWS\system32\msports.dll
2006-05-31 09:08 407,552 C:\WINDOWS\system32\mstsc.exe
2006-05-31 09:08 407,040 C:\WINDOWS\system32\netlogon.dll
2006-05-31 09:08 40,960 C:\WINDOWS\system32\ntmsapi.dll
2006-05-31 09:08 40,448 C:\WINDOWS\system32\osuninst.exe
2006-05-31 09:08 4,608 C:\WINDOWS\system32\regwiz.exe
2006-05-31 09:08 4,608 C:\WINDOWS\system32\mssip32.dll
2006-05-31 09:08 4,608 C:\WINDOWS\system32\msimg32.dll
2006-05-31 09:08 4,126 C:\WINDOWS\system32\msdxmlc.dll
2006-05-31 09:08 4,096 C:\WINDOWS\system32\rdpcfgex.dll
2006-05-31 09:08 4,096 C:\WINDOWS\system32\nddeapir.exe
2006-05-31 09:08 4,096 C:\WINDOWS\system32\mtxex.dll
2006-05-31 09:08 397,824 C:\WINDOWS\system32\regwizc.dll
2006-05-31 09:08 39,936 C:\WINDOWS\system32\rshx32.dll
2006-05-31 09:08 39,936 C:\WINDOWS\system32\perfctrs.dll
2006-05-31 09:08 39,744 C:\WINDOWS\system32\ole2.dll
2006-05-31 09:08 382,464 C:\WINDOWS\system32\qmgr.dll
2006-05-31 09:08 38,912 C:\WINDOWS\system32\sens.dll
2006-05-31 09:08 37,916 C:\WINDOWS\system32\msxml2r.dll
2006-05-31 09:08 37,888 C:\WINDOWS\system32\olecnv32.dll
2006-05-31 09:08 368,710 C:\WINDOWS\system32\msisam11.dll
2006-05-31 09:08 36,864 C:\WINDOWS\system32\ntsdexts.dll
2006-05-31 09:08 36,864 C:\WINDOWS\system32\ntmsevt.dll
2006-05-31 09:08 36,864 C:\WINDOWS\system32\netstat.exe
2006-05-31 09:08 36,864 C:\WINDOWS\system32\mscpxl32.dll
2006-05-31 09:08 36,352 C:\WINDOWS\system32\ncobjapi.dll
2006-05-31 09:08 35,840 C:\WINDOWS\system32\rcimlby.exe
2006-05-31 09:08 35,840 C:\WINDOWS\system32\narrhook.dll
2006-05-31 09:08 35,840 C:\WINDOWS\system32\mssign32.dll
2006-05-31 09:08 35,648 C:\WINDOWS\system32\ntio411.sys
2006-05-31 09:08 35,424 C:\WINDOWS\system32\ntio412.sys
2006-05-31 09:08 35,328 C:\WINDOWS\system32\pifmgr.dll
2006-05-31 09:08 343,040 C:\WINDOWS\system32\msvcrt.dll
2006-05-31 09:08 343,040 C:\WINDOWS\system32\mspaint.exe
2006-05-31 09:08 34,816 C:\WINDOWS\system32\perfproc.dll
2006-05-31 09:08 34,560 C:\WINDOWS\system32\ntio804.sys
2006-05-31 09:08 34,560 C:\WINDOWS\system32\ntio404.sys
2006-05-31 09:08 34,304 C:\WINDOWS\system32\pstorsvc.dll
2006-05-31 09:08 33,840 C:\WINDOWS\system32\ntio.sys
2006-05-31 09:08 33,792 C:\WINDOWS\system32\regini.exe
2006-05-31 09:08 33,280 C:\WINDOWS\system32\rundll32.exe
2006-05-31 09:08 33,280 C:\WINDOWS\system32\ping6.exe
2006-05-31 09:08 33,280 C:\WINDOWS\system32\msobjs.dll
2006-05-31 09:08 329,728 C:\WINDOWS\system32\netsetup.exe
2006-05-31 09:08 32,768 C:\WINDOWS\system32\odbcad32.exe
2006-05-31 09:08 313,856 C:\WINDOWS\system32\scesrv.dll
2006-05-31 09:08 31,744 C:\WINDOWS\system32\rtipxmib.dll
2006-05-31 09:08 31,744 C:\WINDOWS\system32\ntsd.exe
2006-05-31 09:08 31,232 C:\WINDOWS\system32\sethc.exe
2006-05-31 09:08 31,232 C:\WINDOWS\system32\sc.exe
2006-05-31 09:08 308,224 C:\WINDOWS\system32\netui2.dll
2006-05-31 09:08 30,720 C:\WINDOWS\system32\plustab.dll
2006-05-31 09:08 30,208 C:\WINDOWS\system32\mspatcha.dll
2006-05-31 09:08 3,584 C:\WINDOWS\system32\riched32.dll
2006-05-31 09:08 3,584 C:\WINDOWS\system32\regedt32.exe
2006-05-31 09:08 3,584 C:\WINDOWS\system32\msafd.dll
2006-05-31 09:08 3,338 C:\WINDOWS\system32\redir.exe
2006-05-31 09:08 3,072 C:\WINDOWS\system32\rnr20.dll
2006-05-31 09:08 294,400 C:\WINDOWS\system32\msctf.dll
2006-05-31 09:08 290,816 C:\WINDOWS\system32\msnsspc.dll
2006-05-31 09:08 29,696 C:\WINDOWS\system32\safrdm.dll
2006-05-31 09:08 29,370 C:\WINDOWS\system32\ntdos411.sys
2006-05-31 09:08 29,274 C:\WINDOWS\system32\ntdos412.sys
2006-05-31 09:08 29,184 C:\WINDOWS\system32\sendcmsg.dll
2006-05-31 09:08 29,184 C:\WINDOWS\system32\mshta.exe
2006-05-31 09:08 29,146 C:\WINDOWS\system32\ntdos804.sys
2006-05-31 09:08 29,146 C:\WINDOWS\system32\ntdos404.sys
2006-05-31 09:08 285,696 C:\WINDOWS\system32\objsel.dll
2006-05-31 09:08 283,648 C:\WINDOWS\system32\pdh.dll
2006-05-31 09:08 28,746 C:\WINDOWS\system32\msrecr40.dll
2006-05-31 09:08 28,672 C:\WINDOWS\system32\nmmkcert.dll
2006-05-31 09:08 278,559 C:\WINDOWS\system32\odbcjt32.dll
2006-05-31 09:08 274,944 C:\WINDOWS\system32\mstask.dll
2006-05-31 09:08 271,360 C:\WINDOWS\system32\msihnd.dll
2006-05-31 09:08 270,848 C:\WINDOWS\system32\sbe.dll
2006-05-31 09:08 27,866 C:\WINDOWS\system32\ntdos.sys
2006-05-31 09:08 27,648 C:\WINDOWS\system32\shscrap.dll
2006-05-31 09:08 27,648 C:\WINDOWS\system32\profmap.dll
2006-05-31 09:08 266,752 C:\WINDOWS\system32\oakley.dll
2006-05-31 09:08 26,624 C:\WINDOWS\system32\scredir.dll
2006-05-31 09:08 26,624 C:\WINDOWS\system32\perfdisk.dll
2006-05-31 09:08 26,624 C:\WINDOWS\system32\msxmlr.dll
2006-05-31 09:08 26,224 C:\WINDOWS\system32\odbc16gt.dll
2006-05-31 09:08 253,952 C:\WINDOWS\system32\neth.dll
2006-05-31 09:08 253,952 C:\WINDOWS\system32\msvcrt20.dll
2006-05-31 09:08 252,928 C:\WINDOWS\system32\msoeacct.dll
2006-05-31 09:08 25,600 C:\WINDOWS\system32\routemon.exe
2006-05-31 09:08 25,600 C:\WINDOWS\system32\msvidc32.dll
2006-05-31 09:08 25,088 C:\WINDOWS\system32\shfolder.dll
2006-05-31 09:08 25,088 C:\WINDOWS\system32\perfos.dll
2006-05-31 09:08 25,088 C:\WINDOWS\system32\mtxlegih.dll
2006-05-31 09:08 25,088 C:\WINDOWS\system32\mslbui.dll
2006-05-31 09:08 248,832 C:\WINDOWS\system32\msieftp.dll
2006-05-31 09:08 245,760 C:\WINDOWS\system32\netui1.dll
2006-05-31 09:08 245,248 C:\WINDOWS\system32\mswsock.dll
2006-05-31 09:08 241,725 C:\WINDOWS\system32\msuni11.dll
2006-05-31 09:08 24,576 C:\WINDOWS\system32\rsmsink.exe
2006-05-31 09:08 24,064 C:\WINDOWS\system32\pidgen.dll
2006-05-31 09:08 24,064 C:\WINDOWS\system32\olesvr.dll
2006-05-31 09:08 236,544 C:\WINDOWS\system32\rasapi32.dll
2006-05-31 09:08 23,552 C:\WINDOWS\system32\sfmapi.dll
2006-05-31 09:08 23,552 C:\WINDOWS\system32\rsvpmsg.dll
2006-05-31 09:08 23,552 C:\WINDOWS\system32\rasrad.dll
2006-05-31 09:08 23,040 C:\WINDOWS\system32\setup.exe
2006-05-31 09:08 23,040 C:\WINDOWS\system32\psapi.dll
2006-05-31 09:08 22,528 C:\WINDOWS\system32\rasmxs.dll
2006-05-31 09:08 22,016 C:\WINDOWS\system32\rpcns4.dll
2006-05-31 09:08 22,016 C:\WINDOWS\system32\qwinsta.exe
2006-05-31 09:08 22,016 C:\WINDOWS\system32\olesvr32.dll
2006-05-31 09:08 214,016 C:\WINDOWS\system32\netevent.dll
2006-05-31 09:08 21,504 C:\WINDOWS\system32\rcp.exe
2006-05-31 09:08 21,504 C:\WINDOWS\system32\pathping.exe
2006-05-31 09:08 206,336 C:\WINDOWS\system32\rasppp.dll
2006-05-31 09:08 20,992 C:\WINDOWS\system32\sclgntfy.dll
2006-05-31 09:08 20,992 C:\WINDOWS\system32\msg.exe
2006-05-31 09:08 20,511 C:\WINDOWS\system32\odtext32.dll
2006-05-31 09:08 20,511 C:\WINDOWS\system32\oddbse32.dll
2006-05-31 09:08 20,510 C:\WINDOWS\system32\odpdx32.dll
2006-05-31 09:08 20,510 C:\WINDOWS\system32\odfox32.dll
2006-05-31 09:08 20,510 C:\WINDOWS\system32\odexl32.dll
2006-05-31 09:08 20,480 C:\WINDOWS\system32\qprocess.exe
2006-05-31 09:08 20,480 C:\WINDOWS\system32\nbtstat.exe
2006-05-31 09:08 20,480 C:\WINDOWS\system32\mtxdm.dll
2006-05-31 09:08 20,480 C:\WINDOWS\system32\msorc32r.dll
2006-05-31 09:08 2,890,240 C:\WINDOWS\system32\msi.dll
2006-05-31 09:08 195,072 C:\WINDOWS\system32\msutb.dll
2006-05-31 09:08 190,976 C:\WINDOWS\system32\schedsvc.dll
2006-05-31 09:08 19,968 C:\WINDOWS\system32\route.exe
2006-05-31 09:08 19,968 C:\WINDOWS\system32\rdpsnd.dll
2006-05-31 09:08 19,456 C:\WINDOWS\system32\shutdown.exe
2006-05-31 09:08 181,248 C:\WINDOWS\system32\rasmans.dll
2006-05-31 09:08 180,224 C:\WINDOWS\system32\scecli.dll
2006-05-31 09:08 18,944 C:\WINDOWS\system32\seclogon.dll
2006-05-31 09:08 18,944 C:\WINDOWS\system32\rsmps.dll
2006-05-31 09:08 18,944 C:\WINDOWS\system32\nddenb32.dll
2006-05-31 09:08 179,712 C:\WINDOWS\system32\ntmsdba.dll
2006-05-31 09:08 176,128 C:\WINDOWS\system32\photowiz.dll
2006-05-31 09:08 171,008 C:\WINDOWS\system32\sccsccp.dll
2006-05-31 09:08 171,008 C:\WINDOWS\system32\netmsg.dll
2006-05-31 09:08 17,920 C:\WINDOWS\system32\ping.exe
2006-05-31 09:08 17,920 C:\WINDOWS\system32\nddeapi.dll
2006-05-31 09:08 17,408 C:\WINDOWS\system32\powrprof.dll
2006-05-31 09:08 169,984 C:\WINDOWS\system32\sccbase.dll
2006-05-31 09:08 169,520 C:\WINDOWS\system32\ole2disp.dll
2006-05-31 09:08 163,328 C:\WINDOWS\system32\oleacc.dll
2006-05-31 09:08 16,896 C:\WINDOWS\system32\rassapi.dll
2006-05-31 09:08 16,896 C:\WINDOWS\system32\qappsrv.exe
2006-05-31 09:08 16,896 C:\WINDOWS\system32\perfnet.dll
2006-05-31 09:08 16,896 C:\WINDOWS\system32\oleaccrc.dll
2006-05-31 09:08 16,384 C:\WINDOWS\system32\runas.exe
2006-05-31 09:08 16,384 C:\WINDOWS\system32\prflbmsg.dll
2006-05-31 09:08 16,384 C:\WINDOWS\system32\odbc32gt.dll
2006-05-31 09:08 159,744 C:\WINDOWS\system32\scrobj.dll
2006-05-31 09:08 159,232 C:\WINDOWS\system32\sbeio.dll
2006-05-31 09:08 159,232 C:\WINDOWS\system32\msimtf.dll
2006-05-31 09:08 153,008 C:\WINDOWS\system32\ole2nls.dll
2006-05-31 09:08 152,576 C:\WINDOWS\system32\rsaenh.dll
2006-05-31 09:08 151,552 C:\WINDOWS\system32\scrrun.dll
2006-05-31 09:08 15,872 C:\WINDOWS\system32\rwinsta.exe
2006-05-31 09:08 15,872 C:\WINDOWS\system32\perfmon.exe
2006-05-31 09:08 15,360 C:\WINDOWS\system32\pentnt.exe
2006-05-31 09:08 15,360 C:\WINDOWS\system32\msisip.dll
2006-05-31 09:08 147,968 C:\WINDOWS\system32\rdchost.dll
2006-05-31 09:08 147,456 C:\WINDOWS\system32\odbctrac.dll
2006-05-31 09:08 146,432 C:\WINDOWS\system32\msrating.dll
2006-05-31 09:08 146,432 C:\WINDOWS\system32\msls31.dll
2006-05-31 09:08 146,432 C:\WINDOWS\regedit.exe
2006-05-31 09:08 144,384 C:\WINDOWS\system32\nwprovau.dll
2006-05-31 09:08 143,872 C:\WINDOWS\system32\ntshrui.dll
2006-05-31 09:08 143,360 C:\WINDOWS\system32\rasmontr.dll
2006-05-31 09:08 143,360 C:\WINDOWS\system32\msorcl32.dll
2006-05-31 09:08 140,800 C:\WINDOWS\system32\sessmgr.exe
2006-05-31 09:08 140,288 C:\WINDOWS\system32\sfc_os.dll
2006-05-31 09:08 14,848 C:\WINDOWS\system32\shadow.exe
2006-05-31 09:08 14,848 C:\WINDOWS\system32\serwvdrv.dll
2006-05-31 09:08 14,848 C:\WINDOWS\system32\rsh.exe
2006-05-31 09:08 14,848 C:\WINDOWS\system32\msidntld.dll
2006-05-31 09:08 14,336 C:\WINDOWS\system32\serialui.dll
2006-05-31 09:08 14,336 C:\WINDOWS\system32\runonce.exe
2006-05-31 09:08 14,336 C:\WINDOWS\system32\ntlanui2.dll
2006-05-31 09:08 139,264 C:\WINDOWS\system32\netid.dll
2006-05-31 09:08 135,168 C:\WINDOWS\system32\odbcconf.dll
2006-05-31 09:08 134,656 C:\WINDOWS\system32\mssap.dll
2006-05-31 09:08 132,608 C:\WINDOWS\system32\rsvp.exe
2006-05-31 09:08 130,048 C:\WINDOWS\system32\sdpblb.dll
2006-05-31 09:08 13,824 C:\WINDOWS\system32\sisbkup.dll
2006-05-31 09:08 13,824 C:\WINDOWS\system32\senscfg.dll
2006-05-31 09:08 13,824 C:\WINDOWS\system32\rexec.exe
2006-05-31 09:08 13,824 C:\WINDOWS\system32\rdsaddin.exe
2006-05-31 09:08 13,312 C:\WINDOWS\system32\sigtab.dll
2006-05-31 09:08 13,312 C:\WINDOWS\system32\savedump.exe
2006-05-31 09:08 13,312 C:\WINDOWS\system32\ntvdmd.dll
2006-05-31 09:08 13,312 C:\WINDOWS\system32\msswch.dll
2006-05-31 09:08 129,536 C:\WINDOWS\system32\msv1_0.dll
2006-05-31 09:08 126,976 C:\WINDOWS\system32\mshearts.exe
2006-05-31 09:08 126,912 C:\WINDOWS\system32\msvideo.dll
2006-05-31 09:08 124,928 C:\WINDOWS\system32\net1.exe
2006-05-31 09:08 120,832 C:\WINDOWS\system32\offfilt.dll
2006-05-31 09:08 120,832 C:\WINDOWS\system32\msvfw32.dll
2006-05-31 09:08 12,800 C:\WINDOWS\system32\replace.exe
2006-05-31 09:08 12,800 C:\WINDOWS\system32\rasser.dll
2006-05-31 09:08 12,288 C:\WINDOWS\system32\perfts.dll
2006-05-31 09:08 12,288 C:\WINDOWS\system32\odbcp32r.dll
2006-05-31 09:08 12,288 C:\WINDOWS\system32\nmevtmsg.dll
2006-05-31 09:08 12,288 C:\WINDOWS\system32\netrap.dll
2006-05-31 09:08 12,288 C:\WINDOWS\system32\mstinit.exe
2006-05-31 09:08 12,288 C:\WINDOWS\system32\mscpx32r.dll
2006-05-31 09:08 118,784 C:\WINDOWS\system32\scardssp.dll
2006-05-31 09:08 118,784 C:\WINDOWS\system32\ntmarta.dll
2006-05-31 09:08 117,760 C:\WINDOWS\system32\oledlg.dll
2006-05-31 09:08 115,712 C:\WINDOWS\system32\mstlsapi.dll
2006-05-31 09:08 112,128 C:\WINDOWS\system32\rastls.dll
2006-05-31 09:08 111,104 C:\WINDOWS\system32\netdde.exe
2006-05-31 09:08 11,776 C:\WINDOWS\system32\regsvr32.exe
2006-05-31 09:08 11,776 C:\WINDOWS\system32\rasctrs.dll
2006-05-31 09:08 11,776 C:\WINDOWS\system32\rasautou.exe
2006-05-31 09:08 11,753 C:\WINDOWS\system32\setver.exe
2006-05-31 09:08 11,264 C:\WINDOWS\system32\rasdial.exe
2006-05-31 09:08 11,264 C:\WINDOWS\system32\msrle32.dll
2006-05-31 09:08 109,568 C:\WINDOWS\system32\progman.exe
2006-05-31 09:08 108,464 C:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users