Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log: Please Help Diagnose


  • This topic is locked This topic is locked
25 replies to this topic

#1 dbherman

dbherman

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 11 August 2006 - 09:58 AM

Logfile of HijackThis v1.99.1
Scan saved at 10:56:15 AM, on 8/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\RGF3bg\command.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\v1201.exe
C:\WINNT\system32\l3jdfs.exe
C:\WINNT\CCZoop05.exe
C:\WINNT\ms049561249-200.exe
C:\WINNT\system32\vp1i4.exe
C:\Program Files\Common Files\{8838875F-02BA-1033-0104-020315990001}\Update.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\WSOC Weather Wizard\TrueWeather.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5965DA90-B1C5-4E7D-8282-9190F29CE96B} - C:\Program Files\microsoft frontpage\hoseculyg.dll
O2 - BHO: Vdrw Class - {8711CF54-E9C5-4DB4-9B9F-7D67393CC771} - C:\WINNT\system32\vf1v62x.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Ozbyq Class - {D623BC2F-A58D-4A75-A10D-CC244A702A35} - C:\WINNT\system32\xeymi.dll (file missing)
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ACTX1] C:\WINNT\v1201.exe
O4 - HKLM\..\Run: [epy9J] "C:\WINNT\system32\l3jdfs.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINNT\CCZoop05.exe
O4 - HKLM\..\Run: [ms049561249-200] C:\WINNT\ms049561249-200.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: WSOC Weather Wizard.lnk = C:\Program Files\Common Files\WSOC Weather Wizard\TrueWeather.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {5526B4C6-63D6-41A1-9783-0FABF529859A} (mm06ocx.mm06ocxf) - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1154530703009
O18 - Filter: text/html - {D5BA18F2-FF61-465F-831D-A6850B94FC01} - C:\WINNT\system32\vf1v62x.dll
O20 - AppInit_DLLs: repairs303169590.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\RGF3bg\command.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe



I have removed some of these one time, but the ads still keep coming up, and I can't remove surfsidekick 3 because it says the file is in use when I try to delete it!! I just paid to have my hard drive reformatted and now I have all these annoying pop ups!!!! Any help would be greatly appreciated!!!!!

BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 12 August 2006 - 07:09 AM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:



Please download ComboFix and save it to your desktop.
Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 12 August 2006 - 07:34 AM

Hi Sam, you would be a miracle worker if you can get rid of these pop-ups for me!! That would be so great! I ran that program and here is the log, but I am still getting pop-ups. Thanks for your help!




Start Time= Sat 08/12/2006 8:28:15.63
Running from: C:\Documents and Settings\Dawn\Desktop

(((((((((((((((((((((((((((((((((((((((((((((((( Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Dawn\Application Data\Sskcwrd.dll
C:\Documents and Settings\Dawn\Application Data\Sskknwrd.dll
C:\Documents and Settings\Dawn\Application Data\Sskuknwrd.dll
C:\Documents and Settings\Dawn\Local Settings\Temporary Internet Files\Ssk.log
C:\Documents and Settings\Dawn\Recent\Ssk.lnk


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



8:29:47.09
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\dfndrff_7.exe
C:\kybrdff_7.exe
C:\Documents and Settings\Dawn\Local Settings\Temp\drsmartload180a.exe
C:\MTE3NDI6ODoxNgnew.exe
C:\warebundlenewer.exe
C:\WINNT\system32\atmtd.dll.tmp
C:\WINNT\RGF3bg


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-08-12 08:14:54 36865 ( A.... ) "C:\WINNT\wallpap.exe"
2006-08-11 21:13:18 13198 ( A.... ) "C:\WINNT\system32\dlh9jkdq7.exe"
2006-08-11 21:13:18 13198 ( A.... ) "C:\WINNT\system32\dlh9jkdq6.exe"
2006-08-11 21:13:16 37170 ( A.... ) "C:\WINNT\system32\dlh9jkdq2.exe"
2006-08-11 21:13:16 8726 ( A.... ) "C:\WINNT\system32\dlh9jkdq5.exe"
2006-08-11 21:13:16 5036 ( A.... ) "C:\WINNT\system32\dlh9jkdq1.exe"
2006-08-11 21:13:16 17 ( A.... ) "C:\WINNT\system32\dlh9jkdq8.exe"
2006-08-11 21:12:26 7985 ( A.... ) "C:\WINNT\system32\slx.exe?????????????????????]"
2006-08-11 21:12:26 7985 ( A.... ) "C:\WINNT\system32\kernels8.exe"
2006-08-11 21:12:24 7985 ( A.... ) "C:\lo-249210439.exe"
2006-08-11 15:04:32 836 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\ViewerApp.dat"
2006-08-11 12:56:28 155648 ( A.... ) "C:\WINNT\sys11-2009561249.exe"
2006-08-11 10:35:40 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\Install.dat"
2006-08-11 10:34:44 7985 ( A.... ) "C:\lo-1554484133.exe"
2006-08-09 11:01:22 2 ( A.... ) "C:\WINNT\system32\wapisvit.exe"
2006-08-09 11:01:14 81920 ( A.... ) "C:\WINNT\system32\dvdplay.dll"
2006-08-09 11:01:10 ( .D... ) "C:\Program Files\s?stem32"
2006-08-09 10:58:18 175362 ( A.... ) "C:\Program Files\Common Files\EliteMediaGroupOinUninstaller.exe"
2006-08-09 10:58:16 ( .D... ) "C:\Program Files\arro"
2006-08-09 10:57:56 319294 ( A.... ) "C:\WINNT\YOINSI.exe"
2006-08-06 10:06:46 30208 ( A.... ) "C:\WINNT\ss1205.exe"
2006-08-06 10:06:46 25105 ( A.... ) "C:\WINNT\idlemg.exe"
2006-08-06 10:06:44 376832 ( A.... ) "C:\WINNT\876057.exe"
2006-08-06 10:06:44 303104 ( A.... ) "C:\WINNT\system32\WinNB57.dll"
2006-08-06 10:06:32 234248 ( A.... ) "C:\WINNT\Tagasuarus2.exe"
2006-08-06 10:06:26 66984 ( A.... ) "C:\WINNT\STOPz.exe"
2006-08-06 10:06:26 28672 ( A.... ) "C:\WINNT\system32\whcixm7.exe"
2006-08-06 10:06:24 45056 ( A.... ) "C:\WINNT\system32afdaqd3.exe"
2006-08-06 10:06:24 36864 ( A.... ) "C:\WINNT\system32y3aqsoepa.exe"
2006-08-06 10:06:24 36864 ( A.... ) "C:\WINNT\system32\y3aqsoepa.exe"
2006-08-06 10:06:24 28672 ( A.... ) "C:\WINNT\system32cymmh.exe"
2006-08-06 10:06:24 28672 ( A.... ) "C:\WINNT\system32\cymmh.exe"
2006-08-06 10:06:12 57344 ( A.... ) "C:\WINNT\ddhb.exe"
2006-08-06 10:06:10 36864 ( A.... ) "C:\WINNT\thiselt.exe"
2006-08-06 09:49:36 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\AdobeUM"
2006-08-06 09:35:06 ( .D... ) "C:\Program Files\Adobe"
2006-08-06 09:35:04 869 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\AdobeDLM.log"
2006-08-06 09:35:04 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\dm.ini"
2006-08-06 09:27:24 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Adobe"
2006-08-06 09:27:22 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-08-05 13:52:42 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Free Spider TreeCardGames"
2006-08-05 13:52:36 ( .D... ) "C:\Program Files\Free Spider"
2006-08-05 11:41:58 ( .D... ) "C:\Program Files\Common Files\Sandlot Shared"
2006-08-04 10:59:14 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-08-04 10:40:06 110592 ( A.... ) "C:\WINNT\v1201.exe"
2006-08-04 10:28:10 ( .D... ) "C:\Program Files\Common Files\ufqm"
2006-08-04 10:26:56 143360 ( A.... ) "C:\WINNT\win32109-200956124.exe"
2006-08-04 10:26:44 14848 ( A.... ) "C:\stub_113_4_0_4_0newer.exe"
2006-08-04 10:26:36 232749 ( A.... ) "C:\WINNT\pf78.exe"
2006-08-04 10:26:36 45056 ( A.... ) "C:\WINNT\system32zkdmg.exe"
2006-08-04 10:26:36 36864 ( A.... ) "C:\WINNT\system32uvzgi.exe"
2006-08-04 10:26:36 28672 ( A.... ) "C:\WINNT\system32tpsd.exe"
2006-08-04 10:26:30 467968 ( A.... ) "C:\visfx500new.exe"
2006-08-04 10:26:12 36864 ( A.... ) "C:\WINNT\system32\uvzgi.exe"
2006-08-04 10:26:12 28672 ( A.... ) "C:\WINNT\system32\tpsd.exe"
2006-08-04 10:26:10 32768 ( A.... ) "C:\WINNT\unstall.exe"
2006-08-04 10:26:04 53120 ( A.... ) "C:\WINNT\optimize.exe"
2006-08-04 10:26:02 48190 ( A.... ) "C:\RDFX4.exe"
2006-08-04 10:25:48 57344 ( A.... ) "C:\WINNT\cs2m6f.exe"
2006-08-04 10:25:46 45056 ( A.... ) "C:\WINNT\system32ghynf.exe"
2006-08-04 10:25:46 36864 ( A.... ) "C:\WINNT\system32\n9nyb.exe"
2006-08-04 10:25:46 28672 ( A.... ) "C:\WINNT\system32bez6n4r21.exe"
2006-08-04 10:25:46 28672 ( A.... ) "C:\WINNT\system32\bez6n4r21.exe"
2006-08-04 10:25:46 0 ( A.... ) "C:\WINNT\system32n9nyb.exe"
2006-08-04 10:25:44 42944 ( A.... ) "C:\WINNT\pop06ap2.exe"
2006-08-04 10:25:24 57344 ( A.... ) "C:\fym9bvo.exe"
2006-08-04 10:25:22 226536 ( A.... ) "C:\WINNT\whCC-GIANT.exe"
2006-08-04 10:25:22 ( .D... ) "C:\Program Files\Common Files\{8838875F-02BA-1033-0104-020315990001}"
2006-08-04 09:11:32 61440 ( A.... ) "C:\WINNT\wnUninstall.exe"
2006-08-04 09:11:32 ( .D... ) "C:\Program Files\Common Files\WSOC Weather Wizard"
2006-08-03 18:40:40 ( .D... ) "C:\Program Files\MSN Games"
2006-08-03 16:34:18 ( .D... ) "C:\Program Files\MXpie Patch"
2006-08-03 16:31:10 ( .D... ) "C:\Program Files\WinMX"
2006-08-03 16:08:28 ( .D... ) "C:\Program Files\Google"
2006-08-03 16:08:28 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Google"
2006-08-03 15:31:16 34724 ( A.SHR ) "C:\NTDETECT.COM"
2006-08-03 15:09:34 ( AD.H. ) "C:\Program Files\WindowsUpdate"
2006-08-03 15:05:18 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Macromedia"
2006-08-03 15:02:16 ( .D... ) "C:\Program Files\Support.com"
2006-08-02 21:15:46 ( .D... ) "C:\Program Files\Common Files\Ahead"
2006-08-02 21:15:42 ( .D... ) "C:\Program Files\Ahead"
2006-08-02 21:13:08 ( .D... ) "C:\Program Files\CyberLink"
2006-08-02 19:20:52 ( .D... ) "C:\Program Files\Common Files\muvee Technologies"
2006-08-02 19:20:50 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-08-02 19:20:50 ( .D... ) "C:\Program Files\Sony Corporation"
2006-08-01 22:18:14 1044480 ( A.... ) "C:\WINNT\system32\Roboex32.dll"
2006-08-01 22:18:14 708608 ( A.... ) "C:\WINNT\system32\CDDBUIRoxio.dll"
2006-08-01 22:18:14 569344 ( A.... ) "C:\WINNT\system32\CDDBControlRoxio.dll"
2006-08-01 22:18:14 57344 ( A.... ) "C:\WINNT\uneng.exe"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\INETWH32.dll"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\cdrtc.dll"
2006-08-01 22:18:14 45056 ( A.... ) "C:\WINNT\system32\cdral.dll"
2006-08-01 22:14:42 ( .D... ) "C:\Program Files\Adaptec"
2006-08-01 22:13:52 ( .D... ) "C:\Program Files\Common Files\InstallShield"
2006-08-01 22:12:00 ( AD... ) "C:\Program Files\Common Files\Microsoft Shared"
2006-08-01 22:10:48 ( .D... ) "C:\Program Files\Snapshot Viewer"
2006-08-01 22:07:44 ( .D... ) "C:\Program Files\Common Files\Designer"
2006-08-01 22:06:26 ( .D... ) "C:\Program Files\Microsoft Office"
2006-08-01 22:06:26 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Microsoft Web Folders"
2006-08-01 22:02:14 ( .D.H. ) "C:\Program Files\Uninstall Information"
2006-08-01 21:56:40 ( .D... ) "C:\Program Files\Common Files\Adaptec Shared"
2006-08-01 21:12:24 ( .D... ) "C:\Program Files\WinZip"
2006-08-01 18:27:08 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Identities"
2006-08-01 18:27:02 ( .DS.. ) "C:\Documents and Settings\Dawn\Application Data\Microsoft"
2006-08-01 18:22:34 ( .D... ) "C:\Program Files\microsoft frontpage"
2006-08-01 18:21:46 0 ( ...H. ) "C:\AUTOEXEC.BAT"
2006-08-01 18:20:50 21952 ( ...H. ) "C:\Program Files\folder.htt"
2006-08-01 18:20:50 271 ( ...H. ) "C:\Program Files\desktop.ini"
2006-08-01 18:20:40 ( .D... ) "C:\Program Files\Windows Media Player"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\NetMeeting"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\Common Files\Services"
2006-08-01 18:20:28 ( .D... ) "C:\Program Files\Outlook Express"
2006-08-01 18:20:18 ( .D... ) "C:\Program Files\Common Files\System"
2006-08-01 18:20:10 ( .D... ) "C:\Program Files\Internet Explorer"
2006-08-01 18:20:02 ( .D... ) "C:\Program Files\ComPlus Applications"
2006-07-31 16:03:08 1163264 ( A.... ) "C:\WINNT\system32\riwzkn.exe"
2006-07-31 16:02:56 36864 ( A.... ) "C:\WINNT\system32\hauc.exe"
2006-07-21 18:55:38 127578 ( A.... ) "C:\WINNT\system32\tsuninst.exe"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-08-12 08:14 36,865 C:\WINNT\wallpap.exe
2006-08-11 21:13 8,726 C:\WINNT\system32\dlh9jkdq5.exe
2006-08-11 21:13 5,036 C:\WINNT\system32\dlh9jkdq1.exe
2006-08-11 21:13 37,170 C:\WINNT\system32\dlh9jkdq2.exe
2006-08-11 21:13 17 C:\WINNT\system32\dlh9jkdq8.exe
2006-08-11 21:13 13,198 C:\WINNT\system32\dlh9jkdq7.exe
2006-08-11 21:13 13,198 C:\WINNT\system32\dlh9jkdq6.exe
2006-08-11 21:12 7,985 C:\lo-249210439.exe
2006-08-11 12:56 155,648 C:\WINNT\sys11-2009561249.exe
2006-08-11 10:35 7,985 C:\WINNT\system32\kernels8.exe
2006-08-11 10:34 7,985 C:\lo-1554484133.exe
2006-08-09 11:01 81,920 C:\WINNT\system32\dvdplay.dll
2006-08-09 11:01 2 C:\WINNT\system32\wapisvit.exe
2006-08-09 10:57 319,294 C:\WINNT\YOINSI.exe
2006-08-06 10:06 66,984 C:\WINNT\STOPz.exe
2006-08-06 10:06 57,344 C:\WINNT\ddhb.exe
2006-08-06 10:06 45,056 C:\WINNT\system32afdaqd3.exe
2006-08-06 10:06 376,832 C:\WINNT\876057.exe
2006-08-06 10:06 36,864 C:\WINNT\thiselt.exe
2006-08-06 10:06 36,864 C:\WINNT\system32y3aqsoepa.exe
2006-08-06 10:06 36,864 C:\WINNT\system32\y3aqsoepa.exe
2006-08-06 10:06 303,104 C:\WINNT\system32\WinNB57.dll
2006-08-06 10:06 30,208 C:\WINNT\ss1205.exe
2006-08-06 10:06 28,672 C:\WINNT\system32cymmh.exe
2006-08-06 10:06 28,672 C:\WINNT\system32\whcixm7.exe
2006-08-06 10:06 28,672 C:\WINNT\system32\cymmh.exe
2006-08-06 10:06 25,105 C:\WINNT\idlemg.exe
2006-08-06 10:06 234,248 C:\WINNT\Tagasuarus2.exe
2006-08-05 11:42 44,032 C:\WINNT\system32\msxml3r.dll
2006-08-04 10:50 78,488 C:\WINNT\system32\XMD5.dll
2006-08-04 10:50 101,888 C:\WINNT\system32\vb6stkit.dll
2006-08-04 10:50 1,386,496 C:\WINNT\system32\msvbvm60.dll
2006-08-04 10:28 127,578 C:\WINNT\system32\tsuninst.exe
2006-08-04 10:26 467,968 C:\visfx500new.exe
2006-08-04 10:26 45,056 C:\WINNT\system32zkdmg.exe
2006-08-04 10:26 36,864 C:\WINNT\system32uvzgi.exe
2006-08-04 10:26 36,864 C:\WINNT\system32\uvzgi.exe
2006-08-04 10:26 36,864 C:\WINNT\system32\hauc.exe
2006-08-04 10:26 32,768 C:\WINNT\unstall.exe
2006-08-04 10:26 28,672 C:\WINNT\system32tpsd.exe
2006-08-04 10:26 28,672 C:\WINNT\system32\tpsd.exe
2006-08-04 10:26 232,749 C:\WINNT\pf78.exe
2006-08-04 10:26 143,360 C:\WINNT\win32109-200956124.exe
2006-08-04 10:26 14,848 C:\stub_113_4_0_4_0newer.exe
2006-08-04 10:26 110,592 C:\WINNT\v1201.exe
2006-08-04 10:26 1,163,264 C:\WINNT\system32\riwzkn.exe
2006-08-04 10:25 57,344 C:\WINNT\cs2m6f.exe
2006-08-04 10:25 57,344 C:\fym9bvo.exe
2006-08-04 10:25 53,120 C:\WINNT\optimize.exe
2006-08-04 10:25 48,190 C:\RDFX4.exe
2006-08-04 10:25 45,056 C:\WINNT\system32ghynf.exe
2006-08-04 10:25 42,944 C:\WINNT\pop06ap2.exe
2006-08-04 10:25 36,864 C:\WINNT\system32\n9nyb.exe
2006-08-04 10:25 28,672 C:\WINNT\system32bez6n4r21.exe
2006-08-04 10:25 28,672 C:\WINNT\system32\bez6n4r21.exe
2006-08-04 10:25 226,536 C:\WINNT\whCC-GIANT.exe
2006-08-04 10:25 0 C:\WINNT\system32n9nyb.exe
2006-08-04 09:11 61,440 C:\WINNT\wnUninstall.exe
2006-08-03 15:30 3,856 C:\WINNT\system32\SVCPACK1.DLL
2006-08-03 15:27 92,432 C:\WINNT\system32\xactsrv.dll
2006-08-03 15:27 8,464 C:\WINNT\system32\wshirda.dll
2006-08-03 15:27 79,120 C:\WINNT\system32\winscard.dll
2006-08-03 15:27 74,512 C:\WINNT\system32\wmicore.dll
2006-08-03 15:27 69,904 C:\WINNT\system32\ws2_32.dll
2006-08-03 15:27 59,152 C:\WINNT\system32\winfax.dll
2006-08-03 15:27 57,616 C:\WINNT\system32\wlnotify.dll
2006-08-03 15:27 42,768 C:\WINNT\system32\webhits.dll
2006-08-03 15:27 4,368 C:\WINNT\system32\winver.exe
2006-08-03 15:27 39,696 C:\WINNT\system32\wsnmp32.dll
2006-08-03 15:27 39,184 C:\WINNT\system32\winsta.dll
2006-08-03 15:27 29,968 C:\WINNT\system32\wpnpinst.exe
2006-08-03 15:27 28,400 C:\WINNT\system32\wupdinfo.dll
2006-08-03 15:27 270,608 C:\WINNT\winhlp32.exe
2006-08-03 15:27 240,912 C:\WINNT\system32\wow32.dll
2006-08-03 15:27 239,376 C:\WINNT\system32\winsmon.dll
2006-08-03 15:27 21,776 C:\WINNT\system32\wsock32.dll
2006-08-03 15:27 193,296 C:\WINNT\winrep.exe
2006-08-03 15:27 181,008 C:\WINNT\system32\WINLOGON.EXE
2006-08-03 15:27 172,664 C:\WINNT\system32\XENROLL.DLL
2006-08-03 15:27 17,680 C:\WINNT\system32\wshtcpip.dll
2006-08-03 15:27 166,160 C:\WINNT\system32\WINTRUST.DLL
2006-08-03 15:27 162,064 C:\WINNT\system32\WLDAP32.DLL
2006-08-03 15:27 10,000 C:\WINNT\system32\wshatm.dll
2006-08-03 15:26 977,680 C:\WINNT\system32\vfpodbc.dll
2006-08-03 15:26 83,888 C:\WINNT\system32\vga.dll
2006-08-03 15:26 68,368 C:\WINNT\system32\unimdmat.dll
2006-08-03 15:26 57,104 C:\WINNT\system32\w32tm.exe
2006-08-03 15:26 51,472 C:\WINNT\system32\w32time.dll
2006-08-03 15:26 403,216 C:\WINNT\system32\USER32.DLL
2006-08-03 15:26 389,904 C:\WINNT\system32\USERENV.DLL
2006-08-03 15:26 315,664 C:\WINNT\system32\usp10.dll
2006-08-03 15:26 30,749 C:\WINNT\system32\vbajet32.dll
2006-08-03 15:26 26,384 C:\WINNT\system32\utildll.dll
2006-08-03 15:26 24,848 C:\WINNT\system32\spdwnw2k.exe
2006-08-03 15:26 22,800 C:\WINNT\system32\utilman.exe
2006-08-03 15:26 21,776 C:\WINNT\system32\spupdw2k.exe
2006-08-03 15:26 16,144 C:\WINNT\system32\version.dll
2006-08-03 15:26 155,920 C:\WINNT\system32\wavemsp.dll
2006-08-03 15:26 15,872 C:\WINNT\system32\spupdsvc.exe
2006-08-03 15:26 14,608 C:\WINNT\system32\uniplat.dll
2006-08-03 15:26 11,536 C:\WINNT\system32\usbmon.dll
2006-08-03 15:25 971,024 C:\WINNT\system32\sfcfiles.dll
2006-08-03 15:25 95,024 C:\WINNT\system32\sfc.dll
2006-08-03 15:25 90,384 C:\WINNT\system32\trkwks.dll
2006-08-03 15:25 87,312 C:\WINNT\system32\TASKMGR.EXE
2006-08-03 15:25 85,776 C:\WINNT\system32\smlogsvc.exe
2006-08-03 15:25 81,168 C:\WINNT\system32\stobject.dll
2006-08-03 15:25 80,144 C:\WINNT\system32\telnet.exe
2006-08-03 15:25 7,440 C:\WINNT\system32\svcpack.dll
2006-08-03 15:25 7,440 C:\WINNT\system32\sensapi.dll
2006-08-03 15:25 69,392 C:\WINNT\system32\shim.dll
2006-08-03 15:25 65,601 C:\WINNT\system32\servdeps.dll
2006-08-03 15:25 62,736 C:\WINNT\system32\sstext3d.scr
2006-08-03 15:25 61,712 C:\WINNT\system32\stisvc.exe
2006-08-03 15:25 6,928 C:\WINNT\system32\skdll.dll
2006-08-03 15:25 55,056 C:\WINNT\system32\tlntsess.exe
2006-08-03 15:25 524,560 C:\WINNT\system32\sqlsrv32.dll
2006-08-03 15:25 49,424 C:\WINNT\system32\sqlwoa.dll
2006-08-03 15:25 48,912 C:\WINNT\system32\secur32.dll
2006-08-03 15:25 47,888 C:\WINNT\system32\ssbezier.scr
2006-08-03 15:25 45,840 C:\WINNT\system32\skeys.exe
2006-08-03 15:25 419,600 C:\WINNT\system32\ssmaze.scr
2006-08-03 15:25 41,744 C:\WINNT\system32\tcpmon.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\sti.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\ssflwbox.scr
2006-08-03 15:25 397,584 C:\WINNT\system32\txfaux.dll
2006-08-03 15:25 38,672 C:\WINNT\system32\ssmarque.scr
2006-08-03 15:25 38,160 C:\WINNT\system32\sens.dll
2006-08-03 15:25 375,568 C:\WINNT\system32\tapi3.dll
2006-08-03 15:25 36,624 C:\WINNT\system32\ssmyst.scr
2006-08-03 15:25 35,600 C:\WINNT\system32\storprop.dll
2006-08-03 15:25 33,552 C:\WINNT\system32\shmgrate.exe
2006-08-03 15:25 33,040 C:\WINNT\system32\ssstars.scr
2006-08-03 15:25 31,504 C:\WINNT\system32\traffic.dll
2006-08-03 15:25 285,456 C:\WINNT\system32\smlogcfg.dll
2006-08-03 15:25 27,920 C:\WINNT\system32\umandlg.dll
2006-08-03 15:25 246,544 C:\WINNT\system32\strmdll.dll
2006-08-03 15:25 24,848 C:\WINNT\system32\sqlwid.dll
2006-08-03 15:25 214,288 C:\WINNT\system32\snmpsnap.dll
2006-08-03 15:25 21,264 C:\WINNT\system32\stimon.exe
2006-08-03 15:25 2,383,632 C:\WINNT\system32\SHELL32.DLL
2006-08-03 15:25 187,664 C:\WINNT\system32\thumbvw.dll
2006-08-03 15:25 187,024 C:\WINNT\system32\spcmdcon.sys
2006-08-03 15:25 186,128 C:\WINNT\system32\tlntsvr.exe
2006-08-03 15:25 173,328 C:\WINNT\system32\tapisrv.dll
2006-08-03 15:25 17,680 C:\WINNT\system32\tftp.exe
2006-08-03 15:25 17,680 C:\WINNT\system32\SNMPAPI.DLL
2006-08-03 15:25 17,168 C:\WINNT\system32\seclogon.dll
2006-08-03 15:25 17,168 C:\WINNT\system32\secedit.exe
2006-08-03 15:25 15,120 C:\WINNT\system32\sisbkup.dll
2006-08-03 15:25 138,000 C:\WINNT\system32\ss3dfo.scr
2006-08-03 15:25 13,072 C:\WINNT\system32\tcpmib.dll
2006-08-03 15:25 126,736 C:\WINNT\system32\TAPI32.DLL
2006-08-03 15:25 119,056 C:\WINNT\system32\sqlstr.dll
2006-08-03 15:25 107,792 C:\WINNT\system32\sndrec32.exe
2006-08-03 15:25 102,160 C:\WINNT\system32\sspipes.scr
2006-08-03 15:24 996,112 C:\WINNT\system32\OLE32.DLL
2006-08-03 15:24 97,040 C:\WINNT\system32\rtm.dll
2006-08-03 15:24 90,112 C:\WINNT\system32\odbcint.dll
2006-08-03 15:24 85,776 C:\WINNT\system32\ntsdexts.dll
2006-08-03 15:24 77,584 C:\WINNT\system32\scripto.dll
2006-08-03 15:24 77,072 C:\WINNT\system32\rsvpsp.dll
2006-08-03 15:24 73,488 C:\WINNT\regedit.exe
2006-08-03 15:24 70,928 C:\WINNT\system32\olethk32.dll
2006-08-03 15:24 692,496 C:\WINNT\system32\OPENGL32.DLL
2006-08-03 15:24 68,368 C:\WINNT\system32\regsvc.exe
2006-08-03 15:24 63,248 C:\WINNT\system32\RASSCRPT.DLL
2006-08-03 15:24 60,688 C:\WINNT\system32\RASCHAP.DLL
2006-08-03 15:24 57,104 C:\WINNT\system32\ocmanage.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\odbcji32.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\ntmsapi.dll
2006-08-03 15:24 53,008 C:\WINNT\system32\packager.exe
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdx86.dll
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdenrl.dll
2006-08-03 15:24 454,416 C:\WINNT\system32\rpcrt4.dll
2006-08-03 15:24 446,224 C:\WINNT\system32\oakley.dll
2006-08-03 15:24 444,176 C:\WINNT\system32\oieng400.dll
2006-08-03 15:24 44,816 C:\WINNT\system32\rsm.exe
2006-08-03 15:24 431,888 C:\WINNT\system32\riched20.dll
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.exe
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.dll
2006-08-03 15:24 401,168 C:\WINNT\system32\ntmssvc.dll
2006-08-03 15:24 40,720 C:\WINNT\system32\RESUTILS.DLL
2006-08-03 15:24 37,136 C:\WINNT\system32\ODBCAD32.exe
2006-08-03 15:24 36,624 C:\WINNT\system32\RNR20.DLL
2006-08-03 15:24 36,112 C:\WINNT\system32\regapi.dll
2006-08-03 15:24 29,968 C:\WINNT\system32\profmap.dll
2006-08-03 15:24 29,456 C:\WINNT\system32\perfproc.dll
2006-08-03 15:24 28,432 C:\WINNT\system32\scrnsave.scr
2006-08-03 15:24 270,608 C:\WINNT\system32\odbcjt32.dll
2006-08-03 15:24 254,736 C:\WINNT\system32\scesrv.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rsfsaps.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rapilib.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\perfdisk.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\odbcbcp.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\ODBC32GT.dll
2006-08-03 15:24 24,336 C:\WINNT\system32\rpcns4.dll
2006-08-03 15:24 239,376 C:\WINNT\system32\rpcss.dll
2006-08-03 15:24 221,456 C:\WINNT\system32\osk.exe
2006-08-03 15:24 22,800 C:\WINNT\system32\routeext.dll
2006-08-03 15:24 217,360 C:\WINNT\system32\ODBC32.dll
2006-08-03 15:24 214,800 C:\WINNT\system32\objsel.dll
2006-08-03 15:24 200,976 C:\WINNT\system32\odbccu32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\sclgntfy.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odtext32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odpdx32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odfox32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odexl32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\oddbse32.dll
2006-08-03 15:24 198,928 C:\WINNT\system32\rasppp.dll
2006-08-03 15:24 196,880 C:\WINNT\system32\odbccr32.dll
2006-08-03 15:24 176,912 C:\WINNT\system32\rsvp.exe
2006-08-03 15:24 173,328 C:\WINNT\system32\ntmsdba.dll
2006-08-03 15:24 164,112 C:\WINNT\system32\OLEPRO32.DLL
2006-08-03 15:24 155,920 C:\WINNT\system32\ODBCTRAC.dll
2006-08-03 15:24 154,896 C:\WINNT\system32\rasmontr.dll
2006-08-03 15:24 151,824 C:\WINNT\system32\pdh.dll
2006-08-03 15:24 146,192 C:\WINNT\system32\polstore.dll
2006-08-03 15:24 14,608 C:\WINNT\system32\RASSAPI.DLL
2006-08-03 15:24 14,096 C:\WINNT\system32\rsh.exe
2006-08-03 15:24 139,536 C:\WINNT\system32\regedt32.exe
2006-08-03 15:24 132,368 C:\WINNT\system32\RSABASE.DLL
2006-08-03 15:24 13,584 C:\WINNT\system32\powrprof.dll
2006-08-03 15:24 115,472 C:\WINNT\system32\PSBASE.DLL
2006-08-03 15:24 114,448 C:\WINNT\system32\scecli.dll
2006-08-03 15:24 111,888 C:\WINNT\system32\polagent.dll
2006-08-03 15:24 110,080 C:\WINNT\system32\offfilt.dll
2006-08-03 15:24 11,024 C:\WINNT\system32\REGSVR32.EXE
2006-08-03 15:24 108,304 C:\WINNT\system32\rsnotify.exe
2006-08-03 15:24 106,256 C:\WINNT\system32\oleprn.dll
2006-08-03 15:24 105,232 C:\WINNT\system32\rend.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\odbccp32.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\NTMARTA.DLL
2006-08-03 15:24 100,624 C:\WINNT\system32\rastls.dll
2006-08-03 15:24 10,000 C:\WINNT\system32\runas.exe
2006-08-03 15:24 1,427,216 C:\WINNT\system32\query.dll
2006-08-03 15:23 9,216 C:\WINNT\system32\wuauserv.dll
2006-08-03 15:23 89,600 C:\WINNT\system32\nlhtml.dll
2006-08-03 15:23 79,632 C:\WINNT\system32\ntdskcc.dll
2006-08-03 15:23 67,344 C:\WINNT\system32\ntdsetup.dll
2006-08-03 15:23 6,928 C:\WINNT\system32\perfvd.exe
2006-08-03 15:23 57,616 C:\WINNT\system32\ntdsapi.dll
2006-08-03 15:23 55,056 C:\WINNT\system32\authz.dll
2006-08-03 15:23 52,496 C:\WINNT\system32\wzcdlg.dll
2006-08-03 15:23 5,632 C:\WINNT\system32\sp2res.dll
2006-08-03 15:23 45,840 C:\WINNT\system32\msmqprop.exe
2006-08-03 15:23 4,010,496 C:\WINNT\system32\sp3res.dll
2006-08-03 15:23 39,936 C:\WINNT\system32\msisip.dll
2006-08-03 15:23 35,648 C:\WINNT\system32\ntio411.sys
2006-08-03 15:23 35,408 C:\WINNT\system32\ntio412.sys
2006-08-03 15:23 34,816 C:\WINNT\system32\msiregmv.exe
2006-08-03 15:23 34,576 C:\WINNT\system32\wzcsetup.exe
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio804.sys
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio404.sys
2006-08-03 15:23 33,824 C:\WINNT\system32\NTIO.SYS
2006-08-03 15:23 32,016 C:\WINNT\system32\ntdsatq.dll
2006-08-03 15:23 310,784 C:\WINNT\system32\winhttp.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\wzcsapi.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\ntdsbsrv.dll
2006-08-03 15:23 28,432 C:\WINNT\system32\ntdsbcli.dll
2006-08-03 15:23 26,624 C:\WINNT\system32\msxmlr.dll
2006-08-03 15:23 244,224 C:\WINNT\system32\qmgr.dll
2006-08-03 15:23 24,336 C:\WINNT\system32\ftpqfe.exe
2006-08-03 15:23 195,856 C:\WINNT\system32\wzcsvc.dll
2006-08-03 15:23 192,512 C:\WINNT\system32\wuaueng.dll
2006-08-03 15:23 18,432 C:\WINNT\system32\qmgrprxy.dll
2006-08-03 15:23 18,192 C:\WINNT\system32\sp4iis.exe
2006-08-03 15:23 165,136 C:\WINNT\system32\ntdsutil.exe
2006-08-03 15:23 147,216 C:\WINNT\system32\dssenh.dll
2006-08-03 15:23 141,312 C:\WINNT\system32\wuauclt.exe
2006-08-03 15:23 134,928 C:\WINNT\system32\rsaenh.dll
2006-08-03 15:23 13,072 C:\WINNT\system32\spiisupd.exe
2006-08-03 15:23 113,936 C:\WINNT\system32\newdev.dll
2006-08-03 15:23 11,536 C:\WINNT\system32\sptsupd.exe
2006-08-03 15:23 1,040,656 C:\WINNT\system32\ntdsa.dll
2006-08-03 15:22 95,504 C:\WINNT\system32\netman.dll
2006-08-03 15:22 831,760 C:\WINNT\system32\mswdat10.dll
2006-08-03 15:22 76,560 C:\WINNT\system32\msw3prt.dll
2006-08-03 15:22 71,952 C:\WINNT\system32\netui0.dll
2006-08-03 15:22 7,440 C:\WINNT\system32\msswchx.exe
2006-08-03 15:22 64,272 C:\WINNT\system32\mswsock.dll
2006-08-03 15:22 614,672 C:\WINNT\system32\mswstr10.dll
2006-08-03 15:22 57,104 C:\WINNT\system32\mydocs.dll
2006-08-03 15:22 553,232 C:\WINNT\system32\msrepl40.dll
2006-08-03 15:22 547,600 C:\WINNT\system32\netcfgx.dll
2006-08-03 15:22 52,496 C:\WINNT\system32\mtxclu.dll
2006-08-03 15:22 514,320 C:\WINNT\system32\msxml.dll
2006-08-03 15:22 477,456 C:\WINNT\system32\netshell.dll
2006-08-03 15:22 47,104 C:\WINNT\system32\MSPRIVS.DLL
2006-08-03 15:22 422,160 C:\WINNT\system32\msrd2x40.dll
2006-08-03 15:22 4,880 C:\WINNT\system32\NDDEAPIR.EXE
2006-08-03 15:22 371,984 C:\WINNT\system32\NETLOGON.DLL
2006-08-03 15:22 35,088 C:\WINNT\system32\MSSIGN32.DLL
2006-08-03 15:22 348,432 C:\WINNT\system32\msxbde40.dll
2006-08-03 15:22 348,432 C:\WINNT\system32\mspbde40.dll
2006-08-03 15:22 315,664 C:\WINNT\system32\msrd3x40.dll
2006-08-03 15:22 311,568 C:\WINNT\system32\NETAPI32.DLL
2006-08-03 15:22 286,773 C:\WINNT\system32\msvcrt.dll
2006-08-03 15:22 26,896 C:\WINNT\system32\NETSTAT.EXE
2006-08-03 15:22 258,320 C:\WINNT\system32\mstext40.dll
2006-08-03 15:22 24,848 C:\WINNT\system32\narrator.exe
2006-08-03 15:22 23,312 C:\WINNT\system32\mtxdm.dll
2006-08-03 15:22 216,848 C:\WINNT\system32\mstask.dll
2006-08-03 15:22 173,840 C:\WINNT\system32\netplwiz.dll
2006-08-03 15:22 16,144 C:\WINNT\system32\NDDEAPI.DLL
2006-08-03 15:22 155,920 C:\WINNT\system32\msorcl32.dll
2006-08-03 15:22 14,608 C:\WINNT\system32\msswch.dll
2006-08-03 15:22 131,344 C:\WINNT\system32\netid.dll
2006-08-03 15:22 124,176 C:\WINNT\system32\net1.exe
2006-08-03 15:22 119,568 C:\WINNT\system32\mstask.exe
2006-08-03 15:22 116,496 C:\WINNT\system32\msvfw32.dll
2006-08-03 15:22 110,352 C:\WINNT\system32\mycomput.dll
2006-08-03 15:22 11,024 C:\WINNT\system32\msrle32.dll
2006-08-03 15:22 108,816 C:\WINNT\system32\NETDDE.EXE
2006-08-03 15:22 105,744 C:\WINNT\system32\mtxoci.dll
2006-08-03 15:21 847,872 C:\WINNT\system32\msimsg.dll
2006-08-03 15:21 64,512 C:\WINNT\system32\msiexec.exe
2006-08-03 15:21 53,520 C:\WINNT\system32\msjter40.dll
2006-08-03 15:21 348,432 C:\WINNT\system32\msjetoledb40.dll
2006-08-03 15:21 305,664 C:\WINNT\system32\msihnd.dll
2006-08-03 15:21 241,936 C:\WINNT\system32\msjtes40.dll
2006-08-03 15:21 213,264 C:\WINNT\system32\msltus40.dll
2006-08-03 15:21 2,017,792 C:\WINNT\system32\msi.dll
2006-08-03 15:21 151,824 C:\WINNT\system32\msjint40.dll
2006-08-03 15:21 1,507,600 C:\WINNT\system32\msjet40.dll
2006-08-03 15:20 99,088 C:\WINNT\system32\modemui.dll
2006-08-03 15:20 88,848 C:\WINNT\system32\msdtclog.dll
2006-08-03 15:20 835,856 C:\WINNT\system32\mmcndmgr.dll
2006-08-03 15:20 707,344 C:\WINNT\system32\msdtcprx.dll
2006-08-03 15:20 69,904 C:\WINNT\system32\mprddm.dll
2006-08-03 15:20 603,408 C:\WINNT\system32\mmc.exe
2006-08-03 15:20 56,080 C:\WINNT\system32\mprui.dll
2006-08-03 15:20 55,056 C:\WINNT\system32\mpr.dll
2006-08-03 15:20 512,272 C:\WINNT\system32\msexch40.dll
2006-08-03 15:20 47,376 C:\WINNT\system32\mprdim.dll
2006-08-03 15:20 4,126 C:\WINNT\system32\msdxmlc.dll
2006-08-03 15:20 334,096 C:\WINNT\system32\MSGINA.DLL
2006-08-03 15:20 319,760 C:\WINNT\system32\msexcl40.dll
2006-08-03 15:20 24,848 C:\WINNT\system32\msdart32.dll
2006-08-03 15:20 236,304 C:\WINNT\system32\msclus.dll
2006-08-03 15:20 19,728 C:\WINNT\system32\mimefilt.dll
2006-08-03 15:20 169,232 C:\WINNT\system32\mobsync.dll
2006-08-03 15:20 146,192 C:\WINNT\system32\msdtcui.dll
2006-08-03 15:20 13,824 C:\WINNT\system32\mscpxl32.dLL
2006-08-03 15:20 111,376 C:\WINNT\system32\mobsync.exe
2006-08-03 15:20 108,816 C:\WINNT\system32\msafd.dll
2006-08-03 15:20 1,131,280 C:\WINNT\system32\msdtctm.dll
2006-08-03 15:20 1,015,859 C:\WINNT\system32\mfc42.dll
2006-08-03 15:20 1,011,764 C:\WINNT\system32\mfc42u.dll
2006-08-03 15:19 76,048 C:\WINNT\system32\mdhcp.dll
2006-08-03 15:19 66,320 C:\WINNT\system32\LOADPERF.DLL
2006-08-03 15:19 48,400 C:\WINNT\system32\loghours.dll
2006-08-03 15:19 43,792 C:\WINNT\system32\magnify.exe
2006-08-03 15:19 25,872 C:\WINNT\system32\LODCTR.EXE
2006-08-03 15:19 246,032 C:\WINNT\system32\localsec.dll
2006-08-03 15:19 20,240 C:\WINNT\system32\lpk.dll
2006-08-03 15:19 130,832 C:\WINNT\system32\logon.scr
2006-08-03 15:19 102,160 C:\WINNT\system32\mdminst.dll
2006-08-03 15:19 10,000 C:\WINNT\system32\lz32.dll
2006-08-03 15:15 92,032 C:\WINNT\system32\KRNL386.EXE
2006-08-03 15:15 73,488 C:\WINNT\system32\irmon.dll
2006-08-03 15:15 72,464 C:\WINNT\system32\isign32.dll
2006-08-03 15:15 69,904 C:\WINNT\system32\IPHLPAPI.DLL
2006-08-03 15:15 6,928 C:\WINNT\system32\KBDCA.DLL
2006-08-03 15:15 49,936 C:\WINNT\system32\ixsso.dll
2006-08-03 15:15 441,616 C:\WINNT\system32\ipnathlp.dll
2006-08-03 15:15 42,809 C:\WINNT\system32\key01.sys
2006-08-03 15:15 42,537 C:\WINNT\system32\KEYBOARD.SYS
2006-08-03 15:15 4,368 C:\WINNT\system32\IPROP.DLL
2006-08-03 15:15 374,032 C:\WINNT\system32\JET500.DLL
2006-08-03 15:15 212,752 C:\WINNT\system32\kerberos.dll
2006-08-03 15:15 159,504 C:\WINNT\system32\iprtrmgr.dll
2006-08-03 15:15 143,872 C:\WINNT\system32\itircl.dll
2006-08-03 15:15 122,368 C:\WINNT\system32\itss.dll
2006-08-03 15:14 97,040 C:\WINNT\system32\iasrad.dll
2006-08-03 15:14 96,528 C:\WINNT\system32\imm32.dll
2006-08-03 15:14 94,992 C:\WINNT\system32\FAXSVC.EXE
2006-08-03 15:14 92,944 C:\WINNT\system32\faxadmin.dll
2006-08-03 15:14 81,978 C:\WINNT\system32\hlink.dll
2006-08-03 15:14 80,144 C:\WINNT\system32\faxcom.dll
2006-08-03 15:14 77,584 C:\WINNT\system32\gpresult.exe
2006-08-03 15:14 76,560 C:\WINNT\system32\hotplug.dll
2006-08-03 15:14 75,536 C:\WINNT\system32\iasads.dll
2006-08-03 15:14 66,848 C:\WINNT\system32\HAL.DLL
2006-08-03 15:14 66,832 C:\WINNT\system32\inetpp.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iassvcs.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iasnap.dll
2006-08-03 15:14 6,416 C:\WINNT\system32\hccoin.dll
2006-08-03 15:14 55,568 C:\WINNT\system32\esentutl.exe
2006-08-03 15:14 50,448 C:\WINNT\system32\fdeploy.dll
2006-08-03 15:14 47,888 C:\WINNT\system32\EVENTLOG.DLL
2006-08-03 15:14 380,957 C:\WINNT\system32\expsrv.dll
2006-08-03 15:14 37,888 C:\WINNT\system32\hhsetup.dll
2006-08-03 15:14 305,424 C:\WINNT\system32\gpedit.dll
2006-08-03 15:14 294,672 C:\WINNT\system32\filemgmt.dll
2006-08-03 15:14 29,456 C:\WINNT\system32\INETMIB1.DLL
2006-08-03 15:14 28,944 C:\WINNT\system32\iasacct.dll
2006-08-03 15:14 269,584 C:\WINNT\system32\iassdo.dll
2006-08-03 15:14 25,872 C:\WINNT\system32\findstr.exe
2006-08-03 15:14 245,008 C:\WINNT\system32\icm32.dll
2006-08-03 15:14 243,472 C:\WINNT\explorer.exe
2006-08-03 15:14 233,744 C:\WINNT\system32\GDI32.DLL
2006-08-03 15:14 21,776 C:\WINNT\system32\HTICONS.DLL
2006-08-03 15:14 206,096 C:\WINNT\system32\infosoft.dll
2006-08-03 15:14 200,976 C:\WINNT\system32\FONTEXT.DLL
2006-08-03 15:14 20,752 C:\WINNT\system32\iasperf.dll
2006-08-03 15:14 187,152 C:\WINNT\system32\eudcedit.exe
2006-08-03 15:14 185,616 C:\WINNT\system32\faxt30.dll
2006-08-03 15:14 18,192 C:\WINNT\system32\hid.dll
2006-08-03 15:14 163,088 C:\WINNT\system32\h323msp.dll
2006-08-03 15:14 15,120 C:\WINNT\system32\faxdrv.dll
2006-08-03 15:14 138,000 C:\WINNT\system32\INITPKI.DLL
2006-08-03 15:14 138,000 C:\WINNT\system32\faxui.dll
2006-08-03 15:14 122,128 C:\WINNT\system32\idq.dll
2006-08-03 15:14 118,544 C:\WINNT\system32\gptext.dll
2006-08-03 15:14 100,624 C:\WINNT\system32\iassam.dll
2006-08-03 15:14 10,752 C:\WINNT\hh.exe
2006-08-03 15:14 1,135,376 C:\WINNT\system32\esent.dll
2006-08-03 15:13 92,944 C:\WINNT\system32\dskquota.dll
2006-08-03 15:13 92,432 C:\WINNT\system32\dnsrslvr.dll
2006-08-03 15:13 90,384 C:\WINNT\system32\CRYPTDLG.DLL
2006-08-03 15:13 76,048 C:\WINNT\system32\dfrgntfs.exe
2006-08-03 15:13 76,048 C:\WINNT\system32\cryptsvc.dll
2006-08-03 15:13 74,512 C:\WINNT\system32\dsauth.dll
2006-08-03 15:13 7,440 C:\WINNT\system32\control.exe
2006-08-03 15:13 625,936 C:\WINNT\system32\comuid.dll
2006-08-03 15:13 62,224 C:\WINNT\system32\dfrgfat.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\dllhst3g.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\DLLHOST.EXE
2006-08-03 15:13 5,392 C:\WINNT\system32\CSRSS.EXE
2006-08-03 15:13 498,205 C:\WINNT\system32\dxmasf.dll
2006-08-03 15:13 479,504 C:\WINNT\system32\CRYPT32.DLL
2006-08-03 15:13 443,664 C:\WINNT\system32\CRYPTUI.DLL
2006-08-03 15:13 44,304 C:\WINNT\system32\cryptdll.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\dmutil.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\CRYPTNET.DLL
2006-08-03 15:13 42,768 C:\WINNT\system32\dfrgsnap.dll
2006-08-03 15:13 41,744 C:\WINNT\system32\dsfolder.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbnmpntw.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsspxn.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsadsn.dll
2006-08-03 15:13 316,176 C:\WINNT\system32\dmconfig.dll
2006-08-03 15:13 306,448 C:\WINNT\system32\dhcpmon.dll
2006-08-03 15:13 299,792 C:\WINNT\system32\dsprop.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dssec.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsvinn.dLL
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsrpcn.dll
2006-08-03 15:13 27,097 C:\WINNT\system32\country.sys
2006-08-03 15:13 265,488 C:\WINNT\system32\dxmrtp.dll
2006-08-03 15:13 25,872 C:\WINNT\system32\conime.exe
2006-08-03 15:13 242,960 C:\WINNT\system32\cscui.dll
2006-08-03 15:13 24,848 C:\WINNT\system32\ds32gt.dll
2006-08-03 15:13 233,232 C:\WINNT\system32\es.dll
2006-08-03 15:13 221,968 C:\WINNT\system32\devmgr.dll
2006-08-03 15:13 22,800 C:\WINNT\system32\dfsshlex.dll
2006-08-03 15:13 219,920 C:\WINNT\system32\confmsp.dll
2006-08-03 15:13 174,864 C:\WINNT\system32\dmdlgs.dll
2006-08-03 15:13 163,600 C:\WINNT\system32\dmdskmgr.dll
2006-08-03 15:13 163,088 C:\WINNT\system32\dbghelp.dll
2006-08-03 15:13 16,144 C:\WINNT\system32\diskcopy.dll
2006-08-03 15:13 157,968 C:\WINNT\system32\els.dll
2006-08-03 15:13 157,456 C:\WINNT\system32\dsquery.dll
2006-08-03 15:13 147,728 C:\WINNT\system32\dmadmin.exe
2006-08-03 15:13 146,192 C:\WINNT\system32\dskquoui.dll
2006-08-03 15:13 145,680 C:\WINNT\system32\DSSBASE.DLL
2006-08-03 15:13 14,096 C:\WINNT\system32\diskperf.exe
2006-08-03 15:13 134,928 C:\WINNT\system32\dnsapi.dll
2006-08-03 15:13 13,072 C:\WINNT\system32\dmintf.dll
2006-08-03 15:13 122,368 C:\WINNT\system32\dmdskres.dll
2006-08-03 15:13 12,048 C:\WINNT\system32\dmserver.dll
2006-08-03 15:13 113,936 C:\WINNT\system32\DCOMCNFG.EXE
2006-08-03 15:13 110,864 C:\WINNT\system32\dsuiext.dll
2006-08-03 15:13 101,136 C:\WINNT\system32\cscdll.dll
2006-08-03 15:13 10,512 C:\WINNT\system32\dmremote.exe
2006-08-03 15:13 1,785,160 C:\WINNT\system32\dtcsetup.exe
2006-08-03 15:13 1,448,208 C:\WINNT\system32\comsvcs.dll
2006-08-03 15:12 96,016 C:\WINNT\system32\clbcatex.dll
2006-08-03 15:12 89,360 C:\WINNT\system32\comrepl.dll
2006-08-03 15:12 82,704 C:\WINNT\system32\cmnquery.dll
2006-08-03 15:12 8,976 C:\WINNT\system32\autolfn.exe
2006-08-03 15:12 78,608 C:\WINNT\system32\avifil32.dll
2006-08-03 15:12 78,096 C:\WINNT\system32\aclui.dll
2006-08-03 15:12 74,810 C:\WINNT\system32\atl.dll
2006-08-03 15:12 68,880 C:\WINNT\system32\browser.dll
2006-08-03 15:12 62,736 C:\WINNT\system32\adsmsext.dll
2006-08-03 15:12 61,712 C:\WINNT\system32\cliconfg.dll
2006-08-03 15:12 591,120 C:\WINNT\system32\catsrvut.dll
2006-08-03 15:12 568,592 C:\WINNT\system32\autofmt.exe
2006-08-03 15:12 55,568 C:\WINNT\system32\CLUSAPI.DLL
2006-08-03 15:12 510,224 C:\WINNT\system32\clbcatq.dll
2006-08-03 15:12 50,620 C:\WINNT\system32\command.com
2006-08-03 15:12 45,328 C:\WINNT\system32\cmstp.exe
2006-08-03 15:12 422,160 C:\WINNT\system32\certmgr.dll
2006-08-03 15:12 42,256 C:\WINNT\system32\BASESRV.DLL
2006-08-03 15:12 402,704 C:\WINNT\system32\cdonts.dll
2006-08-03 15:12 37,648 C:\WINNT\system32\colbact.dll
2006-08-03 15:12 37,136 C:\WINNT\system32\cliconfg.exe
2006-08-03 15:12 36,112 C:\WINNT\system32\cipher.exe
2006-08-03 15:12 31,504 C:\WINNT\system32\atmlib.dll
2006-08-03 15:12 3,856 C:\WINNT\system32\COMCAT.DLL
2006-08-03 15:12 291,888 C:\WINNT\system32\atmfd.dll
2006-08-03 15:12 236,304 C:\WINNT\system32\CMD.EXE
2006-08-03 15:12 23,824 C:\WINNT\system32\at.exe
2006-08-03 15:12 226,576 C:\WINNT\system32\avtapi.dll
2006-08-03 15:12 224,016 C:\WINNT\system32\appmgr.dll
2006-08-03 15:12 22,288 C:\WINNT\system32\cmutil.dll
2006-08-03 15:12 201,488 C:\WINNT\system32\adsnt.dll
2006-08-03 15:12 20,752 C:\WINNT\system32\batmeter.dll
2006-08-03 15:12 2,531,088 C:\WINNT\system32\cdosys.dll
2006-08-03 15:12 193,808 C:\WINNT\system32\cmdial32.dll
2006-08-03 15:12 182,032 C:\WINNT\system32\activeds.dll
2006-08-03 15:12 18,432 C:\WINNT\system32\cdm.dll
2006-08-03 15:12 166,160 C:\WINNT\system32\catsrv.dll
2006-08-03 15:12 164,112 C:\WINNT\system32\adsnds.dll
2006-08-03 15:12 159,807 C:\WINNT\system32\cmprops.dll
2006-08-03 15:12 156,944 C:\WINNT\system32\ciadmin.dll
2006-08-03 15:12 150,800 C:\WINNT\system32\accwiz.exe
2006-08-03 15:12 143,632 C:\WINNT\system32\ASYCFILT.DLL
2006-08-03 15:12 14,096 C:\WINNT\system32\atkctrs.dll
2006-08-03 15:12 135,440 C:\WINNT\system32\certcli.dll
2006-08-03 15:12 133,904 C:\WINNT\system32\adsldpc.dll
2006-08-03 15:12 130,832 C:\WINNT\system32\CLUSTER.EXE
2006-08-03 15:12 13,072 C:\WINNT\system32\CHKNTFS.EXE
2006-08-03 15:12 127,760 C:\WINNT\system32\capesnpn.dll
2006-08-03 15:12 125,712 C:\WINNT\system32\adsldp.dll
2006-08-03 15:12 120,592 C:\WINNT\system32\appmgmts.dll
2006-08-03 15:12 112,400 C:\WINNT\system32\adsnw.dll
2006-08-02 21:19 2,146,304 C:\WINNT\UNNMP.exe
2006-08-02 21:17 155,648 C:\WINNT\system32\NeroCheck.exe
2006-08-02 21:16 82,432 C:\WINNT\system32\drmstor.dll
2006-08-02 21:16 301,712 C:\WINNT\system32\drmclien.dll
2006-08-02 21:16 2,023,424 C:\WINNT\UNNeroVision.exe
2006-08-02 21:15 476,320 C:\WINNT\system32\ImagXpr7.dll
2006-08-02 21:15 471,040 C:\WINNT\system32\ImagXRA7.dll
2006-08-02 21:15 38,912 C:\WINNT\system32\picn20.dll
2006-08-02 21:15 364,544 C:\WINNT\system32\TwnLib4.dll
2006-08-02 21:15 262,144 C:\WINNT\system32\ImagXR7.dll
2006-08-02 21:15 106,496 C:\WINNT\system32\TwnLib20.dll
2006-08-02 21:15 1,568,768 C:\WINNT\system32\ImagX7.dll
2006-08-02 19:21 98,816 C:\WINNT\system32\dmstyle.dll
2006-08-02 19:21 937,984 C:\WINNT\system32\dxdiag.exe
2006-08-02 19:21 854,528 C:\WINNT\system32\Ltwvc12n.dll
2006-08-02 19:21 80,896 C:\WINNT\system32\dpvsetup.exe
2006-08-02 19:21 797,184 C:\WINNT\system32\d3dim700.dll
2006-08-02 19:21 78,336 C:\WINNT\system32\LFFAX12n.DLL
2006-08-02 19:21 77,824 C:\WINNT\system32\dpmodemx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dpwsockx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dmscript.dll
2006-08-02 19:21 733,184 C:\WINNT\system32\qedwipes.dll
2006-08-02 19:21 723,968 C:\WINNT\system32\dpnet.dll
2006-08-02 19:21 7,168 C:\WINNT\system32\d3d8thk.dll
2006-08-02 19:21 68,096 C:\WINNT\system32\dpnhupnp.dll
2006-08-02 19:21 664,576 C:\WINNT\system32\dinput8.dll
2006-08-02 19:21 645,120 C:\WINNT\system32\dinput.dll
2006-08-02 19:21 64,512 C:\WINNT\system32\amstream.dll
2006-08-02 19:21 602,624 C:\WINNT\system32\dx7vb.dll
2006-08-02 19:21 591,120 C:\WINNT\system32\d3dramp.dll
2006-08-02 19:21 58,368 C:\WINNT\system32\dmcompos.dll
2006-08-02 19:21 53,248 C:\WINNT\system32\SONYHCY.DLL
2006-08-02 19:21 491,520 C:\WINNT\system32\dsdmoprp.dll
2006-08-02 19:21 49,424 C:\WINNT\system32\d3dxof.dll
2006-08-02 19:21 480,256 C:\WINNT\system32\msvidctl.dll
2006-08-02 19:21 47,104 C:\WINNT\system32\wstdecod.dll
2006-08-02 19:21 459,264 C:\WINNT\system32\diactfrm.dll
2006-08-02 19:21 449,024 C:\WINNT\system32\qdvd.dll
2006-08-02 19:21 446,224 C:\WINNT\system32\d3dim.dll
2006-08-02 19:21 44,544 C:\WINNT\system32\dxdllreg.exe
2006-08-02 19:21 44,032 C:\WINNT\system32\dimap.dll
2006-08-02 19:21 43,008 C:\WINNT\system32\lfgif12n.dll
2006-08-02 19:21 41,472 C:\WINNT\system32\LTTWN12n.DLL
2006-08-02 19:21 406,528 C:\WINNT\system32\LTKRN12n.DLL
2006-08-02 19:21 4,096 C:\WINNT\system32\ksuser.dll
2006-08-02 19:21 381,952 C:\WINNT\system32\dpvoice.dll
2006-08-02 19:21 37,648 C:\WINNT\system32\d3dpmesh.dll
2006-08-02 19:21 364,816 C:\WINNT\system32\d3drm.dll
2006-08-02 19:21 355,328 C:\WINNT\system32\dsound.dll
2006-08-02 19:21 354,816 C:\WINNT\system32\psisdecd.dll
2006-08-02 19:21 34,304 C:\WINNT\system32\mciqtz32.dll
2006-08-02 19:21 33,280 C:\WINNT\system32\dmloader.dll
2006-08-02 19:21 324,096 C:\WINNT\system32\mswebdvd.dll
2006-08-02 19:21 32,768 C:\WINNT\system32\dpnhpast.dll
2006-08-02 19:21 314,880 C:\WINNT\system32\LFCMP12n.DLL
2006-08-02 19:21 311,808 C:\WINNT\system32\qdv.dll
2006-08-02 19:21 31,744 C:\WINNT\system32\pid.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnlobby.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnaddr.dll
2006-08-02 19:21 284,160 C:\WINNT\system32\ddraw.dll
2006-08-02 19:21 28,160 C:\WINNT\system32\dplaysvr.exe
2006-08-02 19:21 278,528 C:\WINNT\system32\LTDIS12n.DLL
2006-08-02 19:21 27,136 C:\WINNT\system32\dmband.dll
2006-08-02 19:21 257,024 C:\WINNT\system32\qcap.dll
2006-08-02 19:21 25,600 C:\WINNT\system32\lfavi12n.dll
2006-08-02 19:21 227,840 C:\WINNT\system32\LTEFX12n.DLL
2006-08-02 19:21 217,600 C:\WINNT\system32\dplayx.dll
2006-08-02 19:21 206,336 C:\WINNT\system32\gcdef.dll
2006-08-02 19:21 19,968 C:\WINNT\system32\dpvacm.dll
2006-08-02 19:21 186,880 C:\WINNT\system32\dsdmo.dll
2006-08-02 19:21 18,944 C:\WINNT\system32\encapi.dll
2006-08-02 19:21 18,432 C:\WINNT\system32\dswave.dll
2006-08-02 19:21 171,520 C:\WINNT\system32\dmime.dll
2006-08-02 19:21 166,400 C:\WINNT\system32\LTIMG12n.DLL
2006-08-02 19:21 16,896 C:\WINNT\system32\msyuv.dll
2006-08-02 19:21 16,896 C:\WINNT\system32\dpnsvr.exe
2006-08-02 19:21 155,648 C:\WINNT\system32\LFTIF12n.DLL
2006-08-02 19:21 132,608 C:\WINNT\system32\devenum.dll
2006-08-02 19:21 13,312 C:\WINNT\system32\msdmo.dll
2006-08-02 19:21 122,368 C:\WINNT\system32\LTFIL12n.DLL
2006-08-02 19:21 121,856 C:\WINNT\system32\lfmpg12n.dll
2006-08-02 19:21 116,736 C:\WINNT\system32\dmusic.dll
2006-08-02 19:21 112,128 C:\WINNT\system32\dpvvox.dll
2006-08-02 19:21 100,864 C:\WINNT\system32\dmsynth.dll
2006-08-02 19:21 1,962,496 C:\WINNT\system32\quartz.dll
2006-08-02 19:21 1,798,144 C:\WINNT\system32\qedit.dll
2006-08-02 19:21 1,675,264 C:\WINNT\system32\dxdiagn.dll
2006-08-02 19:21 1,634,304 C:\WINNT\system32\d3d9.dll
2006-08-02 19:21 1,294,336 C:\WINNT\system32\dsound3d.dll
2006-08-02 19:21 1,189,888 C:\WINNT\system32\dx8vb.dll
2006-08-02 19:21 1,177,600 C:\WINNT\system32\d3d8.dll
2006-08-02 18:26 91,408 C:\WINNT\system32\hpscnmgr.dll
2006-08-02 18:26 240,912 C:\WINNT\system32\hposcl10.dll
2006-08-02 18:26 10,000 C:\WINNT\system32\hpousd10.dll
2006-08-02 10:32 499,712 C:\WINNT\system32\msvcp71.dll
2006-08-02 10:32 348,160 C:\WINNT\system32\msvcr71.dll
2006-08-02 10:31 306,688 C:\WINNT\IsUninst.exe
2006-08-02 10:18 53,248 C:\WINNT\system32\IntelCdi.dll
2006-08-02 10:18 172,032 C:\WINNT\system32\intelmoh.dll
2006-08-01 22:18 708,608 C:\WINNT\system32\CDDBUIRoxio.dll
2006-08-01 22:18 569,344 C:\WINNT\system32\CDDBControlRoxio.dll
2006-08-01 22:18 49,152 C:\WINNT\system32\INETWH32.dll
2006-08-01 21:56 997,888 C:\WINNT\system32\wmvdmoe2.dll
2006-08-01 21:56 981,504 C:\WINNT\system32\wmnetmgr.dll
2006-08-01 21:56 98,304 C:\WINNT\system32\wmpshell.dll
2006-08-01 21:56 892,416 C:\WINNT\system32\wmspdmoe.dll
2006-08-01 21:56 816,264 C:\WINNT\system32\wmvdmod.dll
2006-08-01 21:56 81,408 C:\WINNT\system32\logagent.exe
2006-08-01 21:56 760,968 C:\WINNT\system32\wmsdmod.dll
2006-08-01 21:56 7,680 C:\WINNT\system32\asferror.dll
2006-08-01 21:56 678,912 C:\WINNT\system32\drmv2clt.dll
2006-08-01 21:56 670,208 C:\WINNT\system32\wmadmoe.dll
2006-08-01 21:56 6,656 C:\WINNT\system32\laprxy.dll
2006-08-01 21:56 57,344 C:\WINNT\uneng.exe
2006-08-01 21:56 52,224 C:\WINNT\system32\mspmsnsv.dll
2006-08-01 21:56 49,152 C:\WINNT\system32\cdrtc.dll
2006-08-01 21:56 486,536 C:\WINNT\system32\wmspdmod.dll
2006-08-01 21:56 45,056 C:\WINNT\system32\cdral.dll
2006-08-01 21:56 410,248 C:\WINNT\system32\wmadmod.dll
2006-08-01 21:56 384,512 C:\WINNT\system32\mp4sdmod.dll
2006-08-01 21:56 358,912 C:\WINNT\system32\msscp.dll
2006-08-01 21:56 316,040 C:\WINNT\system32\mp43dmod.dll
2006-08-01 21:56 27,136 C:\WINNT\system32\wmdmlog.dll
2006-08-01 21:56 253,952 C:\WINNT\system32\msnetobj.dll
2006-08-01 21:56 245,760 C:\WINNT\system32\mswmdm.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\qasf.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\mpg4dmod.dll
2006-08-01 21:56 232,960 C:\WINNT\system32\blackbox.dll
2006-08-01 21:56 23,552 C:\WINNT\system32\wmdmps.dll
2006-08-01 21:56 225,280 C:\WINNT\system32\wmpdxm.dll
2006-08-01 21:56 218,112 C:\WINNT\system32\wmasf.dll
2006-08-01 21:56 201,728 C:\WINNT\system32\mspmsp.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpui.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcore.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcd.dll
2006-08-01 21:56 2,940,928 C:\WINNT\system32\wmploc.dll
2006-08-01 21:56 2,058,888 C:\WINNT\system32\wmvcore.dll
2006-08-01 21:56 167,936 C:\WINNT\system32\wmerror.dll
2006-08-01 21:56 159,232 C:\WINNT\system32\CEWMDM.dll
2006-08-01 21:56 143,360 C:\WINNT\system32\wmidx.dll
2006-08-01

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 12 August 2006 - 07:59 AM

I don't know about working any miracles, but I'll get you cleaned up. :thumbsup:
But your computer is badly infected, so this will take a few steps.


Please download Ewido Anti-spyware and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run Ewido and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close Ewido anti-spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Clean out your Temporary Internet files
    • Quit Internet Explorer and quit any instances of Windows Explorer.
    • Click Start -> Control Panel and then double-click Internet Options.
    • On the General tab, click Delete Files under Temporary Internet Files.
    • In the Delete Files dialog box, tick the Delete all offline content check box , and then click OK.
    • On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
    • Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
    • Click OK.
    IMPORTANT: Close all windows and do not open any other windows or programs while Ewido is scanning, it may interfere with the scanning proccess:

  • Lauch Ewido-anti-spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • Ewido will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close Ewido and reboot your system back into Normal Mode and post the results of the Ewido scan report along with a new Hijackthis log.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 14 August 2006 - 12:58 PM

Hi Sam, I am having a hard time getting my computer in safe mode. Does it have to be in safe mode to do this? When I try to put it in safe mode, it's like my monitor goes all weird and I can't see anything. Could the spyware be doing that? Thanks, Dawn

#6 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 14 August 2006 - 06:18 PM

When you're in safe mode your monitor will display your screen in a very low resolution, making everything appear big and kind of gray. That's normal.

If you can't do it in Safe mode, then just run it regular mode and we'll go from there.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#7 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 15 August 2006 - 07:12 AM

Hello again, sorry to be such a pain. I tried running that scan, and it got halfway through the apply all actions part and it kept hanging the system up. I tried running it again, but it does the same thing when I try to apply all actions. Is there something I am doing wrong? Thanks,Dawn

#8 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 15 August 2006 - 08:21 AM

Nope, you're doing everything right. Sometimes that malware fights back and causes problems for Ewido.

Run Combofix again and post the log here. We'll start deleting it manually and then come back to Ewido later.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#9 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 15 August 2006 - 12:06 PM

Start Time= Tue 08/15/2006 13:03:40.78
Running from: C:\Documents and Settings\Dawn\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-08-14 14:41:44 ( .D... ) "C:\Program Files\Yahoo!"
2006-08-13 12:31:04 183296 ( A.S.. ) "C:\WINNT\NDNuninstall7_22.exe"
2006-08-13 12:27:50 50688 ( A.S.. ) "C:\WINNT\NDNuninstall6_38.exe"
2006-08-13 12:27:50 8464 ( A.... ) "C:\WINNT\system32\sporder.dll"
2006-08-13 12:27:50 ( ADS.. ) "C:\Program Files\NewDotNet"
2006-08-12 14:26:36 106496 ( A.... ) "C:\WINNT\Duce6.exe"
2006-08-12 14:26:10 17 ( A.... ) "C:\WINNT\system32\dlh9jkdq8.exe"
2006-08-12 12:05:28 ( AD... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-08-11 21:13:18 13198 ( A.... ) "C:\WINNT\system32\dlh9jkdq7.exe"
2006-08-11 21:13:18 13198 ( A.... ) "C:\WINNT\system32\dlh9jkdq6.exe"
2006-08-11 21:13:16 37170 ( A.... ) "C:\WINNT\system32\dlh9jkdq2.exe"
2006-08-11 21:13:16 8726 ( A.... ) "C:\WINNT\system32\dlh9jkdq5.exe"
2006-08-11 21:13:16 5036 ( A.... ) "C:\WINNT\system32\dlh9jkdq1.exe"
2006-08-11 15:04:32 836 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\ViewerApp.dat"
2006-08-11 12:56:28 155648 ( A.... ) "C:\WINNT\sys11-2009561249.exe"
2006-08-11 10:35:40 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\Install.dat"
2006-08-09 11:01:22 2 ( A.... ) "C:\WINNT\system32\wapisvit.exe"
2006-08-09 11:01:14 81920 ( A.... ) "C:\WINNT\system32\dvdplay.dll"
2006-08-09 11:01:10 ( .D... ) "C:\Program Files\s?stem32"
2006-08-09 10:58:18 175362 ( A.... ) "C:\Program Files\Common Files\EliteMediaGroupOinUninstaller.exe"
2006-08-09 10:58:16 ( .D... ) "C:\Program Files\arro"
2006-08-09 10:57:56 319294 ( A.... ) "C:\WINNT\YOINSI.exe"
2006-08-06 10:06:44 376832 ( A.... ) "C:\WINNT\876057.exe"
2006-08-06 10:06:44 303104 ( A.... ) "C:\WINNT\system32\WinNB57.dll"
2006-08-06 10:06:32 234248 ( A.... ) "C:\WINNT\Tagasuarus2.exe"
2006-08-06 10:06:26 66984 ( A.... ) "C:\WINNT\STOPz.exe"
2006-08-06 10:06:26 28672 ( A.... ) "C:\WINNT\system32\whcixm7.exe"
2006-08-06 10:06:24 45056 ( A.... ) "C:\WINNT\system32afdaqd3.exe"
2006-08-06 10:06:24 36864 ( A.... ) "C:\WINNT\system32y3aqsoepa.exe"
2006-08-06 10:06:24 36864 ( A.... ) "C:\WINNT\system32\y3aqsoepa.exe"
2006-08-06 10:06:24 28672 ( A.... ) "C:\WINNT\system32cymmh.exe"
2006-08-06 10:06:24 28672 ( A.... ) "C:\WINNT\system32\cymmh.exe"
2006-08-06 10:06:10 36864 ( A.... ) "C:\WINNT\thiselt.exe"
2006-08-06 09:49:36 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\AdobeUM"
2006-08-06 09:35:06 ( .D... ) "C:\Program Files\Adobe"
2006-08-06 09:35:04 869 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\AdobeDLM.log"
2006-08-06 09:35:04 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\dm.ini"
2006-08-06 09:27:24 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Adobe"
2006-08-06 09:27:22 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-08-05 13:52:42 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Free Spider TreeCardGames"
2006-08-05 13:52:36 ( .D... ) "C:\Program Files\Free Spider"
2006-08-05 11:41:58 ( .D... ) "C:\Program Files\Common Files\Sandlot Shared"
2006-08-04 10:59:14 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-08-04 10:28:10 ( .D... ) "C:\Program Files\Common Files\ufqm"
2006-08-04 10:26:36 232749 ( A.... ) "C:\WINNT\pf78.exe"
2006-08-04 10:26:36 45056 ( A.... ) "C:\WINNT\system32zkdmg.exe"
2006-08-04 10:26:36 36864 ( A.... ) "C:\WINNT\system32uvzgi.exe"
2006-08-04 10:26:36 28672 ( A.... ) "C:\WINNT\system32tpsd.exe"
2006-08-04 10:26:12 36864 ( A.... ) "C:\WINNT\system32\uvzgi.exe"
2006-08-04 10:26:12 28672 ( A.... ) "C:\WINNT\system32\tpsd.exe"
2006-08-04 10:26:10 32768 ( A.... ) "C:\WINNT\unstall.exe"
2006-08-04 10:26:02 48190 ( A.... ) "C:\RDFX4.exe"
2006-08-04 10:25:46 45056 ( A.... ) "C:\WINNT\system32ghynf.exe"
2006-08-04 10:25:46 36864 ( A.... ) "C:\WINNT\system32\n9nyb.exe"
2006-08-04 10:25:46 28672 ( A.... ) "C:\WINNT\system32bez6n4r21.exe"
2006-08-04 10:25:46 28672 ( A.... ) "C:\WINNT\system32\bez6n4r21.exe"
2006-08-04 10:25:46 0 ( A.... ) "C:\WINNT\system32n9nyb.exe"
2006-08-04 10:25:44 42944 ( A.... ) "C:\WINNT\pop06ap2.exe"
2006-08-04 10:25:22 226536 ( A.... ) "C:\WINNT\whCC-GIANT.exe"
2006-08-04 10:25:22 ( .D... ) "C:\Program Files\Common Files\{8838875F-02BA-1033-0104-020315990001}"
2006-08-04 09:11:32 61440 ( A.... ) "C:\WINNT\wnUninstall.exe"
2006-08-04 09:11:32 ( .D... ) "C:\Program Files\Common Files\WSOC Weather Wizard"
2006-08-03 18:40:40 ( .D... ) "C:\Program Files\MSN Games"
2006-08-03 16:34:18 ( .D... ) "C:\Program Files\MXpie Patch"
2006-08-03 16:31:10 ( .D... ) "C:\Program Files\WinMX"
2006-08-03 16:08:28 ( .D... ) "C:\Program Files\Google"
2006-08-03 16:08:28 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Google"
2006-08-03 15:31:16 34724 ( A.SHR ) "C:\NTDETECT.COM"
2006-08-03 15:09:34 ( AD.H. ) "C:\Program Files\WindowsUpdate"
2006-08-03 15:05:18 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Macromedia"
2006-08-03 15:02:16 ( .D... ) "C:\Program Files\Support.com"
2006-08-02 21:15:46 ( .D... ) "C:\Program Files\Common Files\Ahead"
2006-08-02 21:15:42 ( .D... ) "C:\Program Files\Ahead"
2006-08-02 21:13:08 ( .D... ) "C:\Program Files\CyberLink"
2006-08-02 19:20:52 ( .D... ) "C:\Program Files\Common Files\muvee Technologies"
2006-08-02 19:20:50 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-08-02 19:20:50 ( .D... ) "C:\Program Files\Sony Corporation"
2006-08-01 22:18:14 1044480 ( A.... ) "C:\WINNT\system32\Roboex32.dll"
2006-08-01 22:18:14 708608 ( A.... ) "C:\WINNT\system32\CDDBUIRoxio.dll"
2006-08-01 22:18:14 569344 ( A.... ) "C:\WINNT\system32\CDDBControlRoxio.dll"
2006-08-01 22:18:14 57344 ( A.... ) "C:\WINNT\uneng.exe"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\INETWH32.dll"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\cdrtc.dll"
2006-08-01 22:18:14 45056 ( A.... ) "C:\WINNT\system32\cdral.dll"
2006-08-01 22:14:42 ( .D... ) "C:\Program Files\Adaptec"
2006-08-01 22:13:52 ( .D... ) "C:\Program Files\Common Files\InstallShield"
2006-08-01 22:12:00 ( AD... ) "C:\Program Files\Common Files\Microsoft Shared"
2006-08-01 22:10:48 ( .D... ) "C:\Program Files\Snapshot Viewer"
2006-08-01 22:07:44 ( .D... ) "C:\Program Files\Common Files\Designer"
2006-08-01 22:06:26 ( .D... ) "C:\Program Files\Microsoft Office"
2006-08-01 22:06:26 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Microsoft Web Folders"
2006-08-01 22:02:14 ( .D.H. ) "C:\Program Files\Uninstall Information"
2006-08-01 21:56:40 ( .D... ) "C:\Program Files\Common Files\Adaptec Shared"
2006-08-01 21:12:24 ( .D... ) "C:\Program Files\WinZip"
2006-08-01 18:27:08 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Identities"
2006-08-01 18:27:02 ( .DS.. ) "C:\Documents and Settings\Dawn\Application Data\Microsoft"
2006-08-01 18:22:34 ( .D... ) "C:\Program Files\microsoft frontpage"
2006-08-01 18:21:46 0 ( ...H. ) "C:\AUTOEXEC.BAT"
2006-08-01 18:20:50 21952 ( ...H. ) "C:\Program Files\folder.htt"
2006-08-01 18:20:50 271 ( ...H. ) "C:\Program Files\desktop.ini"
2006-08-01 18:20:40 ( .D... ) "C:\Program Files\Windows Media Player"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\NetMeeting"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\Common Files\Services"
2006-08-01 18:20:28 ( .D... ) "C:\Program Files\Outlook Express"
2006-08-01 18:20:18 ( .D... ) "C:\Program Files\Common Files\System"
2006-08-01 18:20:10 ( .D... ) "C:\Program Files\Internet Explorer"
2006-08-01 18:20:02 ( .D... ) "C:\Program Files\ComPlus Applications"
2006-07-31 16:03:08 1163264 ( A.... ) "C:\WINNT\system32\riwzkn.exe"
2006-07-31 16:02:56 36864 ( A.... ) "C:\WINNT\system32\hauc.exe"
2006-07-21 18:55:38 127578 ( A.... ) "C:\WINNT\system32\tsuninst.exe"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-08-13 12:31 183,296 C:\WINNT\NDNuninstall7_22.exe
2006-08-13 12:27 8,464 C:\WINNT\system32\sporder.dll
2006-08-13 12:27 50,688 C:\WINNT\NDNuninstall6_38.exe
2006-08-12 14:26 106,496 C:\WINNT\Duce6.exe
2006-08-11 21:13 8,726 C:\WINNT\system32\dlh9jkdq5.exe
2006-08-11 21:13 5,036 C:\WINNT\system32\dlh9jkdq1.exe
2006-08-11 21:13 37,170 C:\WINNT\system32\dlh9jkdq2.exe
2006-08-11 21:13 17 C:\WINNT\system32\dlh9jkdq8.exe
2006-08-11 21:13 13,198 C:\WINNT\system32\dlh9jkdq7.exe
2006-08-11 21:13 13,198 C:\WINNT\system32\dlh9jkdq6.exe
2006-08-11 12:56 155,648 C:\WINNT\sys11-2009561249.exe
2006-08-09 11:01 81,920 C:\WINNT\system32\dvdplay.dll
2006-08-09 11:01 2 C:\WINNT\system32\wapisvit.exe
2006-08-09 10:57 319,294 C:\WINNT\YOINSI.exe
2006-08-06 10:06 66,984 C:\WINNT\STOPz.exe
2006-08-06 10:06 45,056 C:\WINNT\system32afdaqd3.exe
2006-08-06 10:06 376,832 C:\WINNT\876057.exe
2006-08-06 10:06 36,864 C:\WINNT\thiselt.exe
2006-08-06 10:06 36,864 C:\WINNT\system32y3aqsoepa.exe
2006-08-06 10:06 36,864 C:\WINNT\system32\y3aqsoepa.exe
2006-08-06 10:06 303,104 C:\WINNT\system32\WinNB57.dll
2006-08-06 10:06 28,672 C:\WINNT\system32cymmh.exe
2006-08-06 10:06 28,672 C:\WINNT\system32\whcixm7.exe
2006-08-06 10:06 28,672 C:\WINNT\system32\cymmh.exe
2006-08-06 10:06 234,248 C:\WINNT\Tagasuarus2.exe
2006-08-05 11:42 44,032 C:\WINNT\system32\msxml3r.dll
2006-08-04 10:50 78,488 C:\WINNT\system32\XMD5.dll
2006-08-04 10:50 101,888 C:\WINNT\system32\vb6stkit.dll
2006-08-04 10:50 1,386,496 C:\WINNT\system32\msvbvm60.dll
2006-08-04 10:28 127,578 C:\WINNT\system32\tsuninst.exe
2006-08-04 10:26 45,056 C:\WINNT\system32zkdmg.exe
2006-08-04 10:26 36,864 C:\WINNT\system32uvzgi.exe
2006-08-04 10:26 36,864 C:\WINNT\system32\uvzgi.exe
2006-08-04 10:26 36,864 C:\WINNT\system32\hauc.exe
2006-08-04 10:26 32,768 C:\WINNT\unstall.exe
2006-08-04 10:26 28,672 C:\WINNT\system32tpsd.exe
2006-08-04 10:26 28,672 C:\WINNT\system32\tpsd.exe
2006-08-04 10:26 232,749 C:\WINNT\pf78.exe
2006-08-04 10:26 1,163,264 C:\WINNT\system32\riwzkn.exe
2006-08-04 10:25 48,190 C:\RDFX4.exe
2006-08-04 10:25 45,056 C:\WINNT\system32ghynf.exe
2006-08-04 10:25 42,944 C:\WINNT\pop06ap2.exe
2006-08-04 10:25 36,864 C:\WINNT\system32\n9nyb.exe
2006-08-04 10:25 28,672 C:\WINNT\system32bez6n4r21.exe
2006-08-04 10:25 28,672 C:\WINNT\system32\bez6n4r21.exe
2006-08-04 10:25 226,536 C:\WINNT\whCC-GIANT.exe
2006-08-04 10:25 0 C:\WINNT\system32n9nyb.exe
2006-08-04 09:11 61,440 C:\WINNT\wnUninstall.exe
2006-08-03 15:30 3,856 C:\WINNT\system32\SVCPACK1.DLL
2006-08-03 15:27 92,432 C:\WINNT\system32\xactsrv.dll
2006-08-03 15:27 8,464 C:\WINNT\system32\wshirda.dll
2006-08-03 15:27 79,120 C:\WINNT\system32\winscard.dll
2006-08-03 15:27 74,512 C:\WINNT\system32\wmicore.dll
2006-08-03 15:27 69,904 C:\WINNT\system32\ws2_32.dll
2006-08-03 15:27 59,152 C:\WINNT\system32\winfax.dll
2006-08-03 15:27 57,616 C:\WINNT\system32\wlnotify.dll
2006-08-03 15:27 42,768 C:\WINNT\system32\webhits.dll
2006-08-03 15:27 4,368 C:\WINNT\system32\winver.exe
2006-08-03 15:27 39,696 C:\WINNT\system32\wsnmp32.dll
2006-08-03 15:27 39,184 C:\WINNT\system32\winsta.dll
2006-08-03 15:27 29,968 C:\WINNT\system32\wpnpinst.exe
2006-08-03 15:27 28,400 C:\WINNT\system32\wupdinfo.dll
2006-08-03 15:27 270,608 C:\WINNT\winhlp32.exe
2006-08-03 15:27 240,912 C:\WINNT\system32\wow32.dll
2006-08-03 15:27 239,376 C:\WINNT\system32\winsmon.dll
2006-08-03 15:27 21,776 C:\WINNT\system32\wsock32.dll
2006-08-03 15:27 193,296 C:\WINNT\winrep.exe
2006-08-03 15:27 181,008 C:\WINNT\system32\WINLOGON.EXE
2006-08-03 15:27 172,664 C:\WINNT\system32\XENROLL.DLL
2006-08-03 15:27 17,680 C:\WINNT\system32\wshtcpip.dll
2006-08-03 15:27 166,160 C:\WINNT\system32\WINTRUST.DLL
2006-08-03 15:27 162,064 C:\WINNT\system32\WLDAP32.DLL
2006-08-03 15:27 10,000 C:\WINNT\system32\wshatm.dll
2006-08-03 15:26 977,680 C:\WINNT\system32\vfpodbc.dll
2006-08-03 15:26 83,888 C:\WINNT\system32\vga.dll
2006-08-03 15:26 68,368 C:\WINNT\system32\unimdmat.dll
2006-08-03 15:26 57,104 C:\WINNT\system32\w32tm.exe
2006-08-03 15:26 51,472 C:\WINNT\system32\w32time.dll
2006-08-03 15:26 403,216 C:\WINNT\system32\USER32.DLL
2006-08-03 15:26 389,904 C:\WINNT\system32\USERENV.DLL
2006-08-03 15:26 315,664 C:\WINNT\system32\usp10.dll
2006-08-03 15:26 30,749 C:\WINNT\system32\vbajet32.dll
2006-08-03 15:26 26,384 C:\WINNT\system32\utildll.dll
2006-08-03 15:26 24,848 C:\WINNT\system32\spdwnw2k.exe
2006-08-03 15:26 22,800 C:\WINNT\system32\utilman.exe
2006-08-03 15:26 21,776 C:\WINNT\system32\spupdw2k.exe
2006-08-03 15:26 16,144 C:\WINNT\system32\version.dll
2006-08-03 15:26 155,920 C:\WINNT\system32\wavemsp.dll
2006-08-03 15:26 15,872 C:\WINNT\system32\spupdsvc.exe
2006-08-03 15:26 14,608 C:\WINNT\system32\uniplat.dll
2006-08-03 15:26 11,536 C:\WINNT\system32\usbmon.dll
2006-08-03 15:25 971,024 C:\WINNT\system32\sfcfiles.dll
2006-08-03 15:25 95,024 C:\WINNT\system32\sfc.dll
2006-08-03 15:25 90,384 C:\WINNT\system32\trkwks.dll
2006-08-03 15:25 87,312 C:\WINNT\system32\TASKMGR.EXE
2006-08-03 15:25 85,776 C:\WINNT\system32\smlogsvc.exe
2006-08-03 15:25 81,168 C:\WINNT\system32\stobject.dll
2006-08-03 15:25 80,144 C:\WINNT\system32\telnet.exe
2006-08-03 15:25 7,440 C:\WINNT\system32\svcpack.dll
2006-08-03 15:25 7,440 C:\WINNT\system32\sensapi.dll
2006-08-03 15:25 69,392 C:\WINNT\system32\shim.dll
2006-08-03 15:25 65,601 C:\WINNT\system32\servdeps.dll
2006-08-03 15:25 62,736 C:\WINNT\system32\sstext3d.scr
2006-08-03 15:25 61,712 C:\WINNT\system32\stisvc.exe
2006-08-03 15:25 6,928 C:\WINNT\system32\skdll.dll
2006-08-03 15:25 55,056 C:\WINNT\system32\tlntsess.exe
2006-08-03 15:25 524,560 C:\WINNT\system32\sqlsrv32.dll
2006-08-03 15:25 49,424 C:\WINNT\system32\sqlwoa.dll
2006-08-03 15:25 48,912 C:\WINNT\system32\secur32.dll
2006-08-03 15:25 47,888 C:\WINNT\system32\ssbezier.scr
2006-08-03 15:25 45,840 C:\WINNT\system32\skeys.exe
2006-08-03 15:25 419,600 C:\WINNT\system32\ssmaze.scr
2006-08-03 15:25 41,744 C:\WINNT\system32\tcpmon.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\sti.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\ssflwbox.scr
2006-08-03 15:25 397,584 C:\WINNT\system32\txfaux.dll
2006-08-03 15:25 38,672 C:\WINNT\system32\ssmarque.scr
2006-08-03 15:25 38,160 C:\WINNT\system32\sens.dll
2006-08-03 15:25 375,568 C:\WINNT\system32\tapi3.dll
2006-08-03 15:25 36,624 C:\WINNT\system32\ssmyst.scr
2006-08-03 15:25 35,600 C:\WINNT\system32\storprop.dll
2006-08-03 15:25 33,552 C:\WINNT\system32\shmgrate.exe
2006-08-03 15:25 33,040 C:\WINNT\system32\ssstars.scr
2006-08-03 15:25 31,504 C:\WINNT\system32\traffic.dll
2006-08-03 15:25 285,456 C:\WINNT\system32\smlogcfg.dll
2006-08-03 15:25 27,920 C:\WINNT\system32\umandlg.dll
2006-08-03 15:25 246,544 C:\WINNT\system32\strmdll.dll
2006-08-03 15:25 24,848 C:\WINNT\system32\sqlwid.dll
2006-08-03 15:25 214,288 C:\WINNT\system32\snmpsnap.dll
2006-08-03 15:25 21,264 C:\WINNT\system32\stimon.exe
2006-08-03 15:25 2,383,632 C:\WINNT\system32\SHELL32.DLL
2006-08-03 15:25 187,664 C:\WINNT\system32\thumbvw.dll
2006-08-03 15:25 187,024 C:\WINNT\system32\spcmdcon.sys
2006-08-03 15:25 186,128 C:\WINNT\system32\tlntsvr.exe
2006-08-03 15:25 173,328 C:\WINNT\system32\tapisrv.dll
2006-08-03 15:25 17,680 C:\WINNT\system32\tftp.exe
2006-08-03 15:25 17,680 C:\WINNT\system32\SNMPAPI.DLL
2006-08-03 15:25 17,168 C:\WINNT\system32\seclogon.dll
2006-08-03 15:25 17,168 C:\WINNT\system32\secedit.exe
2006-08-03 15:25 15,120 C:\WINNT\system32\sisbkup.dll
2006-08-03 15:25 138,000 C:\WINNT\system32\ss3dfo.scr
2006-08-03 15:25 13,072 C:\WINNT\system32\tcpmib.dll
2006-08-03 15:25 126,736 C:\WINNT\system32\TAPI32.DLL
2006-08-03 15:25 119,056 C:\WINNT\system32\sqlstr.dll
2006-08-03 15:25 107,792 C:\WINNT\system32\sndrec32.exe
2006-08-03 15:25 102,160 C:\WINNT\system32\sspipes.scr
2006-08-03 15:24 996,112 C:\WINNT\system32\OLE32.DLL
2006-08-03 15:24 97,040 C:\WINNT\system32\rtm.dll
2006-08-03 15:24 90,112 C:\WINNT\system32\odbcint.dll
2006-08-03 15:24 85,776 C:\WINNT\system32\ntsdexts.dll
2006-08-03 15:24 77,584 C:\WINNT\system32\scripto.dll
2006-08-03 15:24 77,072 C:\WINNT\system32\rsvpsp.dll
2006-08-03 15:24 73,488 C:\WINNT\regedit.exe
2006-08-03 15:24 70,928 C:\WINNT\system32\olethk32.dll
2006-08-03 15:24 692,496 C:\WINNT\system32\OPENGL32.DLL
2006-08-03 15:24 68,368 C:\WINNT\system32\regsvc.exe
2006-08-03 15:24 63,248 C:\WINNT\system32\RASSCRPT.DLL
2006-08-03 15:24 60,688 C:\WINNT\system32\RASCHAP.DLL
2006-08-03 15:24 57,104 C:\WINNT\system32\ocmanage.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\odbcji32.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\ntmsapi.dll
2006-08-03 15:24 53,008 C:\WINNT\system32\packager.exe
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdx86.dll
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdenrl.dll
2006-08-03 15:24 454,416 C:\WINNT\system32\rpcrt4.dll
2006-08-03 15:24 446,224 C:\WINNT\system32\oakley.dll
2006-08-03 15:24 444,176 C:\WINNT\system32\oieng400.dll
2006-08-03 15:24 44,816 C:\WINNT\system32\rsm.exe
2006-08-03 15:24 431,888 C:\WINNT\system32\riched20.dll
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.exe
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.dll
2006-08-03 15:24 401,168 C:\WINNT\system32\ntmssvc.dll
2006-08-03 15:24 40,720 C:\WINNT\system32\RESUTILS.DLL
2006-08-03 15:24 37,136 C:\WINNT\system32\ODBCAD32.exe
2006-08-03 15:24 36,624 C:\WINNT\system32\RNR20.DLL
2006-08-03 15:24 36,112 C:\WINNT\system32\regapi.dll
2006-08-03 15:24 29,968 C:\WINNT\system32\profmap.dll
2006-08-03 15:24 29,456 C:\WINNT\system32\perfproc.dll
2006-08-03 15:24 28,432 C:\WINNT\system32\scrnsave.scr
2006-08-03 15:24 270,608 C:\WINNT\system32\odbcjt32.dll
2006-08-03 15:24 254,736 C:\WINNT\system32\scesrv.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rsfsaps.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rapilib.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\perfdisk.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\odbcbcp.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\ODBC32GT.dll
2006-08-03 15:24 24,336 C:\WINNT\system32\rpcns4.dll
2006-08-03 15:24 239,376 C:\WINNT\system32\rpcss.dll
2006-08-03 15:24 221,456 C:\WINNT\system32\osk.exe
2006-08-03 15:24 22,800 C:\WINNT\system32\routeext.dll
2006-08-03 15:24 217,360 C:\WINNT\system32\ODBC32.dll
2006-08-03 15:24 214,800 C:\WINNT\system32\objsel.dll
2006-08-03 15:24 200,976 C:\WINNT\system32\odbccu32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\sclgntfy.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odtext32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odpdx32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odfox32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odexl32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\oddbse32.dll
2006-08-03 15:24 198,928 C:\WINNT\system32\rasppp.dll
2006-08-03 15:24 196,880 C:\WINNT\system32\odbccr32.dll
2006-08-03 15:24 176,912 C:\WINNT\system32\rsvp.exe
2006-08-03 15:24 173,328 C:\WINNT\system32\ntmsdba.dll
2006-08-03 15:24 164,112 C:\WINNT\system32\OLEPRO32.DLL
2006-08-03 15:24 155,920 C:\WINNT\system32\ODBCTRAC.dll
2006-08-03 15:24 154,896 C:\WINNT\system32\rasmontr.dll
2006-08-03 15:24 151,824 C:\WINNT\system32\pdh.dll
2006-08-03 15:24 146,192 C:\WINNT\system32\polstore.dll
2006-08-03 15:24 14,608 C:\WINNT\system32\RASSAPI.DLL
2006-08-03 15:24 14,096 C:\WINNT\system32\rsh.exe
2006-08-03 15:24 139,536 C:\WINNT\system32\regedt32.exe
2006-08-03 15:24 132,368 C:\WINNT\system32\RSABASE.DLL
2006-08-03 15:24 13,584 C:\WINNT\system32\powrprof.dll
2006-08-03 15:24 115,472 C:\WINNT\system32\PSBASE.DLL
2006-08-03 15:24 114,448 C:\WINNT\system32\scecli.dll
2006-08-03 15:24 111,888 C:\WINNT\system32\polagent.dll
2006-08-03 15:24 110,080 C:\WINNT\system32\offfilt.dll
2006-08-03 15:24 11,024 C:\WINNT\system32\REGSVR32.EXE
2006-08-03 15:24 108,304 C:\WINNT\system32\rsnotify.exe
2006-08-03 15:24 106,256 C:\WINNT\system32\oleprn.dll
2006-08-03 15:24 105,232 C:\WINNT\system32\rend.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\odbccp32.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\NTMARTA.DLL
2006-08-03 15:24 100,624 C:\WINNT\system32\rastls.dll
2006-08-03 15:24 10,000 C:\WINNT\system32\runas.exe
2006-08-03 15:24 1,427,216 C:\WINNT\system32\query.dll
2006-08-03 15:23 9,216 C:\WINNT\system32\wuauserv.dll
2006-08-03 15:23 89,600 C:\WINNT\system32\nlhtml.dll
2006-08-03 15:23 79,632 C:\WINNT\system32\ntdskcc.dll
2006-08-03 15:23 67,344 C:\WINNT\system32\ntdsetup.dll
2006-08-03 15:23 6,928 C:\WINNT\system32\perfvd.exe
2006-08-03 15:23 57,616 C:\WINNT\system32\ntdsapi.dll
2006-08-03 15:23 55,056 C:\WINNT\system32\authz.dll
2006-08-03 15:23 52,496 C:\WINNT\system32\wzcdlg.dll
2006-08-03 15:23 5,632 C:\WINNT\system32\sp2res.dll
2006-08-03 15:23 45,840 C:\WINNT\system32\msmqprop.exe
2006-08-03 15:23 4,010,496 C:\WINNT\system32\sp3res.dll
2006-08-03 15:23 39,936 C:\WINNT\system32\msisip.dll
2006-08-03 15:23 35,648 C:\WINNT\system32\ntio411.sys
2006-08-03 15:23 35,408 C:\WINNT\system32\ntio412.sys
2006-08-03 15:23 34,816 C:\WINNT\system32\msiregmv.exe
2006-08-03 15:23 34,576 C:\WINNT\system32\wzcsetup.exe
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio804.sys
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio404.sys
2006-08-03 15:23 33,824 C:\WINNT\system32\NTIO.SYS
2006-08-03 15:23 32,016 C:\WINNT\system32\ntdsatq.dll
2006-08-03 15:23 310,784 C:\WINNT\system32\winhttp.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\wzcsapi.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\ntdsbsrv.dll
2006-08-03 15:23 28,432 C:\WINNT\system32\ntdsbcli.dll
2006-08-03 15:23 26,624 C:\WINNT\system32\msxmlr.dll
2006-08-03 15:23 244,224 C:\WINNT\system32\qmgr.dll
2006-08-03 15:23 24,336 C:\WINNT\system32\ftpqfe.exe
2006-08-03 15:23 195,856 C:\WINNT\system32\wzcsvc.dll
2006-08-03 15:23 192,512 C:\WINNT\system32\wuaueng.dll
2006-08-03 15:23 18,432 C:\WINNT\system32\qmgrprxy.dll
2006-08-03 15:23 18,192 C:\WINNT\system32\sp4iis.exe
2006-08-03 15:23 165,136 C:\WINNT\system32\ntdsutil.exe
2006-08-03 15:23 147,216 C:\WINNT\system32\dssenh.dll
2006-08-03 15:23 141,312 C:\WINNT\system32\wuauclt.exe
2006-08-03 15:23 134,928 C:\WINNT\system32\rsaenh.dll
2006-08-03 15:23 13,072 C:\WINNT\system32\spiisupd.exe
2006-08-03 15:23 113,936 C:\WINNT\system32\newdev.dll
2006-08-03 15:23 11,536 C:\WINNT\system32\sptsupd.exe
2006-08-03 15:23 1,040,656 C:\WINNT\system32\ntdsa.dll
2006-08-03 15:22 95,504 C:\WINNT\system32\netman.dll
2006-08-03 15:22 831,760 C:\WINNT\system32\mswdat10.dll
2006-08-03 15:22 76,560 C:\WINNT\system32\msw3prt.dll
2006-08-03 15:22 71,952 C:\WINNT\system32\netui0.dll
2006-08-03 15:22 7,440 C:\WINNT\system32\msswchx.exe
2006-08-03 15:22 64,272 C:\WINNT\system32\mswsock.dll
2006-08-03 15:22 614,672 C:\WINNT\system32\mswstr10.dll
2006-08-03 15:22 57,104 C:\WINNT\system32\mydocs.dll
2006-08-03 15:22 553,232 C:\WINNT\system32\msrepl40.dll
2006-08-03 15:22 547,600 C:\WINNT\system32\netcfgx.dll
2006-08-03 15:22 52,496 C:\WINNT\system32\mtxclu.dll
2006-08-03 15:22 514,320 C:\WINNT\system32\msxml.dll
2006-08-03 15:22 477,456 C:\WINNT\system32\netshell.dll
2006-08-03 15:22 47,104 C:\WINNT\system32\MSPRIVS.DLL
2006-08-03 15:22 422,160 C:\WINNT\system32\msrd2x40.dll
2006-08-03 15:22 4,880 C:\WINNT\system32\NDDEAPIR.EXE
2006-08-03 15:22 371,984 C:\WINNT\system32\NETLOGON.DLL
2006-08-03 15:22 35,088 C:\WINNT\system32\MSSIGN32.DLL
2006-08-03 15:22 348,432 C:\WINNT\system32\msxbde40.dll
2006-08-03 15:22 348,432 C:\WINNT\system32\mspbde40.dll
2006-08-03 15:22 315,664 C:\WINNT\system32\msrd3x40.dll
2006-08-03 15:22 311,568 C:\WINNT\system32\NETAPI32.DLL
2006-08-03 15:22 286,773 C:\WINNT\system32\msvcrt.dll
2006-08-03 15:22 26,896 C:\WINNT\system32\NETSTAT.EXE
2006-08-03 15:22 258,320 C:\WINNT\system32\mstext40.dll
2006-08-03 15:22 24,848 C:\WINNT\system32\narrator.exe
2006-08-03 15:22 23,312 C:\WINNT\system32\mtxdm.dll
2006-08-03 15:22 216,848 C:\WINNT\system32\mstask.dll
2006-08-03 15:22 173,840 C:\WINNT\system32\netplwiz.dll
2006-08-03 15:22 16,144 C:\WINNT\system32\NDDEAPI.DLL
2006-08-03 15:22 155,920 C:\WINNT\system32\msorcl32.dll
2006-08-03 15:22 14,608 C:\WINNT\system32\msswch.dll
2006-08-03 15:22 131,344 C:\WINNT\system32\netid.dll
2006-08-03 15:22 124,176 C:\WINNT\system32\net1.exe
2006-08-03 15:22 119,568 C:\WINNT\system32\mstask.exe
2006-08-03 15:22 116,496 C:\WINNT\system32\msvfw32.dll
2006-08-03 15:22 110,352 C:\WINNT\system32\mycomput.dll
2006-08-03 15:22 11,024 C:\WINNT\system32\msrle32.dll
2006-08-03 15:22 108,816 C:\WINNT\system32\NETDDE.EXE
2006-08-03 15:22 105,744 C:\WINNT\system32\mtxoci.dll
2006-08-03 15:21 847,872 C:\WINNT\system32\msimsg.dll
2006-08-03 15:21 64,512 C:\WINNT\system32\msiexec.exe
2006-08-03 15:21 53,520 C:\WINNT\system32\msjter40.dll
2006-08-03 15:21 348,432 C:\WINNT\system32\msjetoledb40.dll
2006-08-03 15:21 305,664 C:\WINNT\system32\msihnd.dll
2006-08-03 15:21 241,936 C:\WINNT\system32\msjtes40.dll
2006-08-03 15:21 213,264 C:\WINNT\system32\msltus40.dll
2006-08-03 15:21 2,017,792 C:\WINNT\system32\msi.dll
2006-08-03 15:21 151,824 C:\WINNT\system32\msjint40.dll
2006-08-03 15:21 1,507,600 C:\WINNT\system32\msjet40.dll
2006-08-03 15:20 99,088 C:\WINNT\system32\modemui.dll
2006-08-03 15:20 88,848 C:\WINNT\system32\msdtclog.dll
2006-08-03 15:20 835,856 C:\WINNT\system32\mmcndmgr.dll
2006-08-03 15:20 707,344 C:\WINNT\system32\msdtcprx.dll
2006-08-03 15:20 69,904 C:\WINNT\system32\mprddm.dll
2006-08-03 15:20 603,408 C:\WINNT\system32\mmc.exe
2006-08-03 15:20 56,080 C:\WINNT\system32\mprui.dll
2006-08-03 15:20 55,056 C:\WINNT\system32\mpr.dll
2006-08-03 15:20 512,272 C:\WINNT\system32\msexch40.dll
2006-08-03 15:20 47,376 C:\WINNT\system32\mprdim.dll
2006-08-03 15:20 4,126 C:\WINNT\system32\msdxmlc.dll
2006-08-03 15:20 334,096 C:\WINNT\system32\MSGINA.DLL
2006-08-03 15:20 319,760 C:\WINNT\system32\msexcl40.dll
2006-08-03 15:20 24,848 C:\WINNT\system32\msdart32.dll
2006-08-03 15:20 236,304 C:\WINNT\system32\msclus.dll
2006-08-03 15:20 19,728 C:\WINNT\system32\mimefilt.dll
2006-08-03 15:20 169,232 C:\WINNT\system32\mobsync.dll
2006-08-03 15:20 146,192 C:\WINNT\system32\msdtcui.dll
2006-08-03 15:20 13,824 C:\WINNT\system32\mscpxl32.dLL
2006-08-03 15:20 111,376 C:\WINNT\system32\mobsync.exe
2006-08-03 15:20 108,816 C:\WINNT\system32\msafd.dll
2006-08-03 15:20 1,131,280 C:\WINNT\system32\msdtctm.dll
2006-08-03 15:20 1,015,859 C:\WINNT\system32\mfc42.dll
2006-08-03 15:20 1,011,764 C:\WINNT\system32\mfc42u.dll
2006-08-03 15:19 76,048 C:\WINNT\system32\mdhcp.dll
2006-08-03 15:19 66,320 C:\WINNT\system32\LOADPERF.DLL
2006-08-03 15:19 48,400 C:\WINNT\system32\loghours.dll
2006-08-03 15:19 43,792 C:\WINNT\system32\magnify.exe
2006-08-03 15:19 25,872 C:\WINNT\system32\LODCTR.EXE
2006-08-03 15:19 246,032 C:\WINNT\system32\localsec.dll
2006-08-03 15:19 20,240 C:\WINNT\system32\lpk.dll
2006-08-03 15:19 130,832 C:\WINNT\system32\logon.scr
2006-08-03 15:19 102,160 C:\WINNT\system32\mdminst.dll
2006-08-03 15:19 10,000 C:\WINNT\system32\lz32.dll
2006-08-03 15:15 92,032 C:\WINNT\system32\KRNL386.EXE
2006-08-03 15:15 73,488 C:\WINNT\system32\irmon.dll
2006-08-03 15:15 72,464 C:\WINNT\system32\isign32.dll
2006-08-03 15:15 69,904 C:\WINNT\system32\IPHLPAPI.DLL
2006-08-03 15:15 6,928 C:\WINNT\system32\KBDCA.DLL
2006-08-03 15:15 49,936 C:\WINNT\system32\ixsso.dll
2006-08-03 15:15 441,616 C:\WINNT\system32\ipnathlp.dll
2006-08-03 15:15 42,809 C:\WINNT\system32\key01.sys
2006-08-03 15:15 42,537 C:\WINNT\system32\KEYBOARD.SYS
2006-08-03 15:15 4,368 C:\WINNT\system32\IPROP.DLL
2006-08-03 15:15 374,032 C:\WINNT\system32\JET500.DLL
2006-08-03 15:15 212,752 C:\WINNT\system32\kerberos.dll
2006-08-03 15:15 159,504 C:\WINNT\system32\iprtrmgr.dll
2006-08-03 15:15 143,872 C:\WINNT\system32\itircl.dll
2006-08-03 15:15 122,368 C:\WINNT\system32\itss.dll
2006-08-03 15:14 97,040 C:\WINNT\system32\iasrad.dll
2006-08-03 15:14 96,528 C:\WINNT\system32\imm32.dll
2006-08-03 15:14 94,992 C:\WINNT\system32\FAXSVC.EXE
2006-08-03 15:14 92,944 C:\WINNT\system32\faxadmin.dll
2006-08-03 15:14 81,978 C:\WINNT\system32\hlink.dll
2006-08-03 15:14 80,144 C:\WINNT\system32\faxcom.dll
2006-08-03 15:14 77,584 C:\WINNT\system32\gpresult.exe
2006-08-03 15:14 76,560 C:\WINNT\system32\hotplug.dll
2006-08-03 15:14 75,536 C:\WINNT\system32\iasads.dll
2006-08-03 15:14 66,848 C:\WINNT\system32\HAL.DLL
2006-08-03 15:14 66,832 C:\WINNT\system32\inetpp.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iassvcs.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iasnap.dll
2006-08-03 15:14 6,416 C:\WINNT\system32\hccoin.dll
2006-08-03 15:14 55,568 C:\WINNT\system32\esentutl.exe
2006-08-03 15:14 50,448 C:\WINNT\system32\fdeploy.dll
2006-08-03 15:14 47,888 C:\WINNT\system32\EVENTLOG.DLL
2006-08-03 15:14 380,957 C:\WINNT\system32\expsrv.dll
2006-08-03 15:14 37,888 C:\WINNT\system32\hhsetup.dll
2006-08-03 15:14 305,424 C:\WINNT\system32\gpedit.dll
2006-08-03 15:14 294,672 C:\WINNT\system32\filemgmt.dll
2006-08-03 15:14 29,456 C:\WINNT\system32\INETMIB1.DLL
2006-08-03 15:14 28,944 C:\WINNT\system32\iasacct.dll
2006-08-03 15:14 269,584 C:\WINNT\system32\iassdo.dll
2006-08-03 15:14 25,872 C:\WINNT\system32\findstr.exe
2006-08-03 15:14 245,008 C:\WINNT\system32\icm32.dll
2006-08-03 15:14 243,472 C:\WINNT\explorer.exe
2006-08-03 15:14 233,744 C:\WINNT\system32\GDI32.DLL
2006-08-03 15:14 21,776 C:\WINNT\system32\HTICONS.DLL
2006-08-03 15:14 206,096 C:\WINNT\system32\infosoft.dll
2006-08-03 15:14 200,976 C:\WINNT\system32\FONTEXT.DLL
2006-08-03 15:14 20,752 C:\WINNT\system32\iasperf.dll
2006-08-03 15:14 187,152 C:\WINNT\system32\eudcedit.exe
2006-08-03 15:14 185,616 C:\WINNT\system32\faxt30.dll
2006-08-03 15:14 18,192 C:\WINNT\system32\hid.dll
2006-08-03 15:14 163,088 C:\WINNT\system32\h323msp.dll
2006-08-03 15:14 15,120 C:\WINNT\system32\faxdrv.dll
2006-08-03 15:14 138,000 C:\WINNT\system32\INITPKI.DLL
2006-08-03 15:14 138,000 C:\WINNT\system32\faxui.dll
2006-08-03 15:14 122,128 C:\WINNT\system32\idq.dll
2006-08-03 15:14 118,544 C:\WINNT\system32\gptext.dll
2006-08-03 15:14 100,624 C:\WINNT\system32\iassam.dll
2006-08-03 15:14 10,752 C:\WINNT\hh.exe
2006-08-03 15:14 1,135,376 C:\WINNT\system32\esent.dll
2006-08-03 15:13 92,944 C:\WINNT\system32\dskquota.dll
2006-08-03 15:13 92,432 C:\WINNT\system32\dnsrslvr.dll
2006-08-03 15:13 90,384 C:\WINNT\system32\CRYPTDLG.DLL
2006-08-03 15:13 76,048 C:\WINNT\system32\dfrgntfs.exe
2006-08-03 15:13 76,048 C:\WINNT\system32\cryptsvc.dll
2006-08-03 15:13 74,512 C:\WINNT\system32\dsauth.dll
2006-08-03 15:13 7,440 C:\WINNT\system32\control.exe
2006-08-03 15:13 625,936 C:\WINNT\system32\comuid.dll
2006-08-03 15:13 62,224 C:\WINNT\system32\dfrgfat.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\dllhst3g.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\DLLHOST.EXE
2006-08-03 15:13 5,392 C:\WINNT\system32\CSRSS.EXE
2006-08-03 15:13 498,205 C:\WINNT\system32\dxmasf.dll
2006-08-03 15:13 479,504 C:\WINNT\system32\CRYPT32.DLL
2006-08-03 15:13 443,664 C:\WINNT\system32\CRYPTUI.DLL
2006-08-03 15:13 44,304 C:\WINNT\system32\cryptdll.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\dmutil.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\CRYPTNET.DLL
2006-08-03 15:13 42,768 C:\WINNT\system32\dfrgsnap.dll
2006-08-03 15:13 41,744 C:\WINNT\system32\dsfolder.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbnmpntw.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsspxn.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsadsn.dll
2006-08-03 15:13 316,176 C:\WINNT\system32\dmconfig.dll
2006-08-03 15:13 306,448 C:\WINNT\system32\dhcpmon.dll
2006-08-03 15:13 299,792 C:\WINNT\system32\dsprop.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dssec.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsvinn.dLL
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsrpcn.dll
2006-08-03 15:13 27,097 C:\WINNT\system32\country.sys
2006-08-03 15:13 265,488 C:\WINNT\system32\dxmrtp.dll
2006-08-03 15:13 25,872 C:\WINNT\system32\conime.exe
2006-08-03 15:13 242,960 C:\WINNT\system32\cscui.dll
2006-08-03 15:13 24,848 C:\WINNT\system32\ds32gt.dll
2006-08-03 15:13 233,232 C:\WINNT\system32\es.dll
2006-08-03 15:13 221,968 C:\WINNT\system32\devmgr.dll
2006-08-03 15:13 22,800 C:\WINNT\system32\dfsshlex.dll
2006-08-03 15:13 219,920 C:\WINNT\system32\confmsp.dll
2006-08-03 15:13 174,864 C:\WINNT\system32\dmdlgs.dll
2006-08-03 15:13 163,600 C:\WINNT\system32\dmdskmgr.dll
2006-08-03 15:13 163,088 C:\WINNT\system32\dbghelp.dll
2006-08-03 15:13 16,144 C:\WINNT\system32\diskcopy.dll
2006-08-03 15:13 157,968 C:\WINNT\system32\els.dll
2006-08-03 15:13 157,456 C:\WINNT\system32\dsquery.dll
2006-08-03 15:13 147,728 C:\WINNT\system32\dmadmin.exe
2006-08-03 15:13 146,192 C:\WINNT\system32\dskquoui.dll
2006-08-03 15:13 145,680 C:\WINNT\system32\DSSBASE.DLL
2006-08-03 15:13 14,096 C:\WINNT\system32\diskperf.exe
2006-08-03 15:13 134,928 C:\WINNT\system32\dnsapi.dll
2006-08-03 15:13 13,072 C:\WINNT\system32\dmintf.dll
2006-08-03 15:13 122,368 C:\WINNT\system32\dmdskres.dll
2006-08-03 15:13 12,048 C:\WINNT\system32\dmserver.dll
2006-08-03 15:13 113,936 C:\WINNT\system32\DCOMCNFG.EXE
2006-08-03 15:13 110,864 C:\WINNT\system32\dsuiext.dll
2006-08-03 15:13 101,136 C:\WINNT\system32\cscdll.dll
2006-08-03 15:13 10,512 C:\WINNT\system32\dmremote.exe
2006-08-03 15:13 1,785,160 C:\WINNT\system32\dtcsetup.exe
2006-08-03 15:13 1,448,208 C:\WINNT\system32\comsvcs.dll
2006-08-03 15:12 96,016 C:\WINNT\system32\clbcatex.dll
2006-08-03 15:12 89,360 C:\WINNT\system32\comrepl.dll
2006-08-03 15:12 82,704 C:\WINNT\system32\cmnquery.dll
2006-08-03 15:12 8,976 C:\WINNT\system32\autolfn.exe
2006-08-03 15:12 78,608 C:\WINNT\system32\avifil32.dll
2006-08-03 15:12 78,096 C:\WINNT\system32\aclui.dll
2006-08-03 15:12 74,810 C:\WINNT\system32\atl.dll
2006-08-03 15:12 68,880 C:\WINNT\system32\browser.dll
2006-08-03 15:12 62,736 C:\WINNT\system32\adsmsext.dll
2006-08-03 15:12 61,712 C:\WINNT\system32\cliconfg.dll
2006-08-03 15:12 591,120 C:\WINNT\system32\catsrvut.dll
2006-08-03 15:12 568,592 C:\WINNT\system32\autofmt.exe
2006-08-03 15:12 55,568 C:\WINNT\system32\CLUSAPI.DLL
2006-08-03 15:12 510,224 C:\WINNT\system32\clbcatq.dll
2006-08-03 15:12 50,620 C:\WINNT\system32\command.com
2006-08-03 15:12 45,328 C:\WINNT\system32\cmstp.exe
2006-08-03 15:12 422,160 C:\WINNT\system32\certmgr.dll
2006-08-03 15:12 42,256 C:\WINNT\system32\BASESRV.DLL
2006-08-03 15:12 402,704 C:\WINNT\system32\cdonts.dll
2006-08-03 15:12 37,648 C:\WINNT\system32\colbact.dll
2006-08-03 15:12 37,136 C:\WINNT\system32\cliconfg.exe
2006-08-03 15:12 36,112 C:\WINNT\system32\cipher.exe
2006-08-03 15:12 31,504 C:\WINNT\system32\atmlib.dll
2006-08-03 15:12 3,856 C:\WINNT\system32\COMCAT.DLL
2006-08-03 15:12 291,888 C:\WINNT\system32\atmfd.dll
2006-08-03 15:12 236,304 C:\WINNT\system32\CMD.EXE
2006-08-03 15:12 23,824 C:\WINNT\system32\at.exe
2006-08-03 15:12 226,576 C:\WINNT\system32\avtapi.dll
2006-08-03 15:12 224,016 C:\WINNT\system32\appmgr.dll
2006-08-03 15:12 22,288 C:\WINNT\system32\cmutil.dll
2006-08-03 15:12 201,488 C:\WINNT\system32\adsnt.dll
2006-08-03 15:12 20,752 C:\WINNT\system32\batmeter.dll
2006-08-03 15:12 2,531,088 C:\WINNT\system32\cdosys.dll
2006-08-03 15:12 193,808 C:\WINNT\system32\cmdial32.dll
2006-08-03 15:12 182,032 C:\WINNT\system32\activeds.dll
2006-08-03 15:12 18,432 C:\WINNT\system32\cdm.dll
2006-08-03 15:12 166,160 C:\WINNT\system32\catsrv.dll
2006-08-03 15:12 164,112 C:\WINNT\system32\adsnds.dll
2006-08-03 15:12 159,807 C:\WINNT\system32\cmprops.dll
2006-08-03 15:12 156,944 C:\WINNT\system32\ciadmin.dll
2006-08-03 15:12 150,800 C:\WINNT\system32\accwiz.exe
2006-08-03 15:12 143,632 C:\WINNT\system32\ASYCFILT.DLL
2006-08-03 15:12 14,096 C:\WINNT\system32\atkctrs.dll
2006-08-03 15:12 135,440 C:\WINNT\system32\certcli.dll
2006-08-03 15:12 133,904 C:\WINNT\system32\adsldpc.dll
2006-08-03 15:12 130,832 C:\WINNT\system32\CLUSTER.EXE
2006-08-03 15:12 13,072 C:\WINNT\system32\CHKNTFS.EXE
2006-08-03 15:12 127,760 C:\WINNT\system32\capesnpn.dll
2006-08-03 15:12 125,712 C:\WINNT\system32\adsldp.dll
2006-08-03 15:12 120,592 C:\WINNT\system32\appmgmts.dll
2006-08-03 15:12 112,400 C:\WINNT\system32\adsnw.dll
2006-08-02 21:19 2,146,304 C:\WINNT\UNNMP.exe
2006-08-02 21:17 155,648 C:\WINNT\system32\NeroCheck.exe
2006-08-02 21:16 82,432 C:\WINNT\system32\drmstor.dll
2006-08-02 21:16 301,712 C:\WINNT\system32\drmclien.dll
2006-08-02 21:16 2,023,424 C:\WINNT\UNNeroVision.exe
2006-08-02 21:15 476,320 C:\WINNT\system32\ImagXpr7.dll
2006-08-02 21:15 471,040 C:\WINNT\system32\ImagXRA7.dll
2006-08-02 21:15 38,912 C:\WINNT\system32\picn20.dll
2006-08-02 21:15 364,544 C:\WINNT\system32\TwnLib4.dll
2006-08-02 21:15 262,144 C:\WINNT\system32\ImagXR7.dll
2006-08-02 21:15 106,496 C:\WINNT\system32\TwnLib20.dll
2006-08-02 21:15 1,568,768 C:\WINNT\system32\ImagX7.dll
2006-08-02 19:21 98,816 C:\WINNT\system32\dmstyle.dll
2006-08-02 19:21 937,984 C:\WINNT\system32\dxdiag.exe
2006-08-02 19:21 854,528 C:\WINNT\system32\Ltwvc12n.dll
2006-08-02 19:21 80,896 C:\WINNT\system32\dpvsetup.exe
2006-08-02 19:21 797,184 C:\WINNT\system32\d3dim700.dll
2006-08-02 19:21 78,336 C:\WINNT\system32\LFFAX12n.DLL
2006-08-02 19:21 77,824 C:\WINNT\system32\dpmodemx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dpwsockx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dmscript.dll
2006-08-02 19:21 733,184 C:\WINNT\system32\qedwipes.dll
2006-08-02 19:21 723,968 C:\WINNT\system32\dpnet.dll
2006-08-02 19:21 7,168 C:\WINNT\system32\d3d8thk.dll
2006-08-02 19:21 68,096 C:\WINNT\system32\dpnhupnp.dll
2006-08-02 19:21 664,576 C:\WINNT\system32\dinput8.dll
2006-08-02 19:21 645,120 C:\WINNT\system32\dinput.dll
2006-08-02 19:21 64,512 C:\WINNT\system32\amstream.dll
2006-08-02 19:21 602,624 C:\WINNT\system32\dx7vb.dll
2006-08-02 19:21 591,120 C:\WINNT\system32\d3dramp.dll
2006-08-02 19:21 58,368 C:\WINNT\system32\dmcompos.dll
2006-08-02 19:21 53,248 C:\WINNT\system32\SONYHCY.DLL
2006-08-02 19:21 491,520 C:\WINNT\system32\dsdmoprp.dll
2006-08-02 19:21 49,424 C:\WINNT\system32\d3dxof.dll
2006-08-02 19:21 480,256 C:\WINNT\system32\msvidctl.dll
2006-08-02 19:21 47,104 C:\WINNT\system32\wstdecod.dll
2006-08-02 19:21 459,264 C:\WINNT\system32\diactfrm.dll
2006-08-02 19:21 449,024 C:\WINNT\system32\qdvd.dll
2006-08-02 19:21 446,224 C:\WINNT\system32\d3dim.dll
2006-08-02 19:21 44,544 C:\WINNT\system32\dxdllreg.exe
2006-08-02 19:21 44,032 C:\WINNT\system32\dimap.dll
2006-08-02 19:21 43,008 C:\WINNT\system32\lfgif12n.dll
2006-08-02 19:21 41,472 C:\WINNT\system32\LTTWN12n.DLL
2006-08-02 19:21 406,528 C:\WINNT\system32\LTKRN12n.DLL
2006-08-02 19:21 4,096 C:\WINNT\system32\ksuser.dll
2006-08-02 19:21 381,952 C:\WINNT\system32\dpvoice.dll
2006-08-02 19:21 37,648 C:\WINNT\system32\d3dpmesh.dll
2006-08-02 19:21 364,816 C:\WINNT\system32\d3drm.dll
2006-08-02 19:21 355,328 C:\WINNT\system32\dsound.dll
2006-08-02 19:21 354,816 C:\WINNT\system32\psisdecd.dll
2006-08-02 19:21 34,304 C:\WINNT\system32\mciqtz32.dll
2006-08-02 19:21 33,280 C:\WINNT\system32\dmloader.dll
2006-08-02 19:21 324,096 C:\WINNT\system32\mswebdvd.dll
2006-08-02 19:21 32,768 C:\WINNT\system32\dpnhpast.dll
2006-08-02 19:21 314,880 C:\WINNT\system32\LFCMP12n.DLL
2006-08-02 19:21 311,808 C:\WINNT\system32\qdv.dll
2006-08-02 19:21 31,744 C:\WINNT\system32\pid.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnlobby.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnaddr.dll
2006-08-02 19:21 284,160 C:\WINNT\system32\ddraw.dll
2006-08-02 19:21 28,160 C:\WINNT\system32\dplaysvr.exe
2006-08-02 19:21 278,528 C:\WINNT\system32\LTDIS12n.DLL
2006-08-02 19:21 27,136 C:\WINNT\system32\dmband.dll
2006-08-02 19:21 257,024 C:\WINNT\system32\qcap.dll
2006-08-02 19:21 25,600 C:\WINNT\system32\lfavi12n.dll
2006-08-02 19:21 227,840 C:\WINNT\system32\LTEFX12n.DLL
2006-08-02 19:21 217,600 C:\WINNT\system32\dplayx.dll
2006-08-02 19:21 206,336 C:\WINNT\system32\gcdef.dll
2006-08-02 19:21 19,968 C:\WINNT\system32\dpvacm.dll
2006-08-02 19:21 186,880 C:\WINNT\system32\dsdmo.dll
2006-08-02 19:21 18,944 C:\WINNT\system32\encapi.dll
2006-08-02 19:21 18,432 C:\WINNT\system32\dswave.dll
2006-08-02 19:21 171,520 C:\WINNT\system32\dmime.dll
2006-08-02 19:21 166,400 C:\WINNT\system32\LTIMG12n.DLL
2006-08-02 19:21 16,896 C:\WINNT\system32\msyuv.dll
2006-08-02 19:21 16,896 C:\WINNT\system32\dpnsvr.exe
2006-08-02 19:21 155,648 C:\WINNT\system32\LFTIF12n.DLL
2006-08-02 19:21 132,608 C:\WINNT\system32\devenum.dll
2006-08-02 19:21 13,312 C:\WINNT\system32\msdmo.dll
2006-08-02 19:21 122,368 C:\WINNT\system32\LTFIL12n.DLL
2006-08-02 19:21 121,856 C:\WINNT\system32\lfmpg12n.dll
2006-08-02 19:21 116,736 C:\WINNT\system32\dmusic.dll
2006-08-02 19:21 112,128 C:\WINNT\system32\dpvvox.dll
2006-08-02 19:21 100,864 C:\WINNT\system32\dmsynth.dll
2006-08-02 19:21 1,962,496 C:\WINNT\system32\quartz.dll
2006-08-02 19:21 1,798,144 C:\WINNT\system32\qedit.dll
2006-08-02 19:21 1,675,264 C:\WINNT\system32\dxdiagn.dll
2006-08-02 19:21 1,634,304 C:\WINNT\system32\d3d9.dll
2006-08-02 19:21 1,294,336 C:\WINNT\system32\dsound3d.dll
2006-08-02 19:21 1,189,888 C:\WINNT\system32\dx8vb.dll
2006-08-02 19:21 1,177,600 C:\WINNT\system32\d3d8.dll
2006-08-02 18:26 91,408 C:\WINNT\system32\hpscnmgr.dll
2006-08-02 18:26 240,912 C:\WINNT\system32\hposcl10.dll
2006-08-02 18:26 10,000 C:\WINNT\system32\hpousd10.dll
2006-08-02 10:32 499,712 C:\WINNT\system32\msvcp71.dll
2006-08-02 10:32 348,160 C:\WINNT\system32\msvcr71.dll
2006-08-02 10:31 306,688 C:\WINNT\IsUninst.exe
2006-08-02 10:18 53,248 C:\WINNT\system32\IntelCdi.dll
2006-08-02 10:18 172,032 C:\WINNT\system32\intelmoh.dll
2006-08-01 22:18 708,608 C:\WINNT\system32\CDDBUIRoxio.dll
2006-08-01 22:18 569,344 C:\WINNT\system32\CDDBControlRoxio.dll
2006-08-01 22:18 49,152 C:\WINNT\system32\INETWH32.dll
2006-08-01 21:56 997,888 C:\WINNT\system32\wmvdmoe2.dll
2006-08-01 21:56 981,504 C:\WINNT\system32\wmnetmgr.dll
2006-08-01 21:56 98,304 C:\WINNT\system32\wmpshell.dll
2006-08-01 21:56 892,416 C:\WINNT\system32\wmspdmoe.dll
2006-08-01 21:56 816,264 C:\WINNT\system32\wmvdmod.dll
2006-08-01 21:56 81,408 C:\WINNT\system32\logagent.exe
2006-08-01 21:56 760,968 C:\WINNT\system32\wmsdmod.dll
2006-08-01 21:56 7,680 C:\WINNT\system32\asferror.dll
2006-08-01 21:56 678,912 C:\WINNT\system32\drmv2clt.dll
2006-08-01 21:56 670,208 C:\WINNT\system32\wmadmoe.dll
2006-08-01 21:56 6,656 C:\WINNT\system32\laprxy.dll
2006-08-01 21:56 57,344 C:\WINNT\uneng.exe
2006-08-01 21:56 52,224 C:\WINNT\system32\mspmsnsv.dll
2006-08-01 21:56 49,152 C:\WINNT\system32\cdrtc.dll
2006-08-01 21:56 486,536 C:\WINNT\system32\wmspdmod.dll
2006-08-01 21:56 45,056 C:\WINNT\system32\cdral.dll
2006-08-01 21:56 410,248 C:\WINNT\system32\wmadmod.dll
2006-08-01 21:56 384,512 C:\WINNT\system32\mp4sdmod.dll
2006-08-01 21:56 358,912 C:\WINNT\system32\msscp.dll
2006-08-01 21:56 316,040 C:\WINNT\system32\mp43dmod.dll
2006-08-01 21:56 27,136 C:\WINNT\system32\wmdmlog.dll
2006-08-01 21:56 253,952 C:\WINNT\system32\msnetobj.dll
2006-08-01 21:56 245,760 C:\WINNT\system32\mswmdm.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\qasf.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\mpg4dmod.dll
2006-08-01 21:56 232,960 C:\WINNT\system32\blackbox.dll
2006-08-01 21:56 23,552 C:\WINNT\system32\wmdmps.dll
2006-08-01 21:56 225,280 C:\WINNT\system32\wmpdxm.dll
2006-08-01 21:56 218,112 C:\WINNT\system32\wmasf.dll
2006-08-01 21:56 201,728 C:\WINNT\system32\mspmsp.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpui.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcore.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcd.dll
2006-08-01 21:56 2,940,928 C:\WINNT\system32\wmploc.dll
2006-08-01 21:56 2,058,888 C:\WINNT\system32\wmvcore.dll
2006-08-01 21:56 167,936 C:\WINNT\system32\wmerror.dll
2006-08-01 21:56 159,232 C:\WINNT\system32\CEWMDM.dll
2006-08-01 21:56 143,360 C:\WINNT\system32\wmidx.dll
2006-08-01 21:56 106,496 C:\WINNT\system32\wmpasf.dll
2006-08-01 21:56 1,111,040 C:\WINNT\system32\wmsdmoe2.dll
2006-08-01 18:33 393,968 C:\WINNT\system32\s3t3d2x.dll
2006-08-01 18:21 131,072 C:\WINNT\system32\mapi32.dll
2006-08-01 18:21 0 C:\MSDOS.SYS
2006-08-01 18:21 0 C:\IO.SYS
2006-08-01 18:21 0 C:\CONFIG.SYS
2006-08-01 18:21 0 C:\AUTOEXEC.BAT
2006-08-01 18:20 63,248 C:\WINNT\system32\ils.dll
2006-08-01 18:20 57,104 C:\WINNT\system32\icwdial.dll
2006-08-01 18:20 53,520 C:\WINNT\system32\msconf.dll
2006-08-01 18:20 5,904 C:\WINNT\system32\icfgnt5.dll
2006-08-01 18:20 49,424 C:\WINNT\system32\icwphbk.dll
2006-08-01 18:20 32,880 C:\WINNT\system32\mnmdd.dll
2006-08-01 18:20 3,072 C:\WINNT\system32\nmevtmsg.dll
2006-08-01 18:20 251,152 C:\WINNT\system32\inetcfg.dll
2006-08-01 18:20 21,776 C:\WINNT\system32\mnmsrvc.exe
2006-08-01 18:20 12,560 C:\WINNT\system32\nmmkcert.dll
2006-08-01 18:20 10,000 C:\WINNT\system32\mstinit.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"SpywareBot"="C:\\Program Files\\SpywareBot\\SpywareBot.exe -boot"
"epy9J"="\"C:\\WINNT\\system32\\l3jdfs.exe\""
"System"="C:\\WINNT\\system32\\kernels8.exe"
"sys11-2009561249"="C:\\WINNT\\sys11-2009561249.exe"
"ms049561249-200"="C:\\WINNT\\ms049561249-200.exe"
"SurfSideKick 3"="C:\\Program Files\\SurfSideKick 3\\Ssk.exe"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"New.net Startup"="rundll32 C:\\PROGRA~1\\NEWDOT~1\\NEWDOT~2.DLL,ClientStartup -s"
"TheMonitor"="C:\\WINNT\\Duce6.exe"

[HKEY_CURRENT_USER\software\microsoft\window

#10 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 15 August 2006 - 04:44 PM

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Select:
    • Delete on Reboot
    • then Click on the All Files button.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):



    C:\WINNT\Duce6.exe
    C:\WINNT\system32\dlh9jkdq8.exe
    C:\WINNT\system32\dlh9jkdq7.exe
    C:\WINNT\system32\dlh9jkdq6.exe
    C:\WINNT\system32\dlh9jkdq2.exe
    C:\WINNT\system32\dlh9jkdq5.exe
    C:\WINNT\system32\dlh9jkdq1.exe
    C:\WINNT\sys11-2009561249.exe
    C:\WINNT\system32\wapisvit.exe
    C:\WINNT\YOINSI.exe
    C:\WINNT\876057.exe
    C:\WINNT\system32\WinNB57.dll
    C:\WINNT\Tagasuarus2.exe
    C:\WINNT\STOPz.exe
    C:\WINNT\system32\whcixm7.exe
    C:\WINNT\system32afdaqd3.exe
    C:\WINNT\system32y3aqsoepa.exe
    C:\WINNT\system32\y3aqsoepa.exe
    C:\WINNT\system32cymmh.exe
    C:\WINNT\system32\cymmh.exe
    C:\WINNT\thiselt.exe
    C:\WINNT\pf78.exe
    C:\WINNT\system32zkdmg.exe
    C:\WINNT\system32uvzgi.exe
    C:\WINNT\system32tpsd.exe
    C:\WINNT\system32\uvzgi.exe
    C:\WINNT\system32\tpsd.exe
    C:\WINNT\unstall.exe
    C:\RDFX4.exe
    C:\WINNT\system32ghynf.exe
    C:\WINNT\system32\n9nyb.exe
    C:\WINNT\system32bez6n4r21.exe
    C:\WINNT\system32\bez6n4r21.exe
    C:\WINNT\system32n9nyb.exe
    C:\WINNT\pop06ap2.exe



  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

    If your computer does not restart automatically, please restart it manually.

  • After rebooting, open up Killbox again. Click File -> Logs -> Actions History Log
  • Post this log in your next reply.
=============



I need to see a different type of log from Hijackthis
  • Run Hijackthis.
  • Click on "Open the Misc Tools section".
  • Next click on "Open uninstall manager".
  • Press the button 'save list'. It will open a Notepad file.
  • Place the content of that file here in your in your next reply.

Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#11 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 15 August 2006 - 08:19 PM

Pocket Killbox version 2.0.0.648
Running on Windows 2000 as Dawn(Administrator)
was started @ Tuesday, August 15, 2006, 9:12 PM

# 1 [Delete on Reboot]
Path = C:\WINNT\Duce6.exe


# 2 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq8.exe


# 3 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq7.exe


# 4 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq6.exe


# 5 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq2.exe


# 6 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq5.exe


# 7 [Delete on Reboot]
Path = C:\WINNT\system32\dlh9jkdq1.exe


# 8 [Delete on Reboot]
Path = C:\WINNT\sys11-2009561249.exe


# 9 [Delete on Reboot]
Path = C:\WINNT\system32\wapisvit.exe


# 10 [Delete on Reboot]
Path = C:\WINNT\YOINSI.exe


# 11 [Delete on Reboot]
Path = C:\WINNT\876057.exe


# 12 [Delete on Reboot]
Path = C:\WINNT\system32\WinNB57.dll


# 13 [Delete on Reboot]
Path = C:\WINNT\Tagasuarus2.exe


# 14 [Delete on Reboot]
Path = C:\WINNT\STOPz.exe


# 15 [Delete on Reboot]
Path = C:\WINNT\system32\whcixm7.exe


# 16 [Delete on Reboot]
Path = C:\WINNT\system32afdaqd3.exe


# 17 [Delete on Reboot]
Path = C:\WINNT\system32y3aqsoepa.exe


# 18 [Delete on Reboot]
Path = C:\WINNT\system32\y3aqsoepa.exe


# 19 [Delete on Reboot]
Path = C:\WINNT\system32cymmh.exe


# 20 [Delete on Reboot]
Path = C:\WINNT\system32\cymmh.exe


# 21 [Delete on Reboot]
Path = C:\WINNT\thiselt.exe


# 22 [Delete on Reboot]
Path = C:\WINNT\pf78.exe


# 23 [Delete on Reboot]
Path = C:\WINNT\system32zkdmg.exe


# 24 [Delete on Reboot]
Path = C:\WINNT\system32uvzgi.exe


# 25 [Delete on Reboot]
Path = C:\WINNT\system32tpsd.exe


# 26 [Delete on Reboot]
Path = C:\WINNT\system32\uvzgi.exe


# 27 [Delete on Reboot]
Path = C:\WINNT\system32\tpsd.exe


# 28 [Delete on Reboot]
Path = C:\WINNT\unstall.exe


# 29 [Delete on Reboot]
Path = C:\RDFX4.exe


# 30 [Delete on Reboot]
Path = C:\WINNT\system32ghynf.exe


# 31 [Delete on Reboot]
Path = C:\WINNT\system32\n9nyb.exe


# 32 [Delete on Reboot]
Path = C:\WINNT\system32bez6n4r21.exe


# 33 [Delete on Reboot]
Path = C:\WINNT\system32\bez6n4r21.exe


# 34 [Delete on Reboot]
Path = C:\WINNT\system32n9nyb.exe


# 35 [Delete on Reboot]
Path = C:\WINNT\pop06ap2.exe


I Rebooted @ 9:13:30 PM
Pocket Killbox version 2.0.0.648
Running on Windows 2000 as Dawn(Administrator)
was started @ Tuesday, August 15, 2006, 9:15 PM




Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0.8
Adobe Shockwave Player
Cake Mania
Charter PipelineŽ Self-Installation
Easy CD Creator 5 Platinum
ewido anti-spyware 4.0
Free Spider
Google Toolbar for Internet Explorer
HijackThis 1.99.1
Intel® 537EP Modem
Macromedia Flash Player
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Nero Suite
New.net Domains 7.22
Picture Package
PowerDVD
Sandlot Games Client Services
Sony USB Driver
Spybot - Search & Destroy 1.4
Windows 2000 Service Pack 4
Windows Media Player system update (9 Series)
WinMX
WinZip
WSOC Weather Wizard
Yahoo! Toolbar


Ok, hope I did that right. Thanks again!! YOU ROCK!!!!

#12 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 16 August 2006 - 05:47 PM

Yes, you did great! :thumbsup:

Please click Start -> Control Panel -> Add/Remove Programs and uninstall these programs:

New.net Domains 7.22



Reboot and post a new hijackthis log(like the original log you posted).
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#13 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 17 August 2006 - 10:56 AM

Logfile of HijackThis v1.99.1
Scan saved at 11:54:19 AM, on 8/17/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Common Files\{8838875F-02BA-1033-0104-020315990001}\Update.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\WSOC Weather Wizard\TrueWeather.exe
C:\WINNT\system32\wuauclt.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5965DA90-B1C5-4E7D-8282-9190F29CE96B} - C:\Program Files\microsoft frontpage\hoseculyg.dll (file missing)
O2 - BHO: Vdrw Class - {8711CF54-E9C5-4DB4-9B9F-7D67393CC771} - C:\WINNT\system32\vf1v62x.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Ozbyq Class - {D623BC2F-A58D-4A75-A10D-CC244A702A35} - C:\WINNT\system32\xeymi.dll (file missing)
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [epy9J] "C:\WINNT\system32\l3jdfs.exe"
O4 - HKLM\..\Run: [System] C:\WINNT\system32\kernels8.exe
O4 - HKLM\..\Run: [sys11-2009561249] C:\WINNT\sys11-2009561249.exe
O4 - HKLM\..\Run: [ms049561249-200] C:\WINNT\ms049561249-200.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [TheMonitor] C:\WINNT\CCZoop05.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: WSOC Weather Wizard.lnk = C:\Program Files\Common Files\WSOC Weather Wizard\TrueWeather.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installd...leanerstart.cab
O16 - DPF: {5526B4C6-63D6-41A1-9783-0FABF529859A} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1154530703009
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O18 - Filter: text/html - {D5BA18F2-FF61-465F-831D-A6850B94FC01} - C:\WINNT\system32\vf1v62x.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe

OK, here it is, whatever we are doing, it seems to be working. I haven't had many pop-ups like before, except for those windows from messenger service. anyway, thanks again!!!!

#14 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:04:02 AM

Posted 17 August 2006 - 06:50 PM

We are definitely going in the right direction. :thumbsup:

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
You can reenable TeaTimer once your system is clean.


==============



Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.

R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - (no file)
O2 - BHO: (no name) - {5965DA90-B1C5-4E7D-8282-9190F29CE96B} - C:\Program Files\microsoft frontpage\hoseculyg.dll (file missing)
O2 - BHO: Vdrw Class - {8711CF54-E9C5-4DB4-9B9F-7D67393CC771} - C:\WINNT\system32\vf1v62x.dll (file missing)
O2 - BHO: Ozbyq Class - {D623BC2F-A58D-4A75-A10D-CC244A702A35} - C:\WINNT\system32\xeymi.dll (file missing)
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [epy9J] "C:\WINNT\system32\l3jdfs.exe"
O4 - HKLM\..\Run: [System] C:\WINNT\system32\kernels8.exe
O4 - HKLM\..\Run: [sys11-2009561249] C:\WINNT\sys11-2009561249.exe
O4 - HKLM\..\Run: [ms049561249-200] C:\WINNT\ms049561249-200.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINNT\CCZoop05.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://drivecleaner.com/.freeware/installd...leanerstart.cab
O16 - DPF: {5526B4C6-63D6-41A1-9783-0FABF529859A} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O18 - Filter: text/html - {D5BA18F2-FF61-465F-831D-A6850B94FC01} - C:\WINNT\system32\vf1v62x.dll




Reboot your computer.

Please post a new log from Combofix.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#15 dbherman

dbherman
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 18 August 2006 - 09:45 AM

Start Time= Fri 08/18/2006 10:42:13.86
Running from: C:\Documents and Settings\Dawn\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-08-14 14:41:44 ( .D... ) "C:\Program Files\Yahoo!"
2006-08-13 12:27:50 50688 ( A.S.. ) "C:\WINNT\NDNuninstall6_38.exe"
2006-08-13 12:27:50 8464 ( A.... ) "C:\WINNT\system32\sporder.dll"
2006-08-13 12:27:50 ( .D... ) "C:\Program Files\NewDotNet"
2006-08-12 12:05:28 ( AD... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-08-11 15:04:32 836 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\ViewerApp.dat"
2006-08-11 10:35:40 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\Install.dat"
2006-08-09 11:01:14 81920 ( A.... ) "C:\WINNT\system32\dvdplay.dll"
2006-08-09 11:01:10 ( .D... ) "C:\Program Files\s?stem32"
2006-08-09 10:58:18 175362 ( A.... ) "C:\Program Files\Common Files\EliteMediaGroupOinUninstaller.exe"
2006-08-09 10:58:16 ( .D... ) "C:\Program Files\arro"
2006-08-06 09:49:36 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\AdobeUM"
2006-08-06 09:35:06 ( .D... ) "C:\Program Files\Adobe"
2006-08-06 09:35:04 869 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\AdobeDLM.log"
2006-08-06 09:35:04 0 ( A.... ) "C:\Documents and Settings\Dawn\Application Data\dm.ini"
2006-08-06 09:27:24 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Adobe"
2006-08-06 09:27:22 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-08-05 13:52:42 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Free Spider TreeCardGames"
2006-08-05 13:52:36 ( .D... ) "C:\Program Files\Free Spider"
2006-08-05 11:41:58 ( .D... ) "C:\Program Files\Common Files\Sandlot Shared"
2006-08-04 10:59:14 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-08-04 10:28:10 ( .D... ) "C:\Program Files\Common Files\ufqm"
2006-08-04 10:25:22 226536 ( A.... ) "C:\WINNT\whCC-GIANT.exe"
2006-08-04 10:25:22 ( .D... ) "C:\Program Files\Common Files\{8838875F-02BA-1033-0104-020315990001}"
2006-08-04 09:11:32 61440 ( A.... ) "C:\WINNT\wnUninstall.exe"
2006-08-04 09:11:32 ( .D... ) "C:\Program Files\Common Files\WSOC Weather Wizard"
2006-08-03 18:40:40 ( .D... ) "C:\Program Files\MSN Games"
2006-08-03 16:34:18 ( .D... ) "C:\Program Files\MXpie Patch"
2006-08-03 16:31:10 ( .D... ) "C:\Program Files\WinMX"
2006-08-03 16:08:28 ( .D... ) "C:\Program Files\Google"
2006-08-03 16:08:28 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Google"
2006-08-03 15:31:16 34724 ( A.SHR ) "C:\NTDETECT.COM"
2006-08-03 15:09:34 ( AD.H. ) "C:\Program Files\WindowsUpdate"
2006-08-03 15:05:18 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Macromedia"
2006-08-03 15:02:16 ( .D... ) "C:\Program Files\Support.com"
2006-08-02 21:15:46 ( .D... ) "C:\Program Files\Common Files\Ahead"
2006-08-02 21:15:42 ( .D... ) "C:\Program Files\Ahead"
2006-08-02 21:13:08 ( .D... ) "C:\Program Files\CyberLink"
2006-08-02 19:20:52 ( .D... ) "C:\Program Files\Common Files\muvee Technologies"
2006-08-02 19:20:50 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-08-02 19:20:50 ( .D... ) "C:\Program Files\Sony Corporation"
2006-08-01 22:18:14 1044480 ( A.... ) "C:\WINNT\system32\Roboex32.dll"
2006-08-01 22:18:14 708608 ( A.... ) "C:\WINNT\system32\CDDBUIRoxio.dll"
2006-08-01 22:18:14 569344 ( A.... ) "C:\WINNT\system32\CDDBControlRoxio.dll"
2006-08-01 22:18:14 57344 ( A.... ) "C:\WINNT\uneng.exe"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\INETWH32.dll"
2006-08-01 22:18:14 49152 ( A.... ) "C:\WINNT\system32\cdrtc.dll"
2006-08-01 22:18:14 45056 ( A.... ) "C:\WINNT\system32\cdral.dll"
2006-08-01 22:14:42 ( .D... ) "C:\Program Files\Adaptec"
2006-08-01 22:13:52 ( .D... ) "C:\Program Files\Common Files\InstallShield"
2006-08-01 22:12:00 ( AD... ) "C:\Program Files\Common Files\Microsoft Shared"
2006-08-01 22:10:48 ( .D... ) "C:\Program Files\Snapshot Viewer"
2006-08-01 22:07:44 ( .D... ) "C:\Program Files\Common Files\Designer"
2006-08-01 22:06:26 ( .D... ) "C:\Program Files\Microsoft Office"
2006-08-01 22:06:26 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Microsoft Web Folders"
2006-08-01 22:02:14 ( .D.H. ) "C:\Program Files\Uninstall Information"
2006-08-01 21:56:40 ( .D... ) "C:\Program Files\Common Files\Adaptec Shared"
2006-08-01 21:12:24 ( .D... ) "C:\Program Files\WinZip"
2006-08-01 18:27:08 ( .D... ) "C:\Documents and Settings\Dawn\Application Data\Identities"
2006-08-01 18:27:02 ( .DS.. ) "C:\Documents and Settings\Dawn\Application Data\Microsoft"
2006-08-01 18:22:34 ( .D... ) "C:\Program Files\microsoft frontpage"
2006-08-01 18:21:46 0 ( ...H. ) "C:\AUTOEXEC.BAT"
2006-08-01 18:20:50 21952 ( ...H. ) "C:\Program Files\folder.htt"
2006-08-01 18:20:50 271 ( ...H. ) "C:\Program Files\desktop.ini"
2006-08-01 18:20:40 ( .D... ) "C:\Program Files\Windows Media Player"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\NetMeeting"
2006-08-01 18:20:34 ( .D... ) "C:\Program Files\Common Files\Services"
2006-08-01 18:20:28 ( .D... ) "C:\Program Files\Outlook Express"
2006-08-01 18:20:18 ( .D... ) "C:\Program Files\Common Files\System"
2006-08-01 18:20:10 ( .D... ) "C:\Program Files\Internet Explorer"
2006-08-01 18:20:02 ( .D... ) "C:\Program Files\ComPlus Applications"
2006-07-31 16:03:08 1163264 ( A.... ) "C:\WINNT\system32\riwzkn.exe"
2006-07-31 16:02:56 36864 ( A.... ) "C:\WINNT\system32\hauc.exe"
2006-07-21 18:55:38 127578 ( A.... ) "C:\WINNT\system32\tsuninst.exe"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-08-13 12:27 8,464 C:\WINNT\system32\sporder.dll
2006-08-13 12:27 50,688 C:\WINNT\NDNuninstall6_38.exe
2006-08-09 11:01 81,920 C:\WINNT\system32\dvdplay.dll
2006-08-05 11:42 44,032 C:\WINNT\system32\msxml3r.dll
2006-08-04 10:50 78,488 C:\WINNT\system32\XMD5.dll
2006-08-04 10:50 101,888 C:\WINNT\system32\vb6stkit.dll
2006-08-04 10:50 1,386,496 C:\WINNT\system32\msvbvm60.dll
2006-08-04 10:28 127,578 C:\WINNT\system32\tsuninst.exe
2006-08-04 10:26 36,864 C:\WINNT\system32\hauc.exe
2006-08-04 10:26 1,163,264 C:\WINNT\system32\riwzkn.exe
2006-08-04 10:25 226,536 C:\WINNT\whCC-GIANT.exe
2006-08-04 09:11 61,440 C:\WINNT\wnUninstall.exe
2006-08-03 15:30 3,856 C:\WINNT\system32\SVCPACK1.DLL
2006-08-03 15:27 92,432 C:\WINNT\system32\xactsrv.dll
2006-08-03 15:27 8,464 C:\WINNT\system32\wshirda.dll
2006-08-03 15:27 79,120 C:\WINNT\system32\winscard.dll
2006-08-03 15:27 74,512 C:\WINNT\system32\wmicore.dll
2006-08-03 15:27 69,904 C:\WINNT\system32\ws2_32.dll
2006-08-03 15:27 59,152 C:\WINNT\system32\winfax.dll
2006-08-03 15:27 57,616 C:\WINNT\system32\wlnotify.dll
2006-08-03 15:27 42,768 C:\WINNT\system32\webhits.dll
2006-08-03 15:27 4,368 C:\WINNT\system32\winver.exe
2006-08-03 15:27 39,696 C:\WINNT\system32\wsnmp32.dll
2006-08-03 15:27 39,184 C:\WINNT\system32\winsta.dll
2006-08-03 15:27 29,968 C:\WINNT\system32\wpnpinst.exe
2006-08-03 15:27 28,400 C:\WINNT\system32\wupdinfo.dll
2006-08-03 15:27 270,608 C:\WINNT\winhlp32.exe
2006-08-03 15:27 240,912 C:\WINNT\system32\wow32.dll
2006-08-03 15:27 239,376 C:\WINNT\system32\winsmon.dll
2006-08-03 15:27 21,776 C:\WINNT\system32\wsock32.dll
2006-08-03 15:27 193,296 C:\WINNT\winrep.exe
2006-08-03 15:27 181,008 C:\WINNT\system32\WINLOGON.EXE
2006-08-03 15:27 172,664 C:\WINNT\system32\XENROLL.DLL
2006-08-03 15:27 17,680 C:\WINNT\system32\wshtcpip.dll
2006-08-03 15:27 166,160 C:\WINNT\system32\WINTRUST.DLL
2006-08-03 15:27 162,064 C:\WINNT\system32\WLDAP32.DLL
2006-08-03 15:27 10,000 C:\WINNT\system32\wshatm.dll
2006-08-03 15:26 977,680 C:\WINNT\system32\vfpodbc.dll
2006-08-03 15:26 83,888 C:\WINNT\system32\vga.dll
2006-08-03 15:26 68,368 C:\WINNT\system32\unimdmat.dll
2006-08-03 15:26 57,104 C:\WINNT\system32\w32tm.exe
2006-08-03 15:26 51,472 C:\WINNT\system32\w32time.dll
2006-08-03 15:26 403,216 C:\WINNT\system32\USER32.DLL
2006-08-03 15:26 389,904 C:\WINNT\system32\USERENV.DLL
2006-08-03 15:26 315,664 C:\WINNT\system32\usp10.dll
2006-08-03 15:26 30,749 C:\WINNT\system32\vbajet32.dll
2006-08-03 15:26 26,384 C:\WINNT\system32\utildll.dll
2006-08-03 15:26 24,848 C:\WINNT\system32\spdwnw2k.exe
2006-08-03 15:26 22,800 C:\WINNT\system32\utilman.exe
2006-08-03 15:26 21,776 C:\WINNT\system32\spupdw2k.exe
2006-08-03 15:26 16,144 C:\WINNT\system32\version.dll
2006-08-03 15:26 155,920 C:\WINNT\system32\wavemsp.dll
2006-08-03 15:26 15,872 C:\WINNT\system32\spupdsvc.exe
2006-08-03 15:26 14,608 C:\WINNT\system32\uniplat.dll
2006-08-03 15:26 11,536 C:\WINNT\system32\usbmon.dll
2006-08-03 15:25 971,024 C:\WINNT\system32\sfcfiles.dll
2006-08-03 15:25 95,024 C:\WINNT\system32\sfc.dll
2006-08-03 15:25 90,384 C:\WINNT\system32\trkwks.dll
2006-08-03 15:25 87,312 C:\WINNT\system32\TASKMGR.EXE
2006-08-03 15:25 85,776 C:\WINNT\system32\smlogsvc.exe
2006-08-03 15:25 81,168 C:\WINNT\system32\stobject.dll
2006-08-03 15:25 80,144 C:\WINNT\system32\telnet.exe
2006-08-03 15:25 7,440 C:\WINNT\system32\svcpack.dll
2006-08-03 15:25 7,440 C:\WINNT\system32\sensapi.dll
2006-08-03 15:25 69,392 C:\WINNT\system32\shim.dll
2006-08-03 15:25 65,601 C:\WINNT\system32\servdeps.dll
2006-08-03 15:25 62,736 C:\WINNT\system32\sstext3d.scr
2006-08-03 15:25 61,712 C:\WINNT\system32\stisvc.exe
2006-08-03 15:25 6,928 C:\WINNT\system32\skdll.dll
2006-08-03 15:25 55,056 C:\WINNT\system32\tlntsess.exe
2006-08-03 15:25 524,560 C:\WINNT\system32\sqlsrv32.dll
2006-08-03 15:25 49,424 C:\WINNT\system32\sqlwoa.dll
2006-08-03 15:25 48,912 C:\WINNT\system32\secur32.dll
2006-08-03 15:25 47,888 C:\WINNT\system32\ssbezier.scr
2006-08-03 15:25 45,840 C:\WINNT\system32\skeys.exe
2006-08-03 15:25 419,600 C:\WINNT\system32\ssmaze.scr
2006-08-03 15:25 41,744 C:\WINNT\system32\tcpmon.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\sti.dll
2006-08-03 15:25 41,744 C:\WINNT\system32\ssflwbox.scr
2006-08-03 15:25 397,584 C:\WINNT\system32\txfaux.dll
2006-08-03 15:25 38,672 C:\WINNT\system32\ssmarque.scr
2006-08-03 15:25 38,160 C:\WINNT\system32\sens.dll
2006-08-03 15:25 375,568 C:\WINNT\system32\tapi3.dll
2006-08-03 15:25 36,624 C:\WINNT\system32\ssmyst.scr
2006-08-03 15:25 35,600 C:\WINNT\system32\storprop.dll
2006-08-03 15:25 33,552 C:\WINNT\system32\shmgrate.exe
2006-08-03 15:25 33,040 C:\WINNT\system32\ssstars.scr
2006-08-03 15:25 31,504 C:\WINNT\system32\traffic.dll
2006-08-03 15:25 285,456 C:\WINNT\system32\smlogcfg.dll
2006-08-03 15:25 27,920 C:\WINNT\system32\umandlg.dll
2006-08-03 15:25 246,544 C:\WINNT\system32\strmdll.dll
2006-08-03 15:25 24,848 C:\WINNT\system32\sqlwid.dll
2006-08-03 15:25 214,288 C:\WINNT\system32\snmpsnap.dll
2006-08-03 15:25 21,264 C:\WINNT\system32\stimon.exe
2006-08-03 15:25 2,383,632 C:\WINNT\system32\SHELL32.DLL
2006-08-03 15:25 187,664 C:\WINNT\system32\thumbvw.dll
2006-08-03 15:25 187,024 C:\WINNT\system32\spcmdcon.sys
2006-08-03 15:25 186,128 C:\WINNT\system32\tlntsvr.exe
2006-08-03 15:25 173,328 C:\WINNT\system32\tapisrv.dll
2006-08-03 15:25 17,680 C:\WINNT\system32\tftp.exe
2006-08-03 15:25 17,680 C:\WINNT\system32\SNMPAPI.DLL
2006-08-03 15:25 17,168 C:\WINNT\system32\seclogon.dll
2006-08-03 15:25 17,168 C:\WINNT\system32\secedit.exe
2006-08-03 15:25 15,120 C:\WINNT\system32\sisbkup.dll
2006-08-03 15:25 138,000 C:\WINNT\system32\ss3dfo.scr
2006-08-03 15:25 13,072 C:\WINNT\system32\tcpmib.dll
2006-08-03 15:25 126,736 C:\WINNT\system32\TAPI32.DLL
2006-08-03 15:25 119,056 C:\WINNT\system32\sqlstr.dll
2006-08-03 15:25 107,792 C:\WINNT\system32\sndrec32.exe
2006-08-03 15:25 102,160 C:\WINNT\system32\sspipes.scr
2006-08-03 15:24 996,112 C:\WINNT\system32\OLE32.DLL
2006-08-03 15:24 97,040 C:\WINNT\system32\rtm.dll
2006-08-03 15:24 90,112 C:\WINNT\system32\odbcint.dll
2006-08-03 15:24 85,776 C:\WINNT\system32\ntsdexts.dll
2006-08-03 15:24 77,584 C:\WINNT\system32\scripto.dll
2006-08-03 15:24 77,072 C:\WINNT\system32\rsvpsp.dll
2006-08-03 15:24 73,488 C:\WINNT\regedit.exe
2006-08-03 15:24 70,928 C:\WINNT\system32\olethk32.dll
2006-08-03 15:24 692,496 C:\WINNT\system32\OPENGL32.DLL
2006-08-03 15:24 68,368 C:\WINNT\system32\regsvc.exe
2006-08-03 15:24 63,248 C:\WINNT\system32\RASSCRPT.DLL
2006-08-03 15:24 60,688 C:\WINNT\system32\RASCHAP.DLL
2006-08-03 15:24 57,104 C:\WINNT\system32\ocmanage.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\odbcji32.dll
2006-08-03 15:24 53,520 C:\WINNT\system32\ntmsapi.dll
2006-08-03 15:24 53,008 C:\WINNT\system32\packager.exe
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdx86.dll
2006-08-03 15:24 48,200 C:\WINNT\system32\scrdenrl.dll
2006-08-03 15:24 454,416 C:\WINNT\system32\rpcrt4.dll
2006-08-03 15:24 446,224 C:\WINNT\system32\oakley.dll
2006-08-03 15:24 444,176 C:\WINNT\system32\oieng400.dll
2006-08-03 15:24 44,816 C:\WINNT\system32\rsm.exe
2006-08-03 15:24 431,888 C:\WINNT\system32\riched20.dll
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.exe
2006-08-03 15:24 41,232 C:\WINNT\system32\odbcconf.dll
2006-08-03 15:24 401,168 C:\WINNT\system32\ntmssvc.dll
2006-08-03 15:24 40,720 C:\WINNT\system32\RESUTILS.DLL
2006-08-03 15:24 37,136 C:\WINNT\system32\ODBCAD32.exe
2006-08-03 15:24 36,624 C:\WINNT\system32\RNR20.DLL
2006-08-03 15:24 36,112 C:\WINNT\system32\regapi.dll
2006-08-03 15:24 29,968 C:\WINNT\system32\profmap.dll
2006-08-03 15:24 29,456 C:\WINNT\system32\perfproc.dll
2006-08-03 15:24 28,432 C:\WINNT\system32\scrnsave.scr
2006-08-03 15:24 270,608 C:\WINNT\system32\odbcjt32.dll
2006-08-03 15:24 254,736 C:\WINNT\system32\scesrv.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rsfsaps.dll
2006-08-03 15:24 25,360 C:\WINNT\system32\rapilib.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\perfdisk.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\odbcbcp.dll
2006-08-03 15:24 24,848 C:\WINNT\system32\ODBC32GT.dll
2006-08-03 15:24 24,336 C:\WINNT\system32\rpcns4.dll
2006-08-03 15:24 239,376 C:\WINNT\system32\rpcss.dll
2006-08-03 15:24 221,456 C:\WINNT\system32\osk.exe
2006-08-03 15:24 22,800 C:\WINNT\system32\routeext.dll
2006-08-03 15:24 217,360 C:\WINNT\system32\ODBC32.dll
2006-08-03 15:24 214,800 C:\WINNT\system32\objsel.dll
2006-08-03 15:24 200,976 C:\WINNT\system32\odbccu32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\sclgntfy.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odtext32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odpdx32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odfox32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\odexl32.dll
2006-08-03 15:24 20,752 C:\WINNT\system32\oddbse32.dll
2006-08-03 15:24 198,928 C:\WINNT\system32\rasppp.dll
2006-08-03 15:24 196,880 C:\WINNT\system32\odbccr32.dll
2006-08-03 15:24 176,912 C:\WINNT\system32\rsvp.exe
2006-08-03 15:24 173,328 C:\WINNT\system32\ntmsdba.dll
2006-08-03 15:24 164,112 C:\WINNT\system32\OLEPRO32.DLL
2006-08-03 15:24 155,920 C:\WINNT\system32\ODBCTRAC.dll
2006-08-03 15:24 154,896 C:\WINNT\system32\rasmontr.dll
2006-08-03 15:24 151,824 C:\WINNT\system32\pdh.dll
2006-08-03 15:24 146,192 C:\WINNT\system32\polstore.dll
2006-08-03 15:24 14,608 C:\WINNT\system32\RASSAPI.DLL
2006-08-03 15:24 14,096 C:\WINNT\system32\rsh.exe
2006-08-03 15:24 139,536 C:\WINNT\system32\regedt32.exe
2006-08-03 15:24 132,368 C:\WINNT\system32\RSABASE.DLL
2006-08-03 15:24 13,584 C:\WINNT\system32\powrprof.dll
2006-08-03 15:24 115,472 C:\WINNT\system32\PSBASE.DLL
2006-08-03 15:24 114,448 C:\WINNT\system32\scecli.dll
2006-08-03 15:24 111,888 C:\WINNT\system32\polagent.dll
2006-08-03 15:24 110,080 C:\WINNT\system32\offfilt.dll
2006-08-03 15:24 11,024 C:\WINNT\system32\REGSVR32.EXE
2006-08-03 15:24 108,304 C:\WINNT\system32\rsnotify.exe
2006-08-03 15:24 106,256 C:\WINNT\system32\oleprn.dll
2006-08-03 15:24 105,232 C:\WINNT\system32\rend.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\odbccp32.dll
2006-08-03 15:24 102,672 C:\WINNT\system32\NTMARTA.DLL
2006-08-03 15:24 100,624 C:\WINNT\system32\rastls.dll
2006-08-03 15:24 10,000 C:\WINNT\system32\runas.exe
2006-08-03 15:24 1,427,216 C:\WINNT\system32\query.dll
2006-08-03 15:23 9,216 C:\WINNT\system32\wuauserv.dll
2006-08-03 15:23 89,600 C:\WINNT\system32\nlhtml.dll
2006-08-03 15:23 79,632 C:\WINNT\system32\ntdskcc.dll
2006-08-03 15:23 67,344 C:\WINNT\system32\ntdsetup.dll
2006-08-03 15:23 6,928 C:\WINNT\system32\perfvd.exe
2006-08-03 15:23 57,616 C:\WINNT\system32\ntdsapi.dll
2006-08-03 15:23 55,056 C:\WINNT\system32\authz.dll
2006-08-03 15:23 52,496 C:\WINNT\system32\wzcdlg.dll
2006-08-03 15:23 5,632 C:\WINNT\system32\sp2res.dll
2006-08-03 15:23 45,840 C:\WINNT\system32\msmqprop.exe
2006-08-03 15:23 4,010,496 C:\WINNT\system32\sp3res.dll
2006-08-03 15:23 39,936 C:\WINNT\system32\msisip.dll
2006-08-03 15:23 35,648 C:\WINNT\system32\ntio411.sys
2006-08-03 15:23 35,408 C:\WINNT\system32\ntio412.sys
2006-08-03 15:23 34,816 C:\WINNT\system32\msiregmv.exe
2006-08-03 15:23 34,576 C:\WINNT\system32\wzcsetup.exe
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio804.sys
2006-08-03 15:23 34,544 C:\WINNT\system32\ntio404.sys
2006-08-03 15:23 33,824 C:\WINNT\system32\NTIO.SYS
2006-08-03 15:23 32,016 C:\WINNT\system32\ntdsatq.dll
2006-08-03 15:23 310,784 C:\WINNT\system32\winhttp.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\wzcsapi.dll
2006-08-03 15:23 29,968 C:\WINNT\system32\ntdsbsrv.dll
2006-08-03 15:23 28,432 C:\WINNT\system32\ntdsbcli.dll
2006-08-03 15:23 26,624 C:\WINNT\system32\msxmlr.dll
2006-08-03 15:23 244,224 C:\WINNT\system32\qmgr.dll
2006-08-03 15:23 24,336 C:\WINNT\system32\ftpqfe.exe
2006-08-03 15:23 195,856 C:\WINNT\system32\wzcsvc.dll
2006-08-03 15:23 192,512 C:\WINNT\system32\wuaueng.dll
2006-08-03 15:23 18,432 C:\WINNT\system32\qmgrprxy.dll
2006-08-03 15:23 18,192 C:\WINNT\system32\sp4iis.exe
2006-08-03 15:23 165,136 C:\WINNT\system32\ntdsutil.exe
2006-08-03 15:23 147,216 C:\WINNT\system32\dssenh.dll
2006-08-03 15:23 141,312 C:\WINNT\system32\wuauclt.exe
2006-08-03 15:23 134,928 C:\WINNT\system32\rsaenh.dll
2006-08-03 15:23 13,072 C:\WINNT\system32\spiisupd.exe
2006-08-03 15:23 113,936 C:\WINNT\system32\newdev.dll
2006-08-03 15:23 11,536 C:\WINNT\system32\sptsupd.exe
2006-08-03 15:23 1,040,656 C:\WINNT\system32\ntdsa.dll
2006-08-03 15:22 95,504 C:\WINNT\system32\netman.dll
2006-08-03 15:22 831,760 C:\WINNT\system32\mswdat10.dll
2006-08-03 15:22 76,560 C:\WINNT\system32\msw3prt.dll
2006-08-03 15:22 71,952 C:\WINNT\system32\netui0.dll
2006-08-03 15:22 7,440 C:\WINNT\system32\msswchx.exe
2006-08-03 15:22 64,272 C:\WINNT\system32\mswsock.dll
2006-08-03 15:22 614,672 C:\WINNT\system32\mswstr10.dll
2006-08-03 15:22 57,104 C:\WINNT\system32\mydocs.dll
2006-08-03 15:22 553,232 C:\WINNT\system32\msrepl40.dll
2006-08-03 15:22 547,600 C:\WINNT\system32\netcfgx.dll
2006-08-03 15:22 52,496 C:\WINNT\system32\mtxclu.dll
2006-08-03 15:22 514,320 C:\WINNT\system32\msxml.dll
2006-08-03 15:22 477,456 C:\WINNT\system32\netshell.dll
2006-08-03 15:22 47,104 C:\WINNT\system32\MSPRIVS.DLL
2006-08-03 15:22 422,160 C:\WINNT\system32\msrd2x40.dll
2006-08-03 15:22 4,880 C:\WINNT\system32\NDDEAPIR.EXE
2006-08-03 15:22 371,984 C:\WINNT\system32\NETLOGON.DLL
2006-08-03 15:22 35,088 C:\WINNT\system32\MSSIGN32.DLL
2006-08-03 15:22 348,432 C:\WINNT\system32\msxbde40.dll
2006-08-03 15:22 348,432 C:\WINNT\system32\mspbde40.dll
2006-08-03 15:22 315,664 C:\WINNT\system32\msrd3x40.dll
2006-08-03 15:22 311,568 C:\WINNT\system32\NETAPI32.DLL
2006-08-03 15:22 286,773 C:\WINNT\system32\msvcrt.dll
2006-08-03 15:22 26,896 C:\WINNT\system32\NETSTAT.EXE
2006-08-03 15:22 258,320 C:\WINNT\system32\mstext40.dll
2006-08-03 15:22 24,848 C:\WINNT\system32\narrator.exe
2006-08-03 15:22 23,312 C:\WINNT\system32\mtxdm.dll
2006-08-03 15:22 216,848 C:\WINNT\system32\mstask.dll
2006-08-03 15:22 173,840 C:\WINNT\system32\netplwiz.dll
2006-08-03 15:22 16,144 C:\WINNT\system32\NDDEAPI.DLL
2006-08-03 15:22 155,920 C:\WINNT\system32\msorcl32.dll
2006-08-03 15:22 14,608 C:\WINNT\system32\msswch.dll
2006-08-03 15:22 131,344 C:\WINNT\system32\netid.dll
2006-08-03 15:22 124,176 C:\WINNT\system32\net1.exe
2006-08-03 15:22 119,568 C:\WINNT\system32\mstask.exe
2006-08-03 15:22 116,496 C:\WINNT\system32\msvfw32.dll
2006-08-03 15:22 110,352 C:\WINNT\system32\mycomput.dll
2006-08-03 15:22 11,024 C:\WINNT\system32\msrle32.dll
2006-08-03 15:22 108,816 C:\WINNT\system32\NETDDE.EXE
2006-08-03 15:22 105,744 C:\WINNT\system32\mtxoci.dll
2006-08-03 15:21 847,872 C:\WINNT\system32\msimsg.dll
2006-08-03 15:21 64,512 C:\WINNT\system32\msiexec.exe
2006-08-03 15:21 53,520 C:\WINNT\system32\msjter40.dll
2006-08-03 15:21 348,432 C:\WINNT\system32\msjetoledb40.dll
2006-08-03 15:21 305,664 C:\WINNT\system32\msihnd.dll
2006-08-03 15:21 241,936 C:\WINNT\system32\msjtes40.dll
2006-08-03 15:21 213,264 C:\WINNT\system32\msltus40.dll
2006-08-03 15:21 2,017,792 C:\WINNT\system32\msi.dll
2006-08-03 15:21 151,824 C:\WINNT\system32\msjint40.dll
2006-08-03 15:21 1,507,600 C:\WINNT\system32\msjet40.dll
2006-08-03 15:20 99,088 C:\WINNT\system32\modemui.dll
2006-08-03 15:20 88,848 C:\WINNT\system32\msdtclog.dll
2006-08-03 15:20 835,856 C:\WINNT\system32\mmcndmgr.dll
2006-08-03 15:20 707,344 C:\WINNT\system32\msdtcprx.dll
2006-08-03 15:20 69,904 C:\WINNT\system32\mprddm.dll
2006-08-03 15:20 603,408 C:\WINNT\system32\mmc.exe
2006-08-03 15:20 56,080 C:\WINNT\system32\mprui.dll
2006-08-03 15:20 55,056 C:\WINNT\system32\mpr.dll
2006-08-03 15:20 512,272 C:\WINNT\system32\msexch40.dll
2006-08-03 15:20 47,376 C:\WINNT\system32\mprdim.dll
2006-08-03 15:20 4,126 C:\WINNT\system32\msdxmlc.dll
2006-08-03 15:20 334,096 C:\WINNT\system32\MSGINA.DLL
2006-08-03 15:20 319,760 C:\WINNT\system32\msexcl40.dll
2006-08-03 15:20 24,848 C:\WINNT\system32\msdart32.dll
2006-08-03 15:20 236,304 C:\WINNT\system32\msclus.dll
2006-08-03 15:20 19,728 C:\WINNT\system32\mimefilt.dll
2006-08-03 15:20 169,232 C:\WINNT\system32\mobsync.dll
2006-08-03 15:20 146,192 C:\WINNT\system32\msdtcui.dll
2006-08-03 15:20 13,824 C:\WINNT\system32\mscpxl32.dLL
2006-08-03 15:20 111,376 C:\WINNT\system32\mobsync.exe
2006-08-03 15:20 108,816 C:\WINNT\system32\msafd.dll
2006-08-03 15:20 1,131,280 C:\WINNT\system32\msdtctm.dll
2006-08-03 15:20 1,015,859 C:\WINNT\system32\mfc42.dll
2006-08-03 15:20 1,011,764 C:\WINNT\system32\mfc42u.dll
2006-08-03 15:19 76,048 C:\WINNT\system32\mdhcp.dll
2006-08-03 15:19 66,320 C:\WINNT\system32\LOADPERF.DLL
2006-08-03 15:19 48,400 C:\WINNT\system32\loghours.dll
2006-08-03 15:19 43,792 C:\WINNT\system32\magnify.exe
2006-08-03 15:19 25,872 C:\WINNT\system32\LODCTR.EXE
2006-08-03 15:19 246,032 C:\WINNT\system32\localsec.dll
2006-08-03 15:19 20,240 C:\WINNT\system32\lpk.dll
2006-08-03 15:19 130,832 C:\WINNT\system32\logon.scr
2006-08-03 15:19 102,160 C:\WINNT\system32\mdminst.dll
2006-08-03 15:19 10,000 C:\WINNT\system32\lz32.dll
2006-08-03 15:15 92,032 C:\WINNT\system32\KRNL386.EXE
2006-08-03 15:15 73,488 C:\WINNT\system32\irmon.dll
2006-08-03 15:15 72,464 C:\WINNT\system32\isign32.dll
2006-08-03 15:15 69,904 C:\WINNT\system32\IPHLPAPI.DLL
2006-08-03 15:15 6,928 C:\WINNT\system32\KBDCA.DLL
2006-08-03 15:15 49,936 C:\WINNT\system32\ixsso.dll
2006-08-03 15:15 441,616 C:\WINNT\system32\ipnathlp.dll
2006-08-03 15:15 42,809 C:\WINNT\system32\key01.sys
2006-08-03 15:15 42,537 C:\WINNT\system32\KEYBOARD.SYS
2006-08-03 15:15 4,368 C:\WINNT\system32\IPROP.DLL
2006-08-03 15:15 374,032 C:\WINNT\system32\JET500.DLL
2006-08-03 15:15 212,752 C:\WINNT\system32\kerberos.dll
2006-08-03 15:15 159,504 C:\WINNT\system32\iprtrmgr.dll
2006-08-03 15:15 143,872 C:\WINNT\system32\itircl.dll
2006-08-03 15:15 122,368 C:\WINNT\system32\itss.dll
2006-08-03 15:14 97,040 C:\WINNT\system32\iasrad.dll
2006-08-03 15:14 96,528 C:\WINNT\system32\imm32.dll
2006-08-03 15:14 94,992 C:\WINNT\system32\FAXSVC.EXE
2006-08-03 15:14 92,944 C:\WINNT\system32\faxadmin.dll
2006-08-03 15:14 81,978 C:\WINNT\system32\hlink.dll
2006-08-03 15:14 80,144 C:\WINNT\system32\faxcom.dll
2006-08-03 15:14 77,584 C:\WINNT\system32\gpresult.exe
2006-08-03 15:14 76,560 C:\WINNT\system32\hotplug.dll
2006-08-03 15:14 75,536 C:\WINNT\system32\iasads.dll
2006-08-03 15:14 66,848 C:\WINNT\system32\HAL.DLL
2006-08-03 15:14 66,832 C:\WINNT\system32\inetpp.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iassvcs.dll
2006-08-03 15:14 60,176 C:\WINNT\system32\iasnap.dll
2006-08-03 15:14 6,416 C:\WINNT\system32\hccoin.dll
2006-08-03 15:14 55,568 C:\WINNT\system32\esentutl.exe
2006-08-03 15:14 50,448 C:\WINNT\system32\fdeploy.dll
2006-08-03 15:14 47,888 C:\WINNT\system32\EVENTLOG.DLL
2006-08-03 15:14 380,957 C:\WINNT\system32\expsrv.dll
2006-08-03 15:14 37,888 C:\WINNT\system32\hhsetup.dll
2006-08-03 15:14 305,424 C:\WINNT\system32\gpedit.dll
2006-08-03 15:14 294,672 C:\WINNT\system32\filemgmt.dll
2006-08-03 15:14 29,456 C:\WINNT\system32\INETMIB1.DLL
2006-08-03 15:14 28,944 C:\WINNT\system32\iasacct.dll
2006-08-03 15:14 269,584 C:\WINNT\system32\iassdo.dll
2006-08-03 15:14 25,872 C:\WINNT\system32\findstr.exe
2006-08-03 15:14 245,008 C:\WINNT\system32\icm32.dll
2006-08-03 15:14 243,472 C:\WINNT\explorer.exe
2006-08-03 15:14 233,744 C:\WINNT\system32\GDI32.DLL
2006-08-03 15:14 21,776 C:\WINNT\system32\HTICONS.DLL
2006-08-03 15:14 206,096 C:\WINNT\system32\infosoft.dll
2006-08-03 15:14 200,976 C:\WINNT\system32\FONTEXT.DLL
2006-08-03 15:14 20,752 C:\WINNT\system32\iasperf.dll
2006-08-03 15:14 187,152 C:\WINNT\system32\eudcedit.exe
2006-08-03 15:14 185,616 C:\WINNT\system32\faxt30.dll
2006-08-03 15:14 18,192 C:\WINNT\system32\hid.dll
2006-08-03 15:14 163,088 C:\WINNT\system32\h323msp.dll
2006-08-03 15:14 15,120 C:\WINNT\system32\faxdrv.dll
2006-08-03 15:14 138,000 C:\WINNT\system32\INITPKI.DLL
2006-08-03 15:14 138,000 C:\WINNT\system32\faxui.dll
2006-08-03 15:14 122,128 C:\WINNT\system32\idq.dll
2006-08-03 15:14 118,544 C:\WINNT\system32\gptext.dll
2006-08-03 15:14 100,624 C:\WINNT\system32\iassam.dll
2006-08-03 15:14 10,752 C:\WINNT\hh.exe
2006-08-03 15:14 1,135,376 C:\WINNT\system32\esent.dll
2006-08-03 15:13 92,944 C:\WINNT\system32\dskquota.dll
2006-08-03 15:13 92,432 C:\WINNT\system32\dnsrslvr.dll
2006-08-03 15:13 90,384 C:\WINNT\system32\CRYPTDLG.DLL
2006-08-03 15:13 76,048 C:\WINNT\system32\dfrgntfs.exe
2006-08-03 15:13 76,048 C:\WINNT\system32\cryptsvc.dll
2006-08-03 15:13 74,512 C:\WINNT\system32\dsauth.dll
2006-08-03 15:13 7,440 C:\WINNT\system32\control.exe
2006-08-03 15:13 625,936 C:\WINNT\system32\comuid.dll
2006-08-03 15:13 62,224 C:\WINNT\system32\dfrgfat.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\dllhst3g.exe
2006-08-03 15:13 5,904 C:\WINNT\system32\DLLHOST.EXE
2006-08-03 15:13 5,392 C:\WINNT\system32\CSRSS.EXE
2006-08-03 15:13 498,205 C:\WINNT\system32\dxmasf.dll
2006-08-03 15:13 479,504 C:\WINNT\system32\CRYPT32.DLL
2006-08-03 15:13 443,664 C:\WINNT\system32\CRYPTUI.DLL
2006-08-03 15:13 44,304 C:\WINNT\system32\cryptdll.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\dmutil.dll
2006-08-03 15:13 43,280 C:\WINNT\system32\CRYPTNET.DLL
2006-08-03 15:13 42,768 C:\WINNT\system32\dfrgsnap.dll
2006-08-03 15:13 41,744 C:\WINNT\system32\dsfolder.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbnmpntw.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsspxn.dll
2006-08-03 15:13 33,040 C:\WINNT\system32\dbmsadsn.dll
2006-08-03 15:13 316,176 C:\WINNT\system32\dmconfig.dll
2006-08-03 15:13 306,448 C:\WINNT\system32\dhcpmon.dll
2006-08-03 15:13 299,792 C:\WINNT\system32\dsprop.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dssec.dll
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsvinn.dLL
2006-08-03 15:13 28,944 C:\WINNT\system32\dbmsrpcn.dll
2006-08-03 15:13 27,097 C:\WINNT\system32\country.sys
2006-08-03 15:13 265,488 C:\WINNT\system32\dxmrtp.dll
2006-08-03 15:13 25,872 C:\WINNT\system32\conime.exe
2006-08-03 15:13 242,960 C:\WINNT\system32\cscui.dll
2006-08-03 15:13 24,848 C:\WINNT\system32\ds32gt.dll
2006-08-03 15:13 233,232 C:\WINNT\system32\es.dll
2006-08-03 15:13 221,968 C:\WINNT\system32\devmgr.dll
2006-08-03 15:13 22,800 C:\WINNT\system32\dfsshlex.dll
2006-08-03 15:13 219,920 C:\WINNT\system32\confmsp.dll
2006-08-03 15:13 174,864 C:\WINNT\system32\dmdlgs.dll
2006-08-03 15:13 163,600 C:\WINNT\system32\dmdskmgr.dll
2006-08-03 15:13 163,088 C:\WINNT\system32\dbghelp.dll
2006-08-03 15:13 16,144 C:\WINNT\system32\diskcopy.dll
2006-08-03 15:13 157,968 C:\WINNT\system32\els.dll
2006-08-03 15:13 157,456 C:\WINNT\system32\dsquery.dll
2006-08-03 15:13 147,728 C:\WINNT\system32\dmadmin.exe
2006-08-03 15:13 146,192 C:\WINNT\system32\dskquoui.dll
2006-08-03 15:13 145,680 C:\WINNT\system32\DSSBASE.DLL
2006-08-03 15:13 14,096 C:\WINNT\system32\diskperf.exe
2006-08-03 15:13 134,928 C:\WINNT\system32\dnsapi.dll
2006-08-03 15:13 13,072 C:\WINNT\system32\dmintf.dll
2006-08-03 15:13 122,368 C:\WINNT\system32\dmdskres.dll
2006-08-03 15:13 12,048 C:\WINNT\system32\dmserver.dll
2006-08-03 15:13 113,936 C:\WINNT\system32\DCOMCNFG.EXE
2006-08-03 15:13 110,864 C:\WINNT\system32\dsuiext.dll
2006-08-03 15:13 101,136 C:\WINNT\system32\cscdll.dll
2006-08-03 15:13 10,512 C:\WINNT\system32\dmremote.exe
2006-08-03 15:13 1,785,160 C:\WINNT\system32\dtcsetup.exe
2006-08-03 15:13 1,448,208 C:\WINNT\system32\comsvcs.dll
2006-08-03 15:12 96,016 C:\WINNT\system32\clbcatex.dll
2006-08-03 15:12 89,360 C:\WINNT\system32\comrepl.dll
2006-08-03 15:12 82,704 C:\WINNT\system32\cmnquery.dll
2006-08-03 15:12 8,976 C:\WINNT\system32\autolfn.exe
2006-08-03 15:12 78,608 C:\WINNT\system32\avifil32.dll
2006-08-03 15:12 78,096 C:\WINNT\system32\aclui.dll
2006-08-03 15:12 74,810 C:\WINNT\system32\atl.dll
2006-08-03 15:12 68,880 C:\WINNT\system32\browser.dll
2006-08-03 15:12 62,736 C:\WINNT\system32\adsmsext.dll
2006-08-03 15:12 61,712 C:\WINNT\system32\cliconfg.dll
2006-08-03 15:12 591,120 C:\WINNT\system32\catsrvut.dll
2006-08-03 15:12 568,592 C:\WINNT\system32\autofmt.exe
2006-08-03 15:12 55,568 C:\WINNT\system32\CLUSAPI.DLL
2006-08-03 15:12 510,224 C:\WINNT\system32\clbcatq.dll
2006-08-03 15:12 50,620 C:\WINNT\system32\command.com
2006-08-03 15:12 45,328 C:\WINNT\system32\cmstp.exe
2006-08-03 15:12 422,160 C:\WINNT\system32\certmgr.dll
2006-08-03 15:12 42,256 C:\WINNT\system32\BASESRV.DLL
2006-08-03 15:12 402,704 C:\WINNT\system32\cdonts.dll
2006-08-03 15:12 37,648 C:\WINNT\system32\colbact.dll
2006-08-03 15:12 37,136 C:\WINNT\system32\cliconfg.exe
2006-08-03 15:12 36,112 C:\WINNT\system32\cipher.exe
2006-08-03 15:12 31,504 C:\WINNT\system32\atmlib.dll
2006-08-03 15:12 3,856 C:\WINNT\system32\COMCAT.DLL
2006-08-03 15:12 291,888 C:\WINNT\system32\atmfd.dll
2006-08-03 15:12 236,304 C:\WINNT\system32\CMD.EXE
2006-08-03 15:12 23,824 C:\WINNT\system32\at.exe
2006-08-03 15:12 226,576 C:\WINNT\system32\avtapi.dll
2006-08-03 15:12 224,016 C:\WINNT\system32\appmgr.dll
2006-08-03 15:12 22,288 C:\WINNT\system32\cmutil.dll
2006-08-03 15:12 201,488 C:\WINNT\system32\adsnt.dll
2006-08-03 15:12 20,752 C:\WINNT\system32\batmeter.dll
2006-08-03 15:12 2,531,088 C:\WINNT\system32\cdosys.dll
2006-08-03 15:12 193,808 C:\WINNT\system32\cmdial32.dll
2006-08-03 15:12 182,032 C:\WINNT\system32\activeds.dll
2006-08-03 15:12 18,432 C:\WINNT\system32\cdm.dll
2006-08-03 15:12 166,160 C:\WINNT\system32\catsrv.dll
2006-08-03 15:12 164,112 C:\WINNT\system32\adsnds.dll
2006-08-03 15:12 159,807 C:\WINNT\system32\cmprops.dll
2006-08-03 15:12 156,944 C:\WINNT\system32\ciadmin.dll
2006-08-03 15:12 150,800 C:\WINNT\system32\accwiz.exe
2006-08-03 15:12 143,632 C:\WINNT\system32\ASYCFILT.DLL
2006-08-03 15:12 14,096 C:\WINNT\system32\atkctrs.dll
2006-08-03 15:12 135,440 C:\WINNT\system32\certcli.dll
2006-08-03 15:12 133,904 C:\WINNT\system32\adsldpc.dll
2006-08-03 15:12 130,832 C:\WINNT\system32\CLUSTER.EXE
2006-08-03 15:12 13,072 C:\WINNT\system32\CHKNTFS.EXE
2006-08-03 15:12 127,760 C:\WINNT\system32\capesnpn.dll
2006-08-03 15:12 125,712 C:\WINNT\system32\adsldp.dll
2006-08-03 15:12 120,592 C:\WINNT\system32\appmgmts.dll
2006-08-03 15:12 112,400 C:\WINNT\system32\adsnw.dll
2006-08-02 21:19 2,146,304 C:\WINNT\UNNMP.exe
2006-08-02 21:17 155,648 C:\WINNT\system32\NeroCheck.exe
2006-08-02 21:16 82,432 C:\WINNT\system32\drmstor.dll
2006-08-02 21:16 301,712 C:\WINNT\system32\drmclien.dll
2006-08-02 21:16 2,023,424 C:\WINNT\UNNeroVision.exe
2006-08-02 21:15 476,320 C:\WINNT\system32\ImagXpr7.dll
2006-08-02 21:15 471,040 C:\WINNT\system32\ImagXRA7.dll
2006-08-02 21:15 38,912 C:\WINNT\system32\picn20.dll
2006-08-02 21:15 364,544 C:\WINNT\system32\TwnLib4.dll
2006-08-02 21:15 262,144 C:\WINNT\system32\ImagXR7.dll
2006-08-02 21:15 106,496 C:\WINNT\system32\TwnLib20.dll
2006-08-02 21:15 1,568,768 C:\WINNT\system32\ImagX7.dll
2006-08-02 19:21 98,816 C:\WINNT\system32\dmstyle.dll
2006-08-02 19:21 937,984 C:\WINNT\system32\dxdiag.exe
2006-08-02 19:21 854,528 C:\WINNT\system32\Ltwvc12n.dll
2006-08-02 19:21 80,896 C:\WINNT\system32\dpvsetup.exe
2006-08-02 19:21 797,184 C:\WINNT\system32\d3dim700.dll
2006-08-02 19:21 78,336 C:\WINNT\system32\LFFAX12n.DLL
2006-08-02 19:21 77,824 C:\WINNT\system32\dpmodemx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dpwsockx.dll
2006-08-02 19:21 76,800 C:\WINNT\system32\dmscript.dll
2006-08-02 19:21 733,184 C:\WINNT\system32\qedwipes.dll
2006-08-02 19:21 723,968 C:\WINNT\system32\dpnet.dll
2006-08-02 19:21 7,168 C:\WINNT\system32\d3d8thk.dll
2006-08-02 19:21 68,096 C:\WINNT\system32\dpnhupnp.dll
2006-08-02 19:21 664,576 C:\WINNT\system32\dinput8.dll
2006-08-02 19:21 645,120 C:\WINNT\system32\dinput.dll
2006-08-02 19:21 64,512 C:\WINNT\system32\amstream.dll
2006-08-02 19:21 602,624 C:\WINNT\system32\dx7vb.dll
2006-08-02 19:21 591,120 C:\WINNT\system32\d3dramp.dll
2006-08-02 19:21 58,368 C:\WINNT\system32\dmcompos.dll
2006-08-02 19:21 53,248 C:\WINNT\system32\SONYHCY.DLL
2006-08-02 19:21 491,520 C:\WINNT\system32\dsdmoprp.dll
2006-08-02 19:21 49,424 C:\WINNT\system32\d3dxof.dll
2006-08-02 19:21 480,256 C:\WINNT\system32\msvidctl.dll
2006-08-02 19:21 47,104 C:\WINNT\system32\wstdecod.dll
2006-08-02 19:21 459,264 C:\WINNT\system32\diactfrm.dll
2006-08-02 19:21 449,024 C:\WINNT\system32\qdvd.dll
2006-08-02 19:21 446,224 C:\WINNT\system32\d3dim.dll
2006-08-02 19:21 44,544 C:\WINNT\system32\dxdllreg.exe
2006-08-02 19:21 44,032 C:\WINNT\system32\dimap.dll
2006-08-02 19:21 43,008 C:\WINNT\system32\lfgif12n.dll
2006-08-02 19:21 41,472 C:\WINNT\system32\LTTWN12n.DLL
2006-08-02 19:21 406,528 C:\WINNT\system32\LTKRN12n.DLL
2006-08-02 19:21 4,096 C:\WINNT\system32\ksuser.dll
2006-08-02 19:21 381,952 C:\WINNT\system32\dpvoice.dll
2006-08-02 19:21 37,648 C:\WINNT\system32\d3dpmesh.dll
2006-08-02 19:21 364,816 C:\WINNT\system32\d3drm.dll
2006-08-02 19:21 355,328 C:\WINNT\system32\dsound.dll
2006-08-02 19:21 354,816 C:\WINNT\system32\psisdecd.dll
2006-08-02 19:21 34,304 C:\WINNT\system32\mciqtz32.dll
2006-08-02 19:21 33,280 C:\WINNT\system32\dmloader.dll
2006-08-02 19:21 324,096 C:\WINNT\system32\mswebdvd.dll
2006-08-02 19:21 32,768 C:\WINNT\system32\dpnhpast.dll
2006-08-02 19:21 314,880 C:\WINNT\system32\LFCMP12n.DLL
2006-08-02 19:21 311,808 C:\WINNT\system32\qdv.dll
2006-08-02 19:21 31,744 C:\WINNT\system32\pid.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnlobby.dll
2006-08-02 19:21 3,072 C:\WINNT\system32\dpnaddr.dll
2006-08-02 19:21 284,160 C:\WINNT\system32\ddraw.dll
2006-08-02 19:21 28,160 C:\WINNT\system32\dplaysvr.exe
2006-08-02 19:21 278,528 C:\WINNT\system32\LTDIS12n.DLL
2006-08-02 19:21 27,136 C:\WINNT\system32\dmband.dll
2006-08-02 19:21 257,024 C:\WINNT\system32\qcap.dll
2006-08-02 19:21 25,600 C:\WINNT\system32\lfavi12n.dll
2006-08-02 19:21 227,840 C:\WINNT\system32\LTEFX12n.DLL
2006-08-02 19:21 217,600 C:\WINNT\system32\dplayx.dll
2006-08-02 19:21 206,336 C:\WINNT\system32\gcdef.dll
2006-08-02 19:21 19,968 C:\WINNT\system32\dpvacm.dll
2006-08-02 19:21 186,880 C:\WINNT\system32\dsdmo.dll
2006-08-02 19:21 18,944 C:\WINNT\system32\encapi.dll
2006-08-02 19:21 18,432 C:\WINNT\system32\dswave.dll
2006-08-02 19:21 171,520 C:\WINNT\system32\dmime.dll
2006-08-02 19:21 166,400 C:\WINNT\system32\LTIMG12n.DLL
2006-08-02 19:21 16,896 C:\WINNT\system32\msyuv.dll
2006-08-02 19:21 16,896 C:\WINNT\system32\dpnsvr.exe
2006-08-02 19:21 155,648 C:\WINNT\system32\LFTIF12n.DLL
2006-08-02 19:21 132,608 C:\WINNT\system32\devenum.dll
2006-08-02 19:21 13,312 C:\WINNT\system32\msdmo.dll
2006-08-02 19:21 122,368 C:\WINNT\system32\LTFIL12n.DLL
2006-08-02 19:21 121,856 C:\WINNT\system32\lfmpg12n.dll
2006-08-02 19:21 116,736 C:\WINNT\system32\dmusic.dll
2006-08-02 19:21 112,128 C:\WINNT\system32\dpvvox.dll
2006-08-02 19:21 100,864 C:\WINNT\system32\dmsynth.dll
2006-08-02 19:21 1,962,496 C:\WINNT\system32\quartz.dll
2006-08-02 19:21 1,798,144 C:\WINNT\system32\qedit.dll
2006-08-02 19:21 1,675,264 C:\WINNT\system32\dxdiagn.dll
2006-08-02 19:21 1,634,304 C:\WINNT\system32\d3d9.dll
2006-08-02 19:21 1,294,336 C:\WINNT\system32\dsound3d.dll
2006-08-02 19:21 1,189,888 C:\WINNT\system32\dx8vb.dll
2006-08-02 19:21 1,177,600 C:\WINNT\system32\d3d8.dll
2006-08-02 18:26 91,408 C:\WINNT\system32\hpscnmgr.dll
2006-08-02 18:26 240,912 C:\WINNT\system32\hposcl10.dll
2006-08-02 18:26 10,000 C:\WINNT\system32\hpousd10.dll
2006-08-02 10:32 499,712 C:\WINNT\system32\msvcp71.dll
2006-08-02 10:32 348,160 C:\WINNT\system32\msvcr71.dll
2006-08-02 10:31 306,688 C:\WINNT\IsUninst.exe
2006-08-02 10:18 53,248 C:\WINNT\system32\IntelCdi.dll
2006-08-02 10:18 172,032 C:\WINNT\system32\intelmoh.dll
2006-08-01 22:18 708,608 C:\WINNT\system32\CDDBUIRoxio.dll
2006-08-01 22:18 569,344 C:\WINNT\system32\CDDBControlRoxio.dll
2006-08-01 22:18 49,152 C:\WINNT\system32\INETWH32.dll
2006-08-01 21:56 997,888 C:\WINNT\system32\wmvdmoe2.dll
2006-08-01 21:56 981,504 C:\WINNT\system32\wmnetmgr.dll
2006-08-01 21:56 98,304 C:\WINNT\system32\wmpshell.dll
2006-08-01 21:56 892,416 C:\WINNT\system32\wmspdmoe.dll
2006-08-01 21:56 816,264 C:\WINNT\system32\wmvdmod.dll
2006-08-01 21:56 81,408 C:\WINNT\system32\logagent.exe
2006-08-01 21:56 760,968 C:\WINNT\system32\wmsdmod.dll
2006-08-01 21:56 7,680 C:\WINNT\system32\asferror.dll
2006-08-01 21:56 678,912 C:\WINNT\system32\drmv2clt.dll
2006-08-01 21:56 670,208 C:\WINNT\system32\wmadmoe.dll
2006-08-01 21:56 6,656 C:\WINNT\system32\laprxy.dll
2006-08-01 21:56 57,344 C:\WINNT\uneng.exe
2006-08-01 21:56 52,224 C:\WINNT\system32\mspmsnsv.dll
2006-08-01 21:56 49,152 C:\WINNT\system32\cdrtc.dll
2006-08-01 21:56 486,536 C:\WINNT\system32\wmspdmod.dll
2006-08-01 21:56 45,056 C:\WINNT\system32\cdral.dll
2006-08-01 21:56 410,248 C:\WINNT\system32\wmadmod.dll
2006-08-01 21:56 384,512 C:\WINNT\system32\mp4sdmod.dll
2006-08-01 21:56 358,912 C:\WINNT\system32\msscp.dll
2006-08-01 21:56 316,040 C:\WINNT\system32\mp43dmod.dll
2006-08-01 21:56 27,136 C:\WINNT\system32\wmdmlog.dll
2006-08-01 21:56 253,952 C:\WINNT\system32\msnetobj.dll
2006-08-01 21:56 245,760 C:\WINNT\system32\mswmdm.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\qasf.dll
2006-08-01 21:56 241,664 C:\WINNT\system32\mpg4dmod.dll
2006-08-01 21:56 232,960 C:\WINNT\system32\blackbox.dll
2006-08-01 21:56 23,552 C:\WINNT\system32\wmdmps.dll
2006-08-01 21:56 225,280 C:\WINNT\system32\wmpdxm.dll
2006-08-01 21:56 218,112 C:\WINNT\system32\wmasf.dll
2006-08-01 21:56 201,728 C:\WINNT\system32\mspmsp.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpui.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcore.dll
2006-08-01 21:56 20,480 C:\WINNT\system32\wmpcd.dll
2006-08-01 21:56 2,940,928 C:\WINNT\system32\wmploc.dll
2006-08-01 21:56 2,058,888 C:\WINNT\system32\wmvcore.dll
2006-08-01 21:56 167,936 C:\WINNT\system32\wmerror.dll
2006-08-01 21:56 159,232 C:\WINNT\system32\CEWMDM.dll
2006-08-01 21:56 143,360 C:\WINNT\system32\wmidx.dll
2006-08-01 21:56 106,496 C:\WINNT\system32\wmpasf.dll
2006-08-01 21:56 1,111,040 C:\WINNT\system32\wmsdmoe2.dll
2006-08-01 18:33 393,968 C:\WINNT\system32\s3t3d2x.dll
2006-08-01 18:21 131,072 C:\WINNT\system32\mapi32.dll
2006-08-01 18:21 0 C:\MSDOS.SYS
2006-08-01 18:21 0 C:\IO.SYS
2006-08-01 18:21 0 C:\CONFIG.SYS
2006-08-01 18:21 0 C:\AUTOEXEC.BAT
2006-08-01 18:20 63,248 C:\WINNT\system32\ils.dll
2006-08-01 18:20 57,104 C:\WINNT\system32\icwdial.dll
2006-08-01 18:20 53,520 C:\WINNT\system32\msconf.dll
2006-08-01 18:20 5,904 C:\WINNT\system32\icfgnt5.dll
2006-08-01 18:20 49,424 C:\WINNT\system32\icwphbk.dll
2006-08-01 18:20 32,880 C:\WINNT\system32\mnmdd.dll
2006-08-01 18:20 3,072 C:\WINNT\system32\nmevtmsg.dll
2006-08-01 18:20 251,152 C:\WINNT\system32\inetcfg.dll
2006-08-01 18:20 21,776 C:\WINNT\system32\mnmsrvc.exe
2006-08-01 18:20 12,560 C:\WINNT\system32\nmmkcert.dll
2006-08-01 18:20 10,000 C:\WINNT\system32\mstinit.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.711.1664\\GoogleToolbarNotifier.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{8838875F-02BA-1033-0104-020315990001}"="\"C:\\Program Files\\Common Files\\{8838875F-02BA-1033-0104-020315990001}\\Update.exe\" mc-110-12-0000103"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000003
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="C:\\Program Files\\Internet Explorer\\kybepid.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="C:\\Program Files\\Accessories\\hoxymabyb.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,58,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f0,01,00,00,1f,00,00,00,80,00,00,00,76,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
DisableTaskMgr REG_DWORD 1 (0x1)
DisableRegistryTools REG_DWORD 0 (0x0)



Contents of the 'Scheduled Tasks' folder

Completion time: Fri 08/18/2006 10:42:20.97
ComboFix ver 06.07.15/30 - This logfile is located at C:\ComboFix.txt

ComboFix.2006-08-15.130340.txt
ComboFix.2006-08-18.104213.txt


OK, I have another question, when I hit ctrl-alt-delete to go to task manager, that button is not working anymore, it's like I can't get to the task manager at all. Could I have deleted that by accident or something? Thanks again!!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users