Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop Items And Start Button Not Appearing, Infected With Virus, Adwares, Spywares, Popups


  • Please log in to reply
24 replies to this topic

#1 rody

rody

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 06 April 2007 - 08:10 PM

Hello, i've got a serious problem here. :huh: :huh: :huh:

My computer has been infected with so many adwares/spywares/viruses that i've spent the past 7+ hours dealing with it!


There are way too many things that i wanted to say..
hmm.. i've taken down the virus/adwares/trojans along the way when im doin scannin, and i hope it helps
:thumbsup:




First of all, when the computer get started up, the desktop items cannot be seen, same goes to the Start Menu. So only the wallpaper is shown. So i've trouble acessing programs and files....

The only way for me to get access to the programs (spybot, ad-aware, etc) is that i do a ctrl+alt+delete, then file>new task>browse programs ....

While im using the internet, there are many popouts too (Chinese site.. there are also unknown Chinese search toolbar appearing in my IE)



Spybot Search & Destroy
- many infected items
- VX2.a (Adware/Spyware/BHO) could not be deleted even though i restart the computer and run the program again
- WSearch kept appearing even though i've deleted it?



Ad-Aware
- more than 350 items are found
- viruses are found (Win32.Trojan - PSW.Lineage)
- ToolBarDeepDive (cdnns.dll)
- CNNIC
- BDSearch Plugin kept appearing even though i've deleted them again and again



A squared Free
I've also used A squared Free program and i think it works very well because it has detected 150++ items for me.. I didnt delete all of them as most of them are registry items, im not sure if it's ok to delete items myself?
Mostly infected with: CNNIC, delcuwiz.ini, cpush
Now im left with: Radlight, iexplore5.exe, mirc.exe to be deleted.



Windows Task Manager
- There are many weird processes running, like cdnup.exe, rundll2000.exe, rundll32.exe, wsttrks.exe, wsttrs.exe, temp.exe, wdfmgr.exe (<< not sure if it's bad file)
- I've done a search on wsttrks.exe but couldnt find anything bout it. I suspect this process has got to do with the missing desktop items, or i wonder if ending the processes freely in Task Manager got to do with it?




For now, my computer could not shut down or restart since the Start Menu is not visible. I wonder is there other way to do that?





My logfile is as follows, please take a look ! :flowers: :huh:



Logfile of HijackThis v1.99.1
Scan saved at 8:26:06 PM, on 4/6/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\Windows\wsttrks.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesear...esearch-en.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customse...msearch-en.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: Advance Helper - {8E25AC4A-B129-451B-BEE2-3B510BB751DA} - C:\Windows\System32\NTDLL32.dll
O2 - BHO: IE Browser Helper - {D0903A3B-F0EA-434a-9742-98C5335C7946} - C:\Windows\System32\IEHelper.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\Windows\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\Windows\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\Windows\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AutoLogon] regedit.exe /s \appl.zip\WXPPUPTW\logon.reg
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Ati Display] ~.exe
O4 - HKLM\..\Run: [mppds] C:\Windows\mppds.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\Temp\iexplore2.exe
O4 - HKLM\..\Run: [IEBarUp] RunDll32 "C:\Windows\System32\NTUP1.dll",Run
O4 - HKLM\..\Run: [upxjdnd] C:\WINDOWS\Temp\iexplore3.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [Desktop] "C:\Windows\System32\internet.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Internet] "C:\Windows\system32\internet.exe"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [wsttrs] C:\Windows\wsttrs.exe
O4 - HKLM\..\RunOnce: [ztjvu] %systemroot%\system32\Rundll32.exe %systemroot%\system32\ztjvu.dll,DllUnregisterServer
O4 - HKLM\..\RunOnce: [wsttrks] C:\Windows\wsttrks.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Access Internet Keyword - C:\Program Files\CNNIC\Cdn\cnnic.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O11 - Options group: [CDNCLIENT] Chinese Navigation
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\Windows\System32\NTDLL32.dll
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxsrvc.dll
O21 - SSODL: wbwk - {12311512-2C1D-44b2-A044-872AD2AD5A61} - C:\PROGRA~1\ryaq\ssbr.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: System Event Logger (NHLscA) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE (file missing)
O23 - Service: WebPrint - Unknown owner - c:\windows\system32\webprint.exe


Thank You!

BC AdBot (Login to Remove)

 


#2 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:53 PM

Posted 07 April 2007 - 07:12 AM

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

Greets Jürgenv

Donation: Click me.

#3 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 10:39 AM

hi jurgenv thanks for the reply :huh:


Just to let you know,
there is this thing that pop outs several times and it says to download this registrycleaner thing, the site is www.registrycleanerxp.com . I realised that my brother had actually dowloaded it some days ago :thumbsup:


As for the missing desktop items and Start Menu, just to let you know that he (brother) has been going to the Task Manager to end the process of wsttrks.exe or wsttrs.exe to let the desktop items to show up, and it works. Im just wondering by ending process freely - is THIS Ok?


the computer has been getting bad :flowers:



For now i'll proceed to the steps you had given, will post back soon

#4 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 11:05 AM

so i've run the RunThis.bat file, type Y, and there goes the cleanup thing. And after 100%, pressed any key to reboot the computer.

But im stuck at this step in bold:


Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.



Upon rebooting, the pc is back to the Safe Mode screen. When it's loaded completely, however nothin happens, the Fixtool didnt run itself/continue or anything.

It is suppose to continue to run itself after rebooting, is it?
It dont though?

Edited by rody, 07 April 2007 - 11:08 AM.


#5 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:53 PM

Posted 07 April 2007 - 11:08 AM

You have to start it in normal mode... :thumbsup:
Greets Jürgenv

Donation: Click me.

#6 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 11:20 AM

1) It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.

2) Press any Key and it will restart the PC.

3) When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.


That is because after i press any key in 2) it auto reboots itself in Safe Mode, it didnt allow me to choose





Anyway i've restarted in normal mode.... but still.... nothin happens?

#7 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:53 PM

Posted 07 April 2007 - 11:26 AM

* First download AVG Anti-Spyware 7.5 from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware 7.5, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware 7.5 and update the definition files.
  • Run AVG Anti-Spyware
  • From the main AVG Anti-Spyware screen, click on Update, then click the Start update button.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports
  • Select "Automatically generate report after every scan"
  • Un-Select "Only if threats were found"
[/list]Close AVG Anti-Spyware 7.5, Do Not run a scan just yet, we will shortly.

* If you do not already have Ad-Aware SE 1.06 installed, follow these download and setup instructions. Also check for updates:
Ad-Aware SE Setup
Again, do NOT run a scan yet.


* Next, please reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.
* Next, run Ad-aware and perform a full scan. Remove everything found.
  • Lauch AVG Anti-Spyware 7.5 by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware 7.5 will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
* Restart your computer in normal mode.

* Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

* After that, post a new hijackthis log here with the report of AVG antispyware.
Greets Jürgenv

Donation: Click me.

#8 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 01:31 PM

im done. AVG Anti-spyware detects so many infected items :thumbsup:


just to let you know, after i restart my computer to normal mode, there is this box that pops out and only the word 'rundll' is shown and then it disappears....

the desktop items and Start Menu are still not visible.

In AVG Anti-Spyware, there is an error while quarantine.. this is the one:
C:\WINDOWS\system32\drivers\opmte.sys -> Rootkit.NtRootKit : Error during cleaning.











---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 2:15:43 AM 4/8/2007

+ Scan result:



C:\WINDOWS\Downloaded Program Files\838480\NTDLL32.dll -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\850945\NTDLL32.dll -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\73.tmp -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\IEHelper.dll -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\IEHelper.dll.txtmp -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NTDLL32.dll -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NTDLL32.dll.txtmp -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\system32\internet.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\32CE5787.exe -> Adware.BHO : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\insshell1480\insshell_1480.exe -> Adware.Boran : Cleaned with backup (quarantined).
C:\Program Files\mwvl\blna.dll -> Adware.Boran : Cleaned with backup (quarantined).
C:\Program Files\mwvl\wgiv.dll -> Adware.Boran : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\cdnswp.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\imaoe.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\wmhlpr.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\uninrest.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1F\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1F\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1F\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\37\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\37\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\37\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\46\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\46\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\46\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnaux.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnforie.dll -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnprh.dll -> Adware.CDN : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnunins.exe -> Adware.Cdn : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnup.exe -> Adware.CDN : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\00022354.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\00025650.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\00615806.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\01032614.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\01221519.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\01428060.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\01756366.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\01808065.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\03001288.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\03126687.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\03615988.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\03693085.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\03724181.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\04016992.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\04313699.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\04718695.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\04807295.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\cdnrenew.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\temp.frAAF2\Cdn\cdnsign.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\C1QN4DMR\zs[1].exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\00521758.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\01264765.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\04604694.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1F\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\37\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\46\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnins.dll -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\iexplore9.exe -> Adware.Cdnup : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\STE7CX6B\dm[1].exe -> Adware.WSearch : Cleaned with backup (quarantined).
C:\WINDOWS\system32\NTUP1.dll -> Adware.WSearch : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wbem\ocmor.dll -> Downloader.QQHe.ft : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\125\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\13\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\15\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1B\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1C\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1E\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\1F\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\21\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2D\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\2E\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\37\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\3D\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\40\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\46\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\47\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\4C\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\53\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\55\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\5D\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\62\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\65\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\6E\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\77\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\78\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\7A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\81\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\8\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9F\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\9\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A3\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\AD\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\A\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\B7\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\CE\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D8\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\D\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\E7\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\F4\cdnprot.sys -> Downloader.Small.npa : Cleaned with backup (quarantined).
C:\WINDOWS\system32\drivers\opmte.sys -> Rootkit.NtRootKit : Error during cleaning.
C:\WINDOWS\system32\drivers\mspcidrv.sys -> Trojan.Ntrootkit.d : Cleaned with backup (quarantined).
C:\Documents and Settings\J.P_Yang\Local Settings\Temp\upxjdnd.exe -> Trojan.OnLineGames.es : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OP6FGXAZ\r[1].exe -> Trojan.OnLineGames.es : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\C1QN4DMR\w[1].exe -> Trojan.OnLineGames.mp : Cleaned with backup (quarantined).
C:\WINDOWS\mppds.exe -> Trojan.OnLineGames.mp : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mppds.dll -> Trojan.OnLineGames.mp : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\upxdnd.dll -> Trojan.OnLineGames.nb : Cleaned with backup (quarantined).


::Report end





















Logfile of HijackThis v1.99.1
Scan saved at 2:27:49 AM, on 4/8/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\wsttrs.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Windows\System32\taskmgr.exe
C:\Windows\System32\svchost.exe
C:\Documents and Settings\J.P_Yang\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll (file missing)
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Advance Helper - {8E25AC4A-B129-451B-BEE2-3B510BB751DA} - C:\Windows\System32\NTDLL32.dll
O2 - BHO: IE Browser Helper - {D0903A3B-F0EA-434a-9742-98C5335C7946} - C:\Windows\System32\IEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\Windows\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\Windows\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\Windows\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AutoLogon] regedit.exe /s \appl.zip\WXPPUPTW\logon.reg
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Ati Display] ~.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\Temp\iexplore2.exe
O4 - HKLM\..\Run: [IEBarUp] RunDll32 "C:\Windows\System32\NTUP1.dll",Run
O4 - HKLM\..\Run: [Desktop] "C:\Windows\System32\internet.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [ztjvu] %systemroot%\system32\Rundll32.exe %systemroot%\system32\ztjvu.dll,DllUnregisterServer
O4 - HKLM\..\RunOnce: [wsttrs] C:\Windows\wsttrs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\Windows\System32\NTDLL32.dll
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxsrvc.dll
O21 - SSODL: wbwk - {12311512-2C1D-44b2-A044-872AD2AD5A61} - C:\PROGRA~1\ryaq\ssbr.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: System Event Logger (NHLscA) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE (file missing)
O23 - Service: WebPrint - Unknown owner - c:\windows\system32\webprint.exe (file missing)




Thanks!

#9 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:53 PM

Posted 07 April 2007 - 05:13 PM

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply with a new hijackthis log

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Greets Jürgenv

Donation: Click me.

#10 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 05:30 PM

Glad to see your here! i was goin to shut down my computer then i see your reply
Thanks, i'll try it out now



i just realised something!

each time i end process (wsttrs.exe or wsttrks.exe) in Task Manager, other bad/weird processes like ctfmon.exe or igfxtray.exe or rundll32.exe or rundlll2000.exe will appear in my Task Manager.... and when i access the internet i will get popouts or weird message boxes.

The reason i end process (wsttrs.exe or wsttrks.exe) is that so i could see my desktop items and Start Menu (to shut down my computer, i've no other choice to do that?) :thumbsup:


i'll try it now

#11 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 05:54 PM

im back with new logfiles


After the ComboFix log is shown, there is this message box that says 'Windows cannot find 'c:\windows\wsttrs.exe' ---- not sure if it has to do with me ending its process just now, so it's hiding somewhere






"J.P_Yang" - 07-04-08 6:44:08 Service Pack 1
ComboFix 07-04-05 - Running from: "C:\Documents and Settings\J.P_Yang\Desktop"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\system32\eeeeee.ini
C:\Windows\system32\eeeeee1.ini
C:\Documents and Settings\J.P_Yang\Desktop\My Pictures\Randy Pics\_desktop.ini
C:\Windows\system32\wbem\bvprn.dll
C:\Windows\system32\wbem\gtksh.dll
C:\Windows\system32\wbem\lcigp.dll
C:\Windows\system32\wbem\lpkgn.dll
C:\Windows\system32\wbem\lsbgc.dll
C:\Windows\system32\wbem\mdsxo.dll
C:\Windows\system32\wbem\mzbjd.dll
C:\Windows\system32\wbem\njjiy.dll
C:\Windows\system32\wbem\oacpm.dll
C:\Windows\system32\wbem\oeixt.dll
C:\Windows\system32\wbem\pdepo.dll
C:\Windows\system32\wbem\qalge.dll
C:\Windows\system32\wbem\qsgcn.dll
C:\Windows\system32\wbem\tdkjs.dll
C:\Windows\system32\wbem\trtqq.dll
C:\Windows\system32\wbem\tvzzr.dll
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Microsoft\PCTools\pctools.dll
C:\Program Files\superutilbar\superutilbar.dll
C:\Program Files\superutilbar\uninst.exe
C:\WINDOWS\DOWNLO~1.\850945\SHLWAPI32.DLL
C:\Windows\system32\advport.dll
C:\Windows\system32\d3d1caps.srg
C:\Windows\system32\drivers\acpidisk.sys
C:\Windows\system32\mprmsgse.axz
C:\Windows\system32\mscpx32r.det
C:\Windows\system32\score.txt
C:\Windows\system32\sinfo.ini
C:\Windows\bar.exe
C:\Windows\temp\~my1.tmp
C:\Windows\system32\usrinit.exe
C:\Windows\system32\wsttrs.dll
C:\Windows\wsttrs.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Microsoft\PCTools
C:\Program Files\superutilbar
C:\Windows\temp\cache
C:\WINDOWS\DOWNLO~1.\850945
C:\Windows\system32\drivers\opmte.sys
C:\WINDOWS\DOWNLO~1.\838480


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\acpidisk
-------\Framework
-------\Internet Connection Manager
-------\mspath
-------\mspcidrv
-------\msqmx
-------\opmte
-------\ubdt
-------\LEGACY_ACPIDISK
-------\LEGACY_FRAMEWORK
-------\LEGACY_INTERNET_CONNECTION_MANAGER
-------\LEGACY_MSPCIDRV
-------\LEGACY_MSQMX
-------\LEGACY_OPMTE
-------\LEGACY_UBDT


((((((((((((((((((((((((((((((( Files Created from 2007-03-08 to 2007-04-08 ))))))))))))))))))))))))))))))))))


2007-04-08 00:43 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-07 23:53 0 -rahs---- C:\MSDOS.SYS
2007-04-07 23:53 0 -rahs---- C:\IO.SYS
2007-04-07 23:49 <DIR> d-------- C:\WINDOWS\pss
2007-04-07 11:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-04-06 19:09 <DIR> d-------- C:\Program Files\a-squared Free
2007-04-06 18:21 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-06 16:42 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-06 16:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-06 15:38 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Lavasoft
2007-04-06 15:37 <DIR> d-------- C:\Program Files\Lavasoft
2007-04-06 14:25 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2007-04-06 14:25 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-04-06 14:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-06 12:27 19,456 --a------ C:\WINDOWS\wsttrks.exe
2007-04-06 12:27 12,288 --a------ C:\WINDOWS\system32\wsttrks.dll
2007-04-05 21:02 <DIR> d---s---- C:\DOCUME~1\J578B~1.P_Y\UserData
2007-04-05 10:06 1,743 --a------ C:\DOCUME~1\J578B~1.P_Y\hissys.dat
2007-04-05 07:24 <DIR> d-------- C:\Program Files\mwvl
2007-04-03 09:05 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\OpenOffice.org2
2007-04-02 01:56 151,552 --a------ C:\WINDOWS\system32\igfxres.dll
2007-04-02 01:56 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-02 01:56 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Adobe
2007-04-02 01:55 <DIR> d--hs---- C:\WINDOWS\CSC
2007-04-02 01:51 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-04-02 01:51 <DIR> d-------- C:\WINDOWS\ehome
2007-04-02 01:49 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-02 01:49 86,528 --a------ C:\WINDOWS\system32\wlnotify.dll
2007-04-02 01:49 86,016 --a------ C:\WINDOWS\system32\xactsrv.dll
2007-04-02 01:49 77,824 --------- C:\WINDOWS\system32\wmpstub.exe
2007-04-02 01:49 56,832 --------- C:\WINDOWS\system32\wzcdlg.dll
2007-04-02 01:49 51,200 --------- C:\WINDOWS\system32\wmerrenu.dll
2007-04-02 01:49 446,464 --------- C:\WINDOWS\system32\wmvdmoe.dll
2007-04-02 01:49 38,912 --------- C:\WINDOWS\system32\wsnmp32.dll
2007-04-02 01:49 316,416 --------- C:\WINDOWS\system32\zipfldr.dll
2007-04-02 01:49 311,327 --------- C:\WINDOWS\system32\wmv8dmod.dll
2007-04-02 01:49 296,448 --------- C:\WINDOWS\system32\wmstream.dll
2007-04-02 01:49 264,704 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-04-02 01:49 247,808 --a------ C:\WINDOWS\system32\wow32.dll
2007-04-02 01:49 23,552 --------- C:\WINDOWS\system32\wzcsapi.dll
2007-04-02 01:49 189,440 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-02 01:49 172,664 --------- C:\WINDOWS\system32\xenroll.dll
2007-04-02 01:49 17,408 --a------ C:\WINDOWS\system32\wtsapi32.dll
2007-04-02 01:49 139,776 --------- C:\WINDOWS\system32\wuauclt.exe
2007-04-02 01:49 13,312 --------- C:\WINDOWS\system32\wship6.dll
2007-04-02 01:49 118,784 --------- C:\WINDOWS\system32\wmsdmoe.dll
2007-04-02 01:48 60,416 --------- C:\WINDOWS\system32\wextract.exe
2007-04-02 01:48 48,128 --a------ C:\WINDOWS\system32\winsta.dll
2007-04-02 01:48 266,752 --------- C:\WINDOWS\winhlp32.exe
2007-04-02 01:48 171,520 --a------ C:\WINDOWS\system32\winmm.dll
2007-04-02 01:48 168,448 --a------ C:\WINDOWS\system32\wldap32.dll
2007-04-02 01:48 124,928 --------- C:\WINDOWS\system32\webvw.dll
2007-04-02 01:48 119,808 --------- C:\WINDOWS\system32\wiadss.dll
2007-04-02 01:47 61,952 --a------ C:\WINDOWS\system32\webclnt.dll
2007-04-02 01:47 48,640 --------- C:\WINDOWS\system32\vdmredir.dll
2007-04-02 01:47 479,261 --------- C:\WINDOWS\system32\vbscript.dll
2007-04-02 01:47 409,088 --a------ C:\WINDOWS\system32\vssapi.dll
2007-04-02 01:47 165,376 --a------ C:\WINDOWS\system32\w32time.dll
2007-04-02 01:47 16,384 --------- C:\WINDOWS\system32\watchdog.sys
2007-04-02 01:46 9,856 --------- C:\WINDOWS\system32\drivers\tunmp.sys
2007-04-02 01:46 88,064 --------- C:\WINDOWS\system32\tscfgwmi.dll
2007-04-02 01:46 81,920 --a------ C:\WINDOWS\system32\trkwks.dll
2007-04-02 01:46 71,168 --------- C:\WINDOWS\system32\telnet.exe
2007-04-02 01:46 47,616 --------- C:\WINDOWS\system32\utilman.exe
2007-04-02 01:46 40,960 --------- C:\WINDOWS\system32\tscupgrd.exe
2007-04-02 01:46 384,000 --a------ C:\WINDOWS\system32\themeui.dll
2007-04-02 01:46 339,456 --a------ C:\WINDOWS\system32\usp10.dll
2007-04-02 01:46 32,256 --------- C:\WINDOWS\system32\umandlg.dll
2007-04-02 01:46 231,424 --------- C:\WINDOWS\system32\upnpui.dll
2007-04-02 01:46 22,016 --------- C:\WINDOWS\system32\udhisapi.dll
2007-04-02 01:46 203,264 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-04-02 01:46 200,192 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-02 01:46 164,864 --------- C:\WINDOWS\system32\upnphost.dll
2007-04-02 01:46 16,384 --------- C:\WINDOWS\system32\ups.exe
2007-04-02 01:46 120,320 --a------ C:\WINDOWS\system32\upnp.dll
2007-04-02 01:46 107,008 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-04-02 01:46 10,752 --------- C:\WINDOWS\system32\tracert.exe
2007-04-02 01:45 82,944 --------- C:\WINDOWS\system32\smlogsvc.exe
2007-04-02 01:45 71,168 --------- C:\WINDOWS\system32\storprop.dll
2007-04-02 01:45 674,816 --a------ C:\WINDOWS\system32\sxs.dll
2007-04-02 01:45 667,648 --------- C:\WINDOWS\system32\ss3dfo.scr
2007-04-02 01:45 66,560 --a------ C:\WINDOWS\system32\spoolss.dll
2007-04-02 01:45 66,048 --------- C:\WINDOWS\system32\sigverif.exe
2007-04-02 01:45 638,976 --------- C:\WINDOWS\system32\sstext3d.scr
2007-04-02 01:45 63,488 --------- C:\WINDOWS\system32\srclient.dll
2007-04-02 01:45 62,976 --------- C:\WINDOWS\system32\shgina.dll
2007-04-02 01:45 61,952 --------- C:\WINDOWS\system32\sti.dll
2007-04-02 01:45 60,416 --------- C:\WINDOWS\system32\shimeng.dll
2007-04-02 01:45 569,344 --------- C:\WINDOWS\system32\sspipes.scr
2007-04-02 01:45 534,016 --------- C:\WINDOWS\system32\spider.exe
2007-04-02 01:45 5,504 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-04-02 01:45 43,008 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2007-04-02 01:45 420,864 --------- C:\WINDOWS\system32\shimgvw.dll
2007-04-02 01:45 385,024 --------- C:\WINDOWS\system32\sqlsrv32.dll
2007-04-02 01:45 364,544 --------- C:\WINDOWS\system32\ssflwbox.scr
2007-04-02 01:45 334,848 --------- C:\WINDOWS\system32\smlogcfg.dll
2007-04-02 01:45 33,280 --------- C:\WINDOWS\system32\shmgrate.exe
2007-04-02 01:45 27,136 --a------ C:\WINDOWS\system32\ssdpapi.dll
2007-04-02 01:45 251,904 --------- C:\WINDOWS\system32\strmdll.dll
2007-04-02 01:45 24,064 --------- C:\WINDOWS\system32\skeys.exe
2007-04-02 01:45 233,984 --------- C:\WINDOWS\system32\tapisrv.dll
2007-04-02 01:45 226,304 --------- C:\WINDOWS\system32\srrstr.dll
2007-04-02 01:45 22,528 --a------ C:\WINDOWS\system32\shfolder.dll
2007-04-02 01:45 22,528 --------- C:\WINDOWS\system32\slayerxp.dll
2007-04-02 01:45 19,456 --------- C:\WINDOWS\system32\ssmarque.scr
2007-04-02 01:45 18,944 --------- C:\WINDOWS\system32\ssbezier.scr
2007-04-02 01:45 17,408 --------- C:\WINDOWS\system32\ssmyst.scr
2007-04-02 01:45 165,376 --a------ C:\WINDOWS\system32\tapi32.dll
2007-04-02 01:45 16,896 --------- C:\WINDOWS\system32\snmpapi.dll
2007-04-02 01:45 158,720 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-02 01:45 133,120 --a------ C:\WINDOWS\system32\sfc_os.dll
2007-04-02 01:45 130,560 --------- C:\WINDOWS\system32\sti_ci.dll
2007-04-02 01:45 13,312 --------- C:\WINDOWS\system32\ssstars.scr
2007-04-02 01:45 128,512 --------- C:\WINDOWS\system32\taskmgr.exe
2007-04-02 01:45 117,760 --a------ C:\WINDOWS\system32\stobject.dll
2007-04-02 01:45 11,776 --------- C:\WINDOWS\system32\sigtab.dll
2007-04-02 01:45 1,157,632 --------- C:\WINDOWS\system32\sfcfiles.dll
2007-04-02 01:44 98,304 --------- C:\WINDOWS\system32\oleprn.dll
2007-04-02 01:44 91,136 --a------ C:\WINDOWS\system32\rastls.dll
2007-04-02 01:44 87,304 --------- C:\WINDOWS\system32\rdpdd.dll
2007-04-02 01:44 82,944 --a------ C:\WINDOWS\system32\psbase.dll
2007-04-02 01:44 8,192 --------- C:\WINDOWS\system32\scrnsave.scr
2007-04-02 01:44 75,912 --------- C:\WINDOWS\system32\rdpwsx.dll
2007-04-02 01:44 74,240 --------- C:\WINDOWS\system32\rtcshare.exe
2007-04-02 01:44 71,168 --------- C:\WINDOWS\system32\sdbinst.exe
2007-04-02 01:44 686,080 --------- C:\WINDOWS\system32\opengl32.dll
2007-04-02 01:44 6,144 --a------ C:\WINDOWS\system32\sensapi.dll
2007-04-02 01:44 58,880 --------- C:\WINDOWS\system32\pautoenr.dll
2007-04-02 01:44 57,856 --a------ C:\WINDOWS\system32\raschap.dll
2007-04-02 01:44 56,320 --------- C:\WINDOWS\system32\remotepg.dll
2007-04-02 01:44 548,864 --------- C:\WINDOWS\system32\rtcdll.dll
2007-04-02 01:44 530,432 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-04-02 01:44 53,248 --------- C:\WINDOWS\system32\packager.exe
2007-04-02 01:44 52,224 --a------ C:\WINDOWS\system32\secur32.dll
2007-04-02 01:44 511,488 --------- C:\WINDOWS\system32\qedit.dll
2007-04-02 01:44 48,128 --------- C:\WINDOWS\system32\reg.exe
2007-04-02 01:44 44,032 --a------ C:\WINDOWS\system32\regapi.dll
2007-04-02 01:44 44,032 --------- C:\WINDOWS\system32\rdpclip.exe
2007-04-02 01:44 36,352 --a------ C:\WINDOWS\system32\sens.dll
2007-04-02 01:44 357,376 --------- C:\WINDOWS\system32\qdvd.dll
2007-04-02 01:44 34,304 --------- C:\WINDOWS\system32\rcimlby.exe
2007-04-02 01:44 31,744 --------- C:\WINDOWS\system32\pid.dll
2007-04-02 01:44 3,338 --------- C:\WINDOWS\system32\redir.exe
2007-04-02 01:44 297,984 --a------ C:\WINDOWS\system32\scesrv.dll
2007-04-02 01:44 260,608 --a------ C:\WINDOWS\system32\rpcss.dll
2007-04-02 01:44 254,976 --------- C:\WINDOWS\system32\pdh.dll
2007-04-02 01:44 221,696 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-02 01:44 212,480 --------- C:\WINDOWS\system32\osk.exe
2007-04-02 01:44 20,992 --------- C:\WINDOWS\system32\setup.exe
2007-04-02 01:44 193,536 --------- C:\WINDOWS\system32\rasppp.dll
2007-04-02 01:44 184,832 --------- C:\WINDOWS\system32\qcap.dll
2007-04-02 01:44 174,592 --a------ C:\WINDOWS\system32\scecli.dll
2007-04-02 01:44 171,008 --------- C:\WINDOWS\system32\sccsccp.dll
2007-04-02 01:44 17,408 --a------ C:\WINDOWS\system32\psapi.dll
2007-04-02 01:44 17,408 --------- C:\WINDOWS\system32\qmgrprxy.dll
2007-04-02 01:44 169,984 --------- C:\WINDOWS\system32\sccbase.dll
2007-04-02 01:44 16,384 --------- C:\WINDOWS\system32\ping.exe
2007-04-02 01:44 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-02 01:44 14,848 --------- C:\WINDOWS\system32\rdpsnd.dll
2007-04-02 01:44 135,680 --------- C:\WINDOWS\system32\rdchost.dll
2007-04-02 01:44 134,144 --------- C:\WINDOWS\regedit.exe
2007-04-02 01:44 133,632 --a------ C:\WINDOWS\system32\rsaenh.dll
2007-04-02 01:44 13,824 --------- C:\WINDOWS\system32\rassapi.dll
2007-04-02 01:44 12,800 --------- C:\WINDOWS\system32\runonce.exe
2007-04-02 01:44 12,288 --------- C:\WINDOWS\system32\rdsaddin.exe
2007-04-02 01:44 1,349,120 --------- C:\WINDOWS\system32\query.dll
2007-04-02 01:44 1,169,920 --a------ C:\WINDOWS\system32\ole32.dll
2007-04-02 01:44 1,142,784 --------- C:\WINDOWS\system32\quartz.dll
2007-04-02 01:43 94,208 --------- C:\WINDOWS\system32\odbccp32.dll
2007-04-02 01:43 891,711 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-02 01:43 61,440 --------- C:\WINDOWS\system32\odbccu32.dll
2007-04-02 01:43 61,440 --------- C:\WINDOWS\system32\odbccr32.dll
2007-04-02 01:43 53,248 --------- C:\WINDOWS\system32\odbcconf.exe
2007-04-02 01:43 328,704 --a------ C:\WINDOWS\system32\oakley.dll
2007-04-02 01:43 32,768 --------- C:\WINDOWS\system32\odbcad32.exe
2007-04-02 01:43 3,494,303 --------- C:\WINDOWS\system32\nv4_disp.dll
2007-04-02 01:43 24,576 --------- C:\WINDOWS\system32\odbcbcp.dll
2007-04-02 01:43 200,704 --a------ C:\WINDOWS\system32\odbc32.dll
2007-04-02 01:43 16,384 --------- C:\WINDOWS\system32\odbc32gt.dll
2007-04-02 01:43 147,456 --------- C:\WINDOWS\system32\odbctrac.dll
2007-04-02 01:43 122,880 --------- C:\WINDOWS\system32\odbcconf.dll
2007-04-02 01:43 12,288 --------- C:\WINDOWS\system32\odbcp32r.dll
2007-04-02 01:43 109,568 --------- C:\WINDOWS\system32\offfilt.dll
2007-04-02 01:42 95,744 --------- C:\WINDOWS\system32\nlhtml.dll
2007-04-02 01:42 49,152 --------- C:\WINDOWS\system32\npptools.dll
2007-04-02 01:42 392,704 --------- C:\WINDOWS\system32\ntmssvc.dll
2007-04-02 01:42 38,400 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-04-02 01:42 38,400 --------- C:\WINDOWS\system32\ntmsapi.dll
2007-04-02 01:42 33,808 --------- C:\WINDOWS\system32\ntio.sys
2007-04-02 01:42 24,576 --------- C:\WINDOWS\system32\nmmkcert.dll
2007-04-02 01:42 238,080 --a------ C:\WINDOWS\system32\newdev.dll
2007-04-02 01:42 187,904 --------- C:\WINDOWS\system32\xpsp1res.dll
2007-04-02 01:42 165,888 --------- C:\WINDOWS\system32\ntmsdba.dll
2007-04-02 01:42 137,216 --a------ C:\WINDOWS\system32\ntshrui.dll
2007-04-02 01:42 112,128 --a------ C:\WINDOWS\system32\ntmarta.dll
2007-04-02 01:42 1,677,312 --------- C:\WINDOWS\system32\wmvcore2.dll
2007-04-02 01:41 403,456 --------- C:\WINDOWS\system32\winbrand.dll
2007-04-02 01:41 310,272 --------- C:\WINDOWS\system32\winhttp.dll
2007-04-02 01:41 13,056 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-04-02 01:40 6,912 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-04-02 01:40 3,584 --------- C:\WINDOWS\system32\dsprpres.dll
2007-04-02 01:40 218,112 --------- C:\WINDOWS\system32\sbe.dll
2007-04-02 01:40 18,944 --------- C:\WINDOWS\system32\faxpatch.exe
2007-04-02 01:40 172,032 --------- C:\WINDOWS\system32\mssap.dll
2007-04-02 01:40 155,648 --------- C:\WINDOWS\system32\encdec.dll
2007-04-02 01:40 12,288 --------- C:\WINDOWS\system32\encapi.dll
2007-04-02 01:40 110,080 --------- C:\WINDOWS\system32\sbeio.dll
2007-04-02 01:40 11,904 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-04-02 01:39 921,475 --------- C:\WINDOWS\system32\ati3d2ag.dll
2007-04-02 01:39 844,675 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-04-02 01:39 63,663 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-02 01:39 56,591 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-04-02 01:39 450,176 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-02 01:39 36,463 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-02 01:39 34,735 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-02 01:39 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-04-02 01:39 30,671 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-02 01:39 29,455 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-04-02 01:39 26,367 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-04-02 01:39 21,343 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-04-02 01:39 12,047 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-04-02 01:39 11,615 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-02 01:38 857,600 --------- C:\WINDOWS\system32\netplwiz.dll
2007-04-02 01:38 584,192 --a------ C:\WINDOWS\system32\netcfgx.dll
2007-04-02 01:38 42,496 --a------ C:\WINDOWS\system32\ncobjapi.dll
2007-04-02 01:38 399,360 --a------ C:\WINDOWS\system32\netlogon.dll
2007-04-02 01:38 39,424 --------- C:\WINDOWS\system32\net.exe
2007-04-02 01:38 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-04-02 01:38 326,656 --------- C:\WINDOWS\system32\netsetup.exe
2007-04-02 01:38 202,496 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-04-02 01:38 16,384 --------- C:\WINDOWS\system32\nddenb32.dll
2007-04-02 01:38 154,112 --a------ C:\WINDOWS\system32\netman.dll
2007-04-02 01:38 115,200 --------- C:\WINDOWS\system32\net1.exe
2007-04-02 01:38 105,984 --------- C:\WINDOWS\system32\netdde.exe
2007-04-02 01:38 1,622,528 --a------ C:\WINDOWS\system32\netshell.dll
2007-04-02 01:38 1,122,304 --a------ C:\WINDOWS\system32\msxml3.dll
2007-04-02 01:37 9,728 --------- C:\WINDOWS\system32\mstinit.exe
2007-04-02 01:37 79,872 --a------ C:\WINDOWS\system32\ztjvu.dll
2007-04-02 01:37 699,392 --------- C:\WINDOWS\system32\msxml2.dll
2007-04-02 01:37 598,016 --------- C:\WINDOWS\system32\mstscax.dll
2007-04-02 01:37 552,991 --------- C:\WINDOWS\system32\msrepl40.dll
2007-04-02 01:37 401,462 --a------ C:\WINDOWS\system32\msvcp60.dll
2007-04-02 01:37 388,608 --------- C:\WINDOWS\system32\mstsc.exe
2007-04-02 01:37 344,095 --------- C:\WINDOWS\system32\msxbde40.dll
2007-04-02 01:37 323,072 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-04-02 01:37 253,983 --------- C:\WINDOWS\system32\mstext40.dll
2007-04-02 01:37 250,368 --------- C:\WINDOWS\system32\mstask.dll
2007-04-02 01:37 241,725 --------- C:\WINDOWS\system32\msuni11.dll
2007-04-02 01:37 192,512 --------- C:\WINDOWS\system32\mswebdvd.dll
2007-04-02 01:37 182,784 --a------ C:\WINDOWS\system32\msutb.dll
2007-04-02 01:37 113,664 --a------ C:\WINDOWS\system32\msvfw32.dll
2007-04-02 01:37 10,240 --------- C:\WINDOWS\system32\msrle32.dll
2007-04-02 01:37 1,220,608 --------- C:\WINDOWS\system32\msvidctl.dll
2007-04-02 01:36 81,408 --------- C:\WINDOWS\system32\msoert2.dll
2007-04-02 01:36 421,919 --------- C:\WINDOWS\system32\msrd2x40.dll
2007-04-02 01:36 348,191 --------- C:\WINDOWS\system32\mspbde40.dll
2007-04-02 01:36 339,968 --------- C:\WINDOWS\system32\mspaint.exe
2007-04-02 01:36 319,760 --------- C:\WINDOWS\system32\msnsspc.dll
2007-04-02 01:36 228,864 --------- C:\WINDOWS\system32\msoeacct.dll
2007-04-02 01:36 131,072 --------- C:\WINDOWS\system32\msorcl32.dll
2007-04-02 01:35 56,320 --------- C:\WINDOWS\system32\mshtmler.dll
2007-04-02 01:35 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2007-04-02 01:35 368,710 --------- C:\WINDOWS\system32\msisam11.dll
2007-04-02 01:35 348,195 --------- C:\WINDOWS\system32\msjetoledb40.dll
2007-04-02 01:35 241,695 --------- C:\WINDOWS\system32\msjtes40.dll
2007-04-02 01:35 229,888 --------- C:\WINDOWS\system32\msieftp.dll
2007-04-02 01:35 22,528 --------- C:\WINDOWS\system32\mslbui.dll
2007-04-02 01:35 213,023 --------- C:\WINDOWS\system32\msltus40.dll
2007-04-02 01:35 143,872 --a------ C:\WINDOWS\system32\msimtf.dll
2007-04-02 01:35 1,503,262 --------- C:\WINDOWS\system32\msjet40.dll
2007-04-02 01:34 68,096 --------- C:\WINDOWS\system32\mscms.dll
2007-04-02 01:34 67,584 --------- C:\WINDOWS\system32\msctfp.dll
2007-04-02 01:34 65,536 --------- C:\WINDOWS\system32\msconf.dll
2007-04-02 01:34 512,031 --------- C:\WINDOWS\system32\msexch40.dll
2007-04-02 01:34 504,320 --------- C:\WINDOWS\system32\logonui.exe
2007-04-02 01:34 4,126 --------- C:\WINDOWS\system32\msdxmlc.dll
2007-04-02 01:34 359,936 --------- C:\WINDOWS\system32\msdtcprx.dll
2007-04-02 01:34 32,256 --------- C:\WINDOWS\system32\mnmdd.dll
2007-04-02 01:34 319,519 --------- C:\WINDOWS\system32\msexcl40.dll
2007-04-02 01:34 266,752 --a------ C:\WINDOWS\system32\msctf.dll
2007-04-02 01:34 233,472 --------- C:\WINDOWS\system32\mpg4dmod.dll
2007-04-02 01:34 219,648 --------- C:\WINDOWS\system32\logon.scr
2007-04-02 01:34 210,944 --------- C:\WINDOWS\system32\moricons.dll
2007-04-02 01:34 196,096 --------- C:\WINDOWS\system32\mobsync.dll
2007-04-02 01:34 163,840 --------- C:\WINDOWS\system32\mindex.dll
2007-04-02 01:34 126,976 --------- C:\WINDOWS\system32\msdart.dll
2007-04-02 01:34 12,288 --------- C:\WINDOWS\system32\mscpx32r.dll
2007-04-02 01:34 116,736 --------- C:\WINDOWS\system32\mplay32.exe
2007-04-02 01:34 10,240 --------- C:\WINDOWS\system32\localui.dll
2007-04-02 01:34 1,128,960 --------- C:\WINDOWS\system32\mmcndmgr.dll
2007-04-02 01:33 72,192 --a------ C:\WINDOWS\system32\uniime.dll
2007-04-02 01:33 57,856 --------- C:\WINDOWS\system32\licwmi.dll
2007-04-02 01:33 381,440 --------- C:\WINDOWS\system32\lmrt.dll
2007-04-02 01:33 19,456 --------- C:\WINDOWS\system32\licmgr10.dll
2007-04-02 01:27 91,648 --------- C:\WINDOWS\system32\iuctl.dll
2007-04-02 01:27 827,438 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-04-02 01:27 7,040 --------- C:\WINDOWS\system32\kd1394.dll
2007-04-02 01:27 49,664 --------- C:\WINDOWS\system32\ixsso.dll
2007-04-02 01:27 42,537 --------- C:\WINDOWS\system32\keyboard.sys
2007-04-02 01:27 272,896 --a------ C:\WINDOWS\system32\kerberos.dll
2007-04-02 01:27 166,912 --------- C:\WINDOWS\system32\iuengine.dll
2007-04-02 01:27 122,368 --------- C:\WINDOWS\system32\itss.dll
2007-04-02 01:26 73,728 --------- C:\WINDOWS\system32\tlntsess.exe
2007-04-02 01:26 7,168 --------- C:\WINDOWS\system32\tlntsvrp.dll
2007-04-02 01:26 67,584 --------- C:\WINDOWS\system32\tlntsvr.exe
2007-04-02 01:26 60,928 --------- C:\WINDOWS\system32\ipv6.exe
2007-04-02 01:26 57,856 --------- C:\WINDOWS\system32\tlntadmn.exe
2007-04-02 01:26 545,792 --------- C:\WINDOWS\system32\wsecedit.dll
2007-04-02 01:26 51,712 --------- C:\WINDOWS\system32\ipconfig.exe
2007-04-02 01:26 435,200 --------- C:\WINDOWS\system32\ipnathlp.dll
2007-04-02 01:26 318,464 --------- C:\WINDOWS\system32\ippromon.dll
2007-04-02 01:26 231,936 --------- C:\WINDOWS\system32\tracerpt.exe
2007-04-02 01:26 155,648 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-04-02 01:26 143,872 --------- C:\WINDOWS\system32\itircl.dll
2007-04-02 01:26 134,144 --------- C:\WINDOWS\system32\ipv6mon.dll
2007-04-02 01:24 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-02 01:24 89,088 --------- C:\WINDOWS\system32\mqsec.dll
2007-04-02 01:24 73,728 --------- C:\WINDOWS\system32\ils.dll
2007-04-02 01:24 67,584 --------- C:\WINDOWS\system32\fdeploy.dll
2007-04-02 01:24 67,200 --------- C:\WINDOWS\system32\drivers\mqac.sys
2007-04-02 01:24 613,888 --------- C:\WINDOWS\system32\mqqm.dll
2007-04-02 01:24 59,392 --------- C:\WINDOWS\system32\iesetup.dll
2007-04-02 01:24 587,776 --------- C:\WINDOWS\system32\inetcomm.dll
2007-04-02 01:24 57,344 --------- C:\WINDOWS\system32\nwwks.dll
2007-04-02 01:24 478,720 --------- C:\WINDOWS\system32\mqsnap.dll
2007-04-02 01:24 469,504 --------- C:\WINDOWS\system32\mqutil.dll
2007-04-02 01:24 37,888 --------- C:\WINDOWS\system32\hhsetup.dll
2007-04-02 01:24 36,922 --------- C:\WINDOWS\system32\imeshare.dll
2007-04-02 01:24 30,208 --------- C:\WINDOWS\system32\imgutil.dll
2007-04-02 01:24 29,696 --------- C:\WINDOWS\system32\asr_pfu.exe
2007-04-02 01:24 28,160 --------- C:\WINDOWS\system32\pidgen.dll
2007-04-02 01:24 277,504 --------- C:\WINDOWS\system32\appmgr.dll
2007-04-02 01:24 240,640 --a------ C:\WINDOWS\system32\hnetcfg.dll
2007-04-02 01:24 236,032 --------- C:\WINDOWS\system32\icm32.dll
2007-04-02 01:24 183,296 --------- C:\WINDOWS\system32\gptext.dll
2007-04-02 01:24 17,792 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-04-02 01:24 164,864 --------- C:\WINDOWS\system32\mqrt.dll
2007-04-02 01:24 164,352 --------- C:\WINDOWS\system32\mqtrig.dll
2007-04-02 01:24 156,672 --a------ C:\WINDOWS\system32\appmgmts.dll
2007-04-02 01:24 156,544 --------- C:\WINDOWS\system32\drivers\nwrdr.sys
2007-04-02 01:24 14,848 --------- C:\WINDOWS\system32\mqise.dll
2007-04-02 01:24 130,048 --------- C:\WINDOWS\system32\mqad.dll
2007-04-02 01:24 123,904 --------- C:\WINDOWS\system32\imapi.exe
2007-04-02 01:24 115,200 --------- C:\WINDOWS\system32\dpcdll.dll
2007-04-02 01:24 114,176 --------- C:\WINDOWS\system32\input.dll
2007-04-02 01:24 113,664 --------- C:\WINDOWS\system32\schtasks.exe
2007-04-02 01:24 113,152 --------- C:\WINDOWS\system32\idq.dll
2007-04-02 01:24 113,152 --------- C:\WINDOWS\system32\gpresult.exe
2007-04-02 01:24 103,936 --a------ C:\WINDOWS\system32\imm32.dll
2007-04-02 01:24 103,936 --------- C:\WINDOWS\system32\rsnotify.exe
2007-04-02 01:24 10,752 --------- C:\WINDOWS\system32\spiisupd.exe
2007-04-02 01:24 10,752 --------- C:\WINDOWS\hh.exe
2007-04-02 01:23 8,832 --------- C:\WINDOWS\system32\framebuf.dll
2007-04-02 01:21 98,816 --------- C:\WINDOWS\system32\clipbrd.exe
2007-04-02 01:21 94,720 --------- C:\WINDOWS\system32\dmusic.dll
2007-04-02 01:21 9,216 --------- C:\WINDOWS\system32\dumprep.exe
2007-04-02 01:21 82,432 --------- C:\WINDOWS\system32\fldrclnr.dll
2007-04-02 01:21 802,304 --------- C:\WINDOWS\system32\dxmrtp.dll
2007-04-02 01:21 8,192 --------- C:\WINDOWS\system32\autolfn.exe
2007-04-02 01:21 786,432 --------- C:\WINDOWS\system32\dxdiag.exe
2007-04-02 01:21 77,312 --------- C:\WINDOWS\system32\dmscript.dll
2007-04-02 01:21 76,288 --a------ C:\WINDOWS\system32\avifil32.dll
2007-04-02 01:21 76,288 --------- C:\WINDOWS\system32\dfrgfat.exe
2007-04-02 01:21 74,810 --a------ C:\WINDOWS\system32\atl.dll
2007-04-02 01:21 71,680 --------- C:\WINDOWS\system32\browsewm.dll
2007-04-02 01:21 70,656 --------- C:\WINDOWS\system32\defrag.exe
2007-04-02 01:21 70,144 --------- C:\WINDOWS\system32\cryptdlg.dll
2007-04-02 01:21 66,560 --------- C:\WINDOWS\system32\faultrep.dll
2007-04-02 01:21 64,512 --------- C:\WINDOWS\system32\ciodm.dll
2007-04-02 01:21 62,976 --a------ C:\WINDOWS\system32\browselc.dll
2007-04-02 01:21 61,440 --------- C:\WINDOWS\system32\dbnetlib.dll
2007-04-02 01:21 6,656 --------- C:\WINDOWS\system32\batt.dll
2007-04-02 01:21 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2007-04-02 01:21 582,656 --------- C:\WINDOWS\system32\catsrvut.dll
2007-04-02 01:21 58,368 --------- C:\WINDOWS\system32\dpvsetup.exe
2007-04-02 01:21 57,344 --------- C:\WINDOWS\system32\dmcompos.dll
2007-04-02 01:21 56,320 --------- C:\WINDOWS\system32\dpnhupnp.dll
2007-04-02 01:21 557,568 --a------ C:\WINDOWS\system32\crypt32.dll
2007-04-02 01:21 55,296 --------- C:\WINDOWS\system32\digest.dll
2007-04-02 01:21 54,272 --a------ C:\WINDOWS\system32\clusapi.dll
2007-04-02 01:21 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-04-02 01:21 498,205 --------- C:\WINDOWS\system32\dxmasf.dll
2007-04-02 01:21 49,664 --------- C:\WINDOWS\system32\dpwsockx.dll
2007-04-02 01:21 49,152 --a------ C:\WINDOWS\system32\eventlog.dll
2007-04-02 01:21 49,152 --a------ C:\WINDOWS\system32\browser.dll
2007-04-02 01:21 489,984 --a------ C:\WINDOWS\system32\dbghelp.dll
2007-04-02 01:21 471,040 --a------ C:\WINDOWS\system32\cryptui.dll
2007-04-02 01:21 45,568 --------- C:\WINDOWS\system32\docprop2.dll
2007-04-02 01:21 41,472 --------- C:\WINDOWS\system32\cmdl32.exe
2007-04-02 01:21 380,445 --------- C:\WINDOWS\system32\expsrv.dll
2007-04-02 01:21 38,912 --a------ C:\WINDOWS\system32\audiosrv.dll
2007-04-02 01:21 35,328 --------- C:\WINDOWS\system32\dfrgsnap.dll
2007-04-02 01:21 324,608 --------- C:\WINDOWS\system32\cmdial32.dll
2007-04-02 01:21 32,768 --------- C:\WINDOWS\system32\cfgbkend.dll
2007-04-02 01:21 31,744 --------- C:\WINDOWS\system32\dmloader.dll
2007-04-02 01:21 307,712 --a------ C:\WINDOWS\system32\cscui.dll
2007-04-02 01:21 29,696 --------- C:\WINDOWS\system32\dpnhpast.dll
2007-04-02 01:21 28,672 --------- C:\WINDOWS\system32\dbnmpntw.dll
2007-04-02 01:21 263,680 --------- C:\WINDOWS\system32\duser.dll
2007-04-02 01:21 263,168 --------- C:\WINDOWS\system32\devmgr.dll
2007-04-02 01:21 26,112 --------- C:\WINDOWS\system32\dmband.dll
2007-04-02 01:21 253,440 --------- C:\WINDOWS\system32\ddraw.dll
2007-04-02 01:21 25,600 --------- C:\WINDOWS\system32\dfsshlex.dll
2007-04-02 01:21 24,576 --a------ C:\WINDOWS\system32\conime.exe
2007-04-02 01:21 24,576 --------- C:\WINDOWS\system32\dbmsvinn.dll
2007-04-02 01:21 24,576 --------- C:\WINDOWS\system32\dbmsrpcn.dll
2007-04-02 01:21 238,592 --------- C:\WINDOWS\system32\compatui.dll
2007-04-02 01:21 227,840 --------- C:\WINDOWS\system32\dsquery.dll
2007-04-02 01:21 225,280 --a------ C:\WINDOWS\system32\es.dll
2007-04-02 01:21 206,336 --------- C:\WINDOWS\system32\dpvoice.dll
2007-04-02 01:21 20,480 --------- C:\WINDOWS\system32\dbmsadsn.dll
2007-04-02 01:21 19,456 --a------ C:\WINDOWS\system32\ersvc.dll
2007-04-02 01:21 19,456 --------- C:\WINDOWS\system32\fontview.exe
2007-04-02 01:21 186,880 --a------ C:\WINDOWS\system32\certcli.dll
2007-04-02 01:21 180,224 --------- C:\WINDOWS\system32\dwwin.exe
2007-04-02 01:21 178,688 --------- C:\WINDOWS\system32\eudcedit.exe
2007-04-02 01:21 172,544 --------- C:\WINDOWS\system32\dmime.dll
2007-04-02 01:21 168,960 --------- C:\WINDOWS\system32\dinput8.dll
2007-04-02 01:21 165,376 --------- C:\WINDOWS\system32\els.dll
2007-04-02 01:21 16,384 --------- C:\WINDOWS\system32\ds32gt.dll
2007-04-02 01:21 158,720 --a------ C:\WINDOWS\system32\credui.dll
2007-04-02 01:21 156,672 --------- C:\WINDOWS\system32\dpnet.dll
2007-04-02 01:21 151,552 --------- C:\WINDOWS\system32\dinput.dll
2007-04-02 01:21 14,848 --------- C:\WINDOWS\system32\cdm.dll
2007-04-02 01:21 135,680 --------- C:\WINDOWS\system32\dsprop.dll
2007-04-02 01:21 13,312 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-04-02 01:21 124,928 --a------ C:\WINDOWS\system32\dssenh.dll
2007-04-02 01:21 113,152 --------- C:\WINDOWS\system32\dfrgui.dll
2007-04-02 01:21 110,080 --------- C:\WINDOWS\system32\dmstyle.dll
2007-04-02 01:21 103,424 --------- C:\WINDOWS\system32\dgnet.dll
2007-04-02 01:21 1,740 --------- C:\WINDOWS\system32\dcache.bin
2007-04-02 01:21 1,180,672 --------- C:\WINDOWS\system32\d3d8.dll
2007-04-02 01:21 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-02 01:21 1,004,032 --a------ C:\WINDOWS\explorer.exe
2007-04-02 01:19 91,648 --------- C:\WINDOWS\system32\ahui.exe
2007-04-02 01:19 62,464 --------- C:\WINDOWS\system32\adsmsext.dll
2007-04-02 01:19 59,392 --------- C:\WINDOWS\system32\6to4svc.dll
2007-04-02 01:19 41,984 --------- C:\WINDOWS\system32\alg.exe
2007-04-02 01:19 32,512 --------- C:\WINDOWS\system32\drivers\amdk7.sys
2007-04-02 01:19 239,616 --------- C:\WINDOWS\system32\adsnt.dll
2007-04-02 01:19 22,528 --------- C:\WINDOWS\system32\at.exe
2007-04-02 01:19 162,816 --------- C:\WINDOWS\system32\adsldp.dll
2007-04-02 01:19 14,366 --------- C:\WINDOWS\system32\asfsipc.dll
2007-04-02 01:19 139,776 --a------ C:\WINDOWS\system32\adsldpc.dll
2007-04-02 01:19 115,712 --a------ C:\WINDOWS\system32\apphelp.dll
2007-04-01 21:25 <DIR> d-------- C:\Program Files\Ahead
2007-04-01 21:24 <DIR> d--hs---- C:\RECYCLER
2007-04-01 20:59 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-01 20:59 44,416 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-04-01 20:59 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-01 20:59 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-01 20:59 131,712 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-04-01 20:59 <DIR> d-------- C:\Program Files\InterVideo
2007-04-01 20:58 87,648 --a------ C:\WINDOWS\system32\drivers\ialmsbw.sys
2007-04-01 20:58 86,912 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2007-04-01 20:58 86,016 --a------ C:\WINDOWS\system32\igfxdo.dll
2007-04-01 20:58 77,181 --a------ C:\WINDOWS\system32\drivers\ialmnt5.sys
2007-04-01 20:58 74,814 --a------ C:\WINDOWS\system32\ialmdnt5.dll
2007-04-01 20:58 69,472 --a------ C:\WINDOWS\system32\drivers\ialmkchw.sys
2007-04-01 20:58 67,072 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-01 20:58 61,440 --a------ C:\WINDOWS\system32\iAlmCoIn_0.dll
2007-04-01 20:58 524,868 --a------ C:\WINDOWS\system32\ialmdd5.dll
2007-04-01 20:58 524,288 --a------ C:\WINDOWS\system32\igfxress.dll
2007-04-01 20:58 5,120 --a------ C:\WINDOWS\system32\drivers\hccoin.dll
2007-04-01 20:58 49,152 --a------ C:\WINDOWS\system32\ialmrem.dll
2007-04-01 20:58 475,136 --a------ C:\WINDOWS\system32\igfxcfg.exe
2007-04-01 20:58 41,529 --a------ C:\WINDOWS\system32\drivers\wa310b.sys
2007-04-01 20:58 41,529 --a------ C:\WINDOWS\system32\drivers\wa310a.sys
2007-04-01 20:58 35,840 --a------ C:\WINDOWS\system32\drivers\isapnp.sys
2007-04-01 20:58 3,328 --a------ C:\WINDOWS\system32\drivers\pciide.sys
2007-04-01 20:58 294,912 --a------ C:\WINDOWS\system32\igfxsrvc.dll
2007-04-01 20:58 28,672 --a------ C:\WINDOWS\system32\igfxdgps.dll
2007-04-01 20:58 28,672 --a------ C:\WINDOWS\system32\ialmrnt5.dll
2007-04-01 20:58 262,144 --------- C:\WINDOWS\system32\shpshftr.dll
2007-04-01 20:58 26,681 --a------ C:\WINDOWS\system32\drivers\wa301b.sys
2007-04-01 20:58 26,681 --a------ C:\WINDOWS\system32\drivers\wa301a.sys
2007-04-01 20:58 26,169 --a------ C:\WINDOWS\system32\drivers\a303.sys
2007-04-01 20:58 25,657 --a------ C:\WINDOWS\system32\drivers\a304.sys
2007-04-01 20:58 23,680 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2007-04-01 20:58 23,609 --a------ C:\WINDOWS\system32\drivers\a309.sys
2007-04-01 20:58 221,184 --a------ C:\WINDOWS\system32\igfxeud.dll
2007-04-01 20:58 200,704 --a------ C:\WINDOWS\system32\igfxpph.dll
2007-04-01 20:58 19,513 --a------ C:\WINDOWS\system32\drivers\a307.sys
2007-04-01 20:58 19,328 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2007-04-01 20:58 18,487 --a------ C:\WINDOWS\system32\drivers\vch.sys
2007-04-01 20:58 163,901 --a------ C:\WINDOWS\system32\ialmdev5.dll
2007-04-01 20:58 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe
2007-04-01 20:58 151,552 --a------ C:\WINDOWS\system32\igfxdiag.exe
2007-04-01 20:58 147,456 --a------ C:\WINDOWS\system32\ialmgdev.dll
2007-04-01 20:58 139,264 --a------ C:\WINDOWS\system32\igfxdev.dll
2007-04-01 20:58 13,881 --a------ C:\WINDOWS\system32\drivers\a306.sys
2007-04-01 20:58 114,688 --a------ C:\WINDOWS\system32\hccutils.dll
2007-04-01 20:58 110,592 --a------ C:\WINDOWS\system32\igfxhk.dll
2007-04-01 20:58 11,321 --a------ C:\WINDOWS\system32\drivers\a305.sys
2007-04-01 20:58 106,496 --a------ C:\WINDOWS\system32\hkcmd.exe
2007-04-01 20:58 10,297 --a------ C:\WINDOWS\system32\drivers\a308.sys
2007-04-01 20:58 10,297 --a------ C:\WINDOWS\system32\drivers\a302.sys
2007-04-01 20:58 1,785,856 --a------ C:\WINDOWS\system32\ialmgicd.dll
2007-04-01 20:58 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-01 20:58 <DIR> d-------- C:\WINDOWS\Drivers
2007-04-01 20:58 <DIR> d-------- C:\Program Files\Intel
2007-04-01 20:58 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-01 20:57 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-01 20:41 945,424 --a------ C:\WINDOWS\system32\msjava.dll
2007-04-01 20:41 63,248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-04-01 20:41 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-04-01 20:41 49,424 --a------ C:\WINDOWS\system32\clspack.exe
2007-04-01 20:41 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-04-01 20:41 404,752 --a------ C:\WINDOWS\system32\javart.dll
2007-04-01 20:41 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-04-01 20:41 286,992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-04-01 20:41 21,264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-04-01 20:41 187,152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-04-01 20:41 172,304 --a------ C:\WINDOWS\system32\jview.exe
2007-04-01 20:41 171,792 --a------ C:\WINDOWS\system32\wjview.exe
2007-04-01 20:41 171,280 --a------ C:\WINDOWS\system32\jit.dll
2007-04-01 20:41 154,896 --a------ C:\WINDOWS\system32\msawt.dll
2007-04-01 20:41 15,120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-04-01 20:41 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-04-01 20:41 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-04-01 20:41 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-04-01 20:40 2,359,296 --ah----- C:\DOCUME~1\J578B~1.P_Y\NTUSER.DAT
2007-04-01 20:39 262,144 --a------ C:\DOCUME~1\ALLUSE~1\NTUSER.DAT
2007-04-01 19:20 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-01 19:20 <DIR> d-------- C:\Program Files\Magnus Brading Software
2007-04-01 19:17 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-01 17:17 845,312 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-01 17:17 719,872 --a------ C:\WINDOWS\system32\devil.dll
2007-04-01 17:17 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-01 17:17 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-04-01 17:17 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-01 17:17 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-04-01 17:17 306,688 --a------ C:\WINDOWS\system32\avisynth.dll
2007-04-01 17:17 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-01 17:17 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-04-01 17:17 217,073 --a------ C:\WINDOWS\meta4.exe
2007-04-01 17:17 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-04-01 17:17 <DIR> d--hs---- C:\WINDOWS\system32\ShellDHCP
2007-04-01 17:17 <DIR> d-------- C:\Program Files\eRightSoft
2007-04-01 17:17 <DIR> d-------- C:\Program Files\AviSynth 2.5
2007-04-01 17:16 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-04-01 17:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
2007-04-01 17:02 495,104 --a------ C:\WINDOWS\system32\mp3tsshx.dll
2007-04-01 16:58 <DIR> d-------- C:\Program Files\SmartFTP Client Setup Files
2007-04-01 16:58 <DIR> d-------- C:\Program Files\SmartFTP
2007-04-01 16:57 <DIR> d-------- C:\Program Files\MSN Messenger
2007-04-01 16:52 <DIR> d-------- C:\Program Files\OpenOffice.org 2.0
2007-04-01 16:48 <DIR> d-------- C:\Program Files\Movie Splitter
2007-04-01 16:43 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-04-01 16:38 46,080 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-01 16:38 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-01 16:38 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-01 16:36 <DIR> d-------- C:\Program Files\Winamp
2007-04-01 16:36 <DIR> d-------- C:\Program Files\Monkey's Audio
2007-04-01 16:34 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Media Player Classic
2007-04-01 16:21 <DIR> d-------- C:\Program Files\eMule
2007-04-01 16:19 <DIR> d-------- C:\Program Files\Magnus Brading
2007-04-01 16:11 <DIR> d-------- C:\Program Files\MP3Gain
2007-04-01 16:08 <DIR> d-------- C:\Program Files\mIRC
2007-04-01 16:07 <DIR> d-------- C:\Program Files\GuerillaSoft
2007-04-01 16:06 <DIR> d-------- C:\Program Files\GoldWave
2007-04-01 16:06 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Help
2007-04-01 16:05 <DIR> d-------- C:\Program Files\hkSFV
2007-04-01 00:29 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-04-01 00:29 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-04-01 00:29 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-04-01 00:29 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-04-01 00:29 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-04-01 00:29 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-04-01 00:29 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-04-01 00:29 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-04-01 00:29 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\ftlx041e.dll
2007-04-01 00:29 5,632 --a------ C:\WINDOWS\system32\kbdusa.dll
2007-04-01 00:29 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-04-01 00:29 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-04-01 00:29 185,344 --a------ C:\WINDOWS\system32\Thawbrkr.dll
2007-04-01 00:29 10,752 --a------ C:\WINDOWS\system32\c_iscii.dll
2007-04-01 00:29 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-04-01 00:28 9,856 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-04-01 00:28 56,576 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-01 00:28 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2007-04-01 00:25 123,984 --a------ C:\WINDOWS\system32\drivers\STAC97.sys
2007-04-01 00:14 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Online Services
2007-04-01 00:13 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Messenger
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-01 00:12 882 --------- C:\WINDOWS\system32\share.exe
2007-04-01 00:12 741 --------- C:\WINDOWS\system32\noise.dat
2007-04-01 00:12 668,672 --------- C:\WINDOWS\system32\ntdll.dll
2007-04-01 00:12 4,511 --------- C:\WINDOWS\system32\oembios.dat
2007-04-01 00:12 36,864 --------- C:\WINDOWS\system32\ntsdexts.dll
2007-04-01 00:12 31,744 --------- C:\WINDOWS\system32\ntsd.exe
2007-04-01 00:12 13,107,200 --------- C:\WINDOWS\system32\oembios.bin
2007-04-01 00:12 1,161 --------- C:\WINDOWS\system32\usrlogon.cmd
2007-04-01 00:12 1,129 --------- C:\WINDOWS\system32\vwipxspx.exe
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-01 00:11 882 --------- C:\WINDOWS\system32\fastopen.exe
2007-04-01 00:11 847,872 --------- C:\WINDOWS\system32\dbgeng.dll
2007-04-01 00:11 817 --------- C:\WINDOWS\system32\mscdexnt.exe
2007-04-01 00:11 79,744 --------- C:\WINDOWS\system32\drivers\ksecdd.sys
2007-04-01 00:11 7,168 --------- C:\WINDOWS\system32\kbdnec.dll
2007-04-01 00:11 6,656 --------- C:\WINDOWS\system32\kbdsg.dll
2007-04-01 00:11 6,656 --------- C:\WINDOWS\system32\kbdla.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusx.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusl.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsw.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsp.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsf.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdpo.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdno.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdne.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdic.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdgr1.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdgr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfi.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfc.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdes.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdda.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdca.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdbr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdbe.dll
2007-04-01 00:11 561,920 --------- C:\WINDOWS\system32\drivers\ntfs.sys
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdus.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbduk.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdit142.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdit.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdir.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdgae.dll
2007-04-01 00:11 5,120 --------- C:\WINDOWS\system32\kbddv.dll
2007-04-01 00:11 487 --------- C:\WINDOWS\system32\login.cmd
2007-04-01 00:11 15,872 --------- C:\WINDOWS\system32\expand.exe
2007-04-01 00:11 126,976 --------- C:\WINDOWS\system32\imagehlp.dll
2007-04-01 00:11 121,856 --------- C:\WINDOWS\system32\exts.dll
2007-04-01 00:11 1,131 --------- C:\WINDOWS\system32\loadfix.com
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-01 00:10 707 --------- C:\WINDOWS\_default.pif
2007-04-01 00:10 565,760 --------- C:\WINDOWS\system32\autochk.exe
2007-04-01 00:10 558,592 --------- C:\WINDOWS\system32\autofmt.exe
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\security
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\repair
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\mui
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\msapps
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\msagent
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\java
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\ime
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\addins
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\Resources
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\Registration
2007-04-01 00:06 <DIR> d-------- C:\WINDOWS\PCHEALTH
2007-04-01 00:06 <DIR> d-------- C:\WINDOWS\Media
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Help
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Debug
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-01 00:04 <DI

Edited by rody, 07 April 2007 - 05:57 PM.


#12 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:53 PM

Posted 07 April 2007 - 05:57 PM

The log is not complete?
Greets Jürgenv

Donation: Click me.

#13 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 06:00 PM

so sorry i think there are too much texts that it exceeds the limit
i'd post both log separately


Heres the ComboFix log! (hope its full)


"J.P_Yang" - 07-04-08 6:44:08 Service Pack 1
ComboFix 07-04-05 - Running from: "C:\Documents and Settings\J.P_Yang\Desktop"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\system32\eeeeee.ini
C:\Windows\system32\eeeeee1.ini
C:\Documents and Settings\J.P_Yang\Desktop\My Pictures\Randy Pics\_desktop.ini
C:\Windows\system32\wbem\bvprn.dll
C:\Windows\system32\wbem\gtksh.dll
C:\Windows\system32\wbem\lcigp.dll
C:\Windows\system32\wbem\lpkgn.dll
C:\Windows\system32\wbem\lsbgc.dll
C:\Windows\system32\wbem\mdsxo.dll
C:\Windows\system32\wbem\mzbjd.dll
C:\Windows\system32\wbem\njjiy.dll
C:\Windows\system32\wbem\oacpm.dll
C:\Windows\system32\wbem\oeixt.dll
C:\Windows\system32\wbem\pdepo.dll
C:\Windows\system32\wbem\qalge.dll
C:\Windows\system32\wbem\qsgcn.dll
C:\Windows\system32\wbem\tdkjs.dll
C:\Windows\system32\wbem\trtqq.dll
C:\Windows\system32\wbem\tvzzr.dll
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Microsoft\PCTools\pctools.dll
C:\Program Files\superutilbar\superutilbar.dll
C:\Program Files\superutilbar\uninst.exe
C:\WINDOWS\DOWNLO~1.\850945\SHLWAPI32.DLL
C:\Windows\system32\advport.dll
C:\Windows\system32\d3d1caps.srg
C:\Windows\system32\drivers\acpidisk.sys
C:\Windows\system32\mprmsgse.axz
C:\Windows\system32\mscpx32r.det
C:\Windows\system32\score.txt
C:\Windows\system32\sinfo.ini
C:\Windows\bar.exe
C:\Windows\temp\~my1.tmp
C:\Windows\system32\usrinit.exe
C:\Windows\system32\wsttrs.dll
C:\Windows\wsttrs.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Microsoft\PCTools
C:\Program Files\superutilbar
C:\Windows\temp\cache
C:\WINDOWS\DOWNLO~1.\850945
C:\Windows\system32\drivers\opmte.sys
C:\WINDOWS\DOWNLO~1.\838480


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\acpidisk
-------\Framework
-------\Internet Connection Manager
-------\mspath
-------\mspcidrv
-------\msqmx
-------\opmte
-------\ubdt
-------\LEGACY_ACPIDISK
-------\LEGACY_FRAMEWORK
-------\LEGACY_INTERNET_CONNECTION_MANAGER
-------\LEGACY_MSPCIDRV
-------\LEGACY_MSQMX
-------\LEGACY_OPMTE
-------\LEGACY_UBDT


((((((((((((((((((((((((((((((( Files Created from 2007-03-08 to 2007-04-08 ))))))))))))))))))))))))))))))))))


2007-04-08 00:43 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-07 23:53 0 -rahs---- C:\MSDOS.SYS
2007-04-07 23:53 0 -rahs---- C:\IO.SYS
2007-04-07 23:49 <DIR> d-------- C:\WINDOWS\pss
2007-04-07 11:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-04-06 19:09 <DIR> d-------- C:\Program Files\a-squared Free
2007-04-06 18:21 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-06 16:42 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-06 16:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-06 15:38 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Lavasoft
2007-04-06 15:37 <DIR> d-------- C:\Program Files\Lavasoft
2007-04-06 14:25 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2007-04-06 14:25 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-04-06 14:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-06 12:27 19,456 --a------ C:\WINDOWS\wsttrks.exe
2007-04-06 12:27 12,288 --a------ C:\WINDOWS\system32\wsttrks.dll
2007-04-05 21:02 <DIR> d---s---- C:\DOCUME~1\J578B~1.P_Y\UserData
2007-04-05 10:06 1,743 --a------ C:\DOCUME~1\J578B~1.P_Y\hissys.dat
2007-04-05 07:24 <DIR> d-------- C:\Program Files\mwvl
2007-04-03 09:05 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\OpenOffice.org2
2007-04-02 01:56 151,552 --a------ C:\WINDOWS\system32\igfxres.dll
2007-04-02 01:56 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-02 01:56 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Adobe
2007-04-02 01:55 <DIR> d--hs---- C:\WINDOWS\CSC
2007-04-02 01:51 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-04-02 01:51 <DIR> d-------- C:\WINDOWS\ehome
2007-04-02 01:49 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-02 01:49 86,528 --a------ C:\WINDOWS\system32\wlnotify.dll
2007-04-02 01:49 86,016 --a------ C:\WINDOWS\system32\xactsrv.dll
2007-04-02 01:49 77,824 --------- C:\WINDOWS\system32\wmpstub.exe
2007-04-02 01:49 56,832 --------- C:\WINDOWS\system32\wzcdlg.dll
2007-04-02 01:49 51,200 --------- C:\WINDOWS\system32\wmerrenu.dll
2007-04-02 01:49 446,464 --------- C:\WINDOWS\system32\wmvdmoe.dll
2007-04-02 01:49 38,912 --------- C:\WINDOWS\system32\wsnmp32.dll
2007-04-02 01:49 316,416 --------- C:\WINDOWS\system32\zipfldr.dll
2007-04-02 01:49 311,327 --------- C:\WINDOWS\system32\wmv8dmod.dll
2007-04-02 01:49 296,448 --------- C:\WINDOWS\system32\wmstream.dll
2007-04-02 01:49 264,704 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-04-02 01:49 247,808 --a------ C:\WINDOWS\system32\wow32.dll
2007-04-02 01:49 23,552 --------- C:\WINDOWS\system32\wzcsapi.dll
2007-04-02 01:49 189,440 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-02 01:49 172,664 --------- C:\WINDOWS\system32\xenroll.dll
2007-04-02 01:49 17,408 --a------ C:\WINDOWS\system32\wtsapi32.dll
2007-04-02 01:49 139,776 --------- C:\WINDOWS\system32\wuauclt.exe
2007-04-02 01:49 13,312 --------- C:\WINDOWS\system32\wship6.dll
2007-04-02 01:49 118,784 --------- C:\WINDOWS\system32\wmsdmoe.dll
2007-04-02 01:48 60,416 --------- C:\WINDOWS\system32\wextract.exe
2007-04-02 01:48 48,128 --a------ C:\WINDOWS\system32\winsta.dll
2007-04-02 01:48 266,752 --------- C:\WINDOWS\winhlp32.exe
2007-04-02 01:48 171,520 --a------ C:\WINDOWS\system32\winmm.dll
2007-04-02 01:48 168,448 --a------ C:\WINDOWS\system32\wldap32.dll
2007-04-02 01:48 124,928 --------- C:\WINDOWS\system32\webvw.dll
2007-04-02 01:48 119,808 --------- C:\WINDOWS\system32\wiadss.dll
2007-04-02 01:47 61,952 --a------ C:\WINDOWS\system32\webclnt.dll
2007-04-02 01:47 48,640 --------- C:\WINDOWS\system32\vdmredir.dll
2007-04-02 01:47 479,261 --------- C:\WINDOWS\system32\vbscript.dll
2007-04-02 01:47 409,088 --a------ C:\WINDOWS\system32\vssapi.dll
2007-04-02 01:47 165,376 --a------ C:\WINDOWS\system32\w32time.dll
2007-04-02 01:47 16,384 --------- C:\WINDOWS\system32\watchdog.sys
2007-04-02 01:46 9,856 --------- C:\WINDOWS\system32\drivers\tunmp.sys
2007-04-02 01:46 88,064 --------- C:\WINDOWS\system32\tscfgwmi.dll
2007-04-02 01:46 81,920 --a------ C:\WINDOWS\system32\trkwks.dll
2007-04-02 01:46 71,168 --------- C:\WINDOWS\system32\telnet.exe
2007-04-02 01:46 47,616 --------- C:\WINDOWS\system32\utilman.exe
2007-04-02 01:46 40,960 --------- C:\WINDOWS\system32\tscupgrd.exe
2007-04-02 01:46 384,000 --a------ C:\WINDOWS\system32\themeui.dll
2007-04-02 01:46 339,456 --a------ C:\WINDOWS\system32\usp10.dll
2007-04-02 01:46 32,256 --------- C:\WINDOWS\system32\umandlg.dll
2007-04-02 01:46 231,424 --------- C:\WINDOWS\system32\upnpui.dll
2007-04-02 01:46 22,016 --------- C:\WINDOWS\system32\udhisapi.dll
2007-04-02 01:46 203,264 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-04-02 01:46 200,192 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-02 01:46 164,864 --------- C:\WINDOWS\system32\upnphost.dll
2007-04-02 01:46 16,384 --------- C:\WINDOWS\system32\ups.exe
2007-04-02 01:46 120,320 --a------ C:\WINDOWS\system32\upnp.dll
2007-04-02 01:46 107,008 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-04-02 01:46 10,752 --------- C:\WINDOWS\system32\tracert.exe
2007-04-02 01:45 82,944 --------- C:\WINDOWS\system32\smlogsvc.exe
2007-04-02 01:45 71,168 --------- C:\WINDOWS\system32\storprop.dll
2007-04-02 01:45 674,816 --a------ C:\WINDOWS\system32\sxs.dll
2007-04-02 01:45 667,648 --------- C:\WINDOWS\system32\ss3dfo.scr
2007-04-02 01:45 66,560 --a------ C:\WINDOWS\system32\spoolss.dll
2007-04-02 01:45 66,048 --------- C:\WINDOWS\system32\sigverif.exe
2007-04-02 01:45 638,976 --------- C:\WINDOWS\system32\sstext3d.scr
2007-04-02 01:45 63,488 --------- C:\WINDOWS\system32\srclient.dll
2007-04-02 01:45 62,976 --------- C:\WINDOWS\system32\shgina.dll
2007-04-02 01:45 61,952 --------- C:\WINDOWS\system32\sti.dll
2007-04-02 01:45 60,416 --------- C:\WINDOWS\system32\shimeng.dll
2007-04-02 01:45 569,344 --------- C:\WINDOWS\system32\sspipes.scr
2007-04-02 01:45 534,016 --------- C:\WINDOWS\system32\spider.exe
2007-04-02 01:45 5,504 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-04-02 01:45 43,008 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2007-04-02 01:45 420,864 --------- C:\WINDOWS\system32\shimgvw.dll
2007-04-02 01:45 385,024 --------- C:\WINDOWS\system32\sqlsrv32.dll
2007-04-02 01:45 364,544 --------- C:\WINDOWS\system32\ssflwbox.scr
2007-04-02 01:45 334,848 --------- C:\WINDOWS\system32\smlogcfg.dll
2007-04-02 01:45 33,280 --------- C:\WINDOWS\system32\shmgrate.exe
2007-04-02 01:45 27,136 --a------ C:\WINDOWS\system32\ssdpapi.dll
2007-04-02 01:45 251,904 --------- C:\WINDOWS\system32\strmdll.dll
2007-04-02 01:45 24,064 --------- C:\WINDOWS\system32\skeys.exe
2007-04-02 01:45 233,984 --------- C:\WINDOWS\system32\tapisrv.dll
2007-04-02 01:45 226,304 --------- C:\WINDOWS\system32\srrstr.dll
2007-04-02 01:45 22,528 --a------ C:\WINDOWS\system32\shfolder.dll
2007-04-02 01:45 22,528 --------- C:\WINDOWS\system32\slayerxp.dll
2007-04-02 01:45 19,456 --------- C:\WINDOWS\system32\ssmarque.scr
2007-04-02 01:45 18,944 --------- C:\WINDOWS\system32\ssbezier.scr
2007-04-02 01:45 17,408 --------- C:\WINDOWS\system32\ssmyst.scr
2007-04-02 01:45 165,376 --a------ C:\WINDOWS\system32\tapi32.dll
2007-04-02 01:45 16,896 --------- C:\WINDOWS\system32\snmpapi.dll
2007-04-02 01:45 158,720 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-02 01:45 133,120 --a------ C:\WINDOWS\system32\sfc_os.dll
2007-04-02 01:45 130,560 --------- C:\WINDOWS\system32\sti_ci.dll
2007-04-02 01:45 13,312 --------- C:\WINDOWS\system32\ssstars.scr
2007-04-02 01:45 128,512 --------- C:\WINDOWS\system32\taskmgr.exe
2007-04-02 01:45 117,760 --a------ C:\WINDOWS\system32\stobject.dll
2007-04-02 01:45 11,776 --------- C:\WINDOWS\system32\sigtab.dll
2007-04-02 01:45 1,157,632 --------- C:\WINDOWS\system32\sfcfiles.dll
2007-04-02 01:44 98,304 --------- C:\WINDOWS\system32\oleprn.dll
2007-04-02 01:44 91,136 --a------ C:\WINDOWS\system32\rastls.dll
2007-04-02 01:44 87,304 --------- C:\WINDOWS\system32\rdpdd.dll
2007-04-02 01:44 82,944 --a------ C:\WINDOWS\system32\psbase.dll
2007-04-02 01:44 8,192 --------- C:\WINDOWS\system32\scrnsave.scr
2007-04-02 01:44 75,912 --------- C:\WINDOWS\system32\rdpwsx.dll
2007-04-02 01:44 74,240 --------- C:\WINDOWS\system32\rtcshare.exe
2007-04-02 01:44 71,168 --------- C:\WINDOWS\system32\sdbinst.exe
2007-04-02 01:44 686,080 --------- C:\WINDOWS\system32\opengl32.dll
2007-04-02 01:44 6,144 --a------ C:\WINDOWS\system32\sensapi.dll
2007-04-02 01:44 58,880 --------- C:\WINDOWS\system32\pautoenr.dll
2007-04-02 01:44 57,856 --a------ C:\WINDOWS\system32\raschap.dll
2007-04-02 01:44 56,320 --------- C:\WINDOWS\system32\remotepg.dll
2007-04-02 01:44 548,864 --------- C:\WINDOWS\system32\rtcdll.dll
2007-04-02 01:44 530,432 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-04-02 01:44 53,248 --------- C:\WINDOWS\system32\packager.exe
2007-04-02 01:44 52,224 --a------ C:\WINDOWS\system32\secur32.dll
2007-04-02 01:44 511,488 --------- C:\WINDOWS\system32\qedit.dll
2007-04-02 01:44 48,128 --------- C:\WINDOWS\system32\reg.exe
2007-04-02 01:44 44,032 --a------ C:\WINDOWS\system32\regapi.dll
2007-04-02 01:44 44,032 --------- C:\WINDOWS\system32\rdpclip.exe
2007-04-02 01:44 36,352 --a------ C:\WINDOWS\system32\sens.dll
2007-04-02 01:44 357,376 --------- C:\WINDOWS\system32\qdvd.dll
2007-04-02 01:44 34,304 --------- C:\WINDOWS\system32\rcimlby.exe
2007-04-02 01:44 31,744 --------- C:\WINDOWS\system32\pid.dll
2007-04-02 01:44 3,338 --------- C:\WINDOWS\system32\redir.exe
2007-04-02 01:44 297,984 --a------ C:\WINDOWS\system32\scesrv.dll
2007-04-02 01:44 260,608 --a------ C:\WINDOWS\system32\rpcss.dll
2007-04-02 01:44 254,976 --------- C:\WINDOWS\system32\pdh.dll
2007-04-02 01:44 221,696 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-02 01:44 212,480 --------- C:\WINDOWS\system32\osk.exe
2007-04-02 01:44 20,992 --------- C:\WINDOWS\system32\setup.exe
2007-04-02 01:44 193,536 --------- C:\WINDOWS\system32\rasppp.dll
2007-04-02 01:44 184,832 --------- C:\WINDOWS\system32\qcap.dll
2007-04-02 01:44 174,592 --a------ C:\WINDOWS\system32\scecli.dll
2007-04-02 01:44 171,008 --------- C:\WINDOWS\system32\sccsccp.dll
2007-04-02 01:44 17,408 --a------ C:\WINDOWS\system32\psapi.dll
2007-04-02 01:44 17,408 --------- C:\WINDOWS\system32\qmgrprxy.dll
2007-04-02 01:44 169,984 --------- C:\WINDOWS\system32\sccbase.dll
2007-04-02 01:44 16,384 --------- C:\WINDOWS\system32\ping.exe
2007-04-02 01:44 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-02 01:44 14,848 --------- C:\WINDOWS\system32\rdpsnd.dll
2007-04-02 01:44 135,680 --------- C:\WINDOWS\system32\rdchost.dll
2007-04-02 01:44 134,144 --------- C:\WINDOWS\regedit.exe
2007-04-02 01:44 133,632 --a------ C:\WINDOWS\system32\rsaenh.dll
2007-04-02 01:44 13,824 --------- C:\WINDOWS\system32\rassapi.dll
2007-04-02 01:44 12,800 --------- C:\WINDOWS\system32\runonce.exe
2007-04-02 01:44 12,288 --------- C:\WINDOWS\system32\rdsaddin.exe
2007-04-02 01:44 1,349,120 --------- C:\WINDOWS\system32\query.dll
2007-04-02 01:44 1,169,920 --a------ C:\WINDOWS\system32\ole32.dll
2007-04-02 01:44 1,142,784 --------- C:\WINDOWS\system32\quartz.dll
2007-04-02 01:43 94,208 --------- C:\WINDOWS\system32\odbccp32.dll
2007-04-02 01:43 891,711 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-02 01:43 61,440 --------- C:\WINDOWS\system32\odbccu32.dll
2007-04-02 01:43 61,440 --------- C:\WINDOWS\system32\odbccr32.dll
2007-04-02 01:43 53,248 --------- C:\WINDOWS\system32\odbcconf.exe
2007-04-02 01:43 328,704 --a------ C:\WINDOWS\system32\oakley.dll
2007-04-02 01:43 32,768 --------- C:\WINDOWS\system32\odbcad32.exe
2007-04-02 01:43 3,494,303 --------- C:\WINDOWS\system32\nv4_disp.dll
2007-04-02 01:43 24,576 --------- C:\WINDOWS\system32\odbcbcp.dll
2007-04-02 01:43 200,704 --a------ C:\WINDOWS\system32\odbc32.dll
2007-04-02 01:43 16,384 --------- C:\WINDOWS\system32\odbc32gt.dll
2007-04-02 01:43 147,456 --------- C:\WINDOWS\system32\odbctrac.dll
2007-04-02 01:43 122,880 --------- C:\WINDOWS\system32\odbcconf.dll
2007-04-02 01:43 12,288 --------- C:\WINDOWS\system32\odbcp32r.dll
2007-04-02 01:43 109,568 --------- C:\WINDOWS\system32\offfilt.dll
2007-04-02 01:42 95,744 --------- C:\WINDOWS\system32\nlhtml.dll
2007-04-02 01:42 49,152 --------- C:\WINDOWS\system32\npptools.dll
2007-04-02 01:42 392,704 --------- C:\WINDOWS\system32\ntmssvc.dll
2007-04-02 01:42 38,400 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-04-02 01:42 38,400 --------- C:\WINDOWS\system32\ntmsapi.dll
2007-04-02 01:42 33,808 --------- C:\WINDOWS\system32\ntio.sys
2007-04-02 01:42 24,576 --------- C:\WINDOWS\system32\nmmkcert.dll
2007-04-02 01:42 238,080 --a------ C:\WINDOWS\system32\newdev.dll
2007-04-02 01:42 187,904 --------- C:\WINDOWS\system32\xpsp1res.dll
2007-04-02 01:42 165,888 --------- C:\WINDOWS\system32\ntmsdba.dll
2007-04-02 01:42 137,216 --a------ C:\WINDOWS\system32\ntshrui.dll
2007-04-02 01:42 112,128 --a------ C:\WINDOWS\system32\ntmarta.dll
2007-04-02 01:42 1,677,312 --------- C:\WINDOWS\system32\wmvcore2.dll
2007-04-02 01:41 403,456 --------- C:\WINDOWS\system32\winbrand.dll
2007-04-02 01:41 310,272 --------- C:\WINDOWS\system32\winhttp.dll
2007-04-02 01:41 13,056 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-04-02 01:40 6,912 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-04-02 01:40 3,584 --------- C:\WINDOWS\system32\dsprpres.dll
2007-04-02 01:40 218,112 --------- C:\WINDOWS\system32\sbe.dll
2007-04-02 01:40 18,944 --------- C:\WINDOWS\system32\faxpatch.exe
2007-04-02 01:40 172,032 --------- C:\WINDOWS\system32\mssap.dll
2007-04-02 01:40 155,648 --------- C:\WINDOWS\system32\encdec.dll
2007-04-02 01:40 12,288 --------- C:\WINDOWS\system32\encapi.dll
2007-04-02 01:40 110,080 --------- C:\WINDOWS\system32\sbeio.dll
2007-04-02 01:40 11,904 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-04-02 01:39 921,475 --------- C:\WINDOWS\system32\ati3d2ag.dll
2007-04-02 01:39 844,675 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-04-02 01:39 63,663 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-02 01:39 56,591 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-04-02 01:39 450,176 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-02 01:39 36,463 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-02 01:39 34,735 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-02 01:39 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-04-02 01:39 30,671 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-02 01:39 29,455 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-04-02 01:39 26,367 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-04-02 01:39 21,343 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-04-02 01:39 12,047 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-04-02 01:39 11,615 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-02 01:38 857,600 --------- C:\WINDOWS\system32\netplwiz.dll
2007-04-02 01:38 584,192 --a------ C:\WINDOWS\system32\netcfgx.dll
2007-04-02 01:38 42,496 --a------ C:\WINDOWS\system32\ncobjapi.dll
2007-04-02 01:38 399,360 --a------ C:\WINDOWS\system32\netlogon.dll
2007-04-02 01:38 39,424 --------- C:\WINDOWS\system32\net.exe
2007-04-02 01:38 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-04-02 01:38 326,656 --------- C:\WINDOWS\system32\netsetup.exe
2007-04-02 01:38 202,496 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-04-02 01:38 16,384 --------- C:\WINDOWS\system32\nddenb32.dll
2007-04-02 01:38 154,112 --a------ C:\WINDOWS\system32\netman.dll
2007-04-02 01:38 115,200 --------- C:\WINDOWS\system32\net1.exe
2007-04-02 01:38 105,984 --------- C:\WINDOWS\system32\netdde.exe
2007-04-02 01:38 1,622,528 --a------ C:\WINDOWS\system32\netshell.dll
2007-04-02 01:38 1,122,304 --a------ C:\WINDOWS\system32\msxml3.dll
2007-04-02 01:37 9,728 --------- C:\WINDOWS\system32\mstinit.exe
2007-04-02 01:37 79,872 --a------ C:\WINDOWS\system32\ztjvu.dll
2007-04-02 01:37 699,392 --------- C:\WINDOWS\system32\msxml2.dll
2007-04-02 01:37 598,016 --------- C:\WINDOWS\system32\mstscax.dll
2007-04-02 01:37 552,991 --------- C:\WINDOWS\system32\msrepl40.dll
2007-04-02 01:37 401,462 --a------ C:\WINDOWS\system32\msvcp60.dll
2007-04-02 01:37 388,608 --------- C:\WINDOWS\system32\mstsc.exe
2007-04-02 01:37 344,095 --------- C:\WINDOWS\system32\msxbde40.dll
2007-04-02 01:37 323,072 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-04-02 01:37 253,983 --------- C:\WINDOWS\system32\mstext40.dll
2007-04-02 01:37 250,368 --------- C:\WINDOWS\system32\mstask.dll
2007-04-02 01:37 241,725 --------- C:\WINDOWS\system32\msuni11.dll
2007-04-02 01:37 192,512 --------- C:\WINDOWS\system32\mswebdvd.dll
2007-04-02 01:37 182,784 --a------ C:\WINDOWS\system32\msutb.dll
2007-04-02 01:37 113,664 --a------ C:\WINDOWS\system32\msvfw32.dll
2007-04-02 01:37 10,240 --------- C:\WINDOWS\system32\msrle32.dll
2007-04-02 01:37 1,220,608 --------- C:\WINDOWS\system32\msvidctl.dll
2007-04-02 01:36 81,408 --------- C:\WINDOWS\system32\msoert2.dll
2007-04-02 01:36 421,919 --------- C:\WINDOWS\system32\msrd2x40.dll
2007-04-02 01:36 348,191 --------- C:\WINDOWS\system32\mspbde40.dll
2007-04-02 01:36 339,968 --------- C:\WINDOWS\system32\mspaint.exe
2007-04-02 01:36 319,760 --------- C:\WINDOWS\system32\msnsspc.dll
2007-04-02 01:36 228,864 --------- C:\WINDOWS\system32\msoeacct.dll
2007-04-02 01:36 131,072 --------- C:\WINDOWS\system32\msorcl32.dll
2007-04-02 01:35 56,320 --------- C:\WINDOWS\system32\mshtmler.dll
2007-04-02 01:35 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2007-04-02 01:35 368,710 --------- C:\WINDOWS\system32\msisam11.dll
2007-04-02 01:35 348,195 --------- C:\WINDOWS\system32\msjetoledb40.dll
2007-04-02 01:35 241,695 --------- C:\WINDOWS\system32\msjtes40.dll
2007-04-02 01:35 229,888 --------- C:\WINDOWS\system32\msieftp.dll
2007-04-02 01:35 22,528 --------- C:\WINDOWS\system32\mslbui.dll
2007-04-02 01:35 213,023 --------- C:\WINDOWS\system32\msltus40.dll
2007-04-02 01:35 143,872 --a------ C:\WINDOWS\system32\msimtf.dll
2007-04-02 01:35 1,503,262 --------- C:\WINDOWS\system32\msjet40.dll
2007-04-02 01:34 68,096 --------- C:\WINDOWS\system32\mscms.dll
2007-04-02 01:34 67,584 --------- C:\WINDOWS\system32\msctfp.dll
2007-04-02 01:34 65,536 --------- C:\WINDOWS\system32\msconf.dll
2007-04-02 01:34 512,031 --------- C:\WINDOWS\system32\msexch40.dll
2007-04-02 01:34 504,320 --------- C:\WINDOWS\system32\logonui.exe
2007-04-02 01:34 4,126 --------- C:\WINDOWS\system32\msdxmlc.dll
2007-04-02 01:34 359,936 --------- C:\WINDOWS\system32\msdtcprx.dll
2007-04-02 01:34 32,256 --------- C:\WINDOWS\system32\mnmdd.dll
2007-04-02 01:34 319,519 --------- C:\WINDOWS\system32\msexcl40.dll
2007-04-02 01:34 266,752 --a------ C:\WINDOWS\system32\msctf.dll
2007-04-02 01:34 233,472 --------- C:\WINDOWS\system32\mpg4dmod.dll
2007-04-02 01:34 219,648 --------- C:\WINDOWS\system32\logon.scr
2007-04-02 01:34 210,944 --------- C:\WINDOWS\system32\moricons.dll
2007-04-02 01:34 196,096 --------- C:\WINDOWS\system32\mobsync.dll
2007-04-02 01:34 163,840 --------- C:\WINDOWS\system32\mindex.dll
2007-04-02 01:34 126,976 --------- C:\WINDOWS\system32\msdart.dll
2007-04-02 01:34 12,288 --------- C:\WINDOWS\system32\mscpx32r.dll
2007-04-02 01:34 116,736 --------- C:\WINDOWS\system32\mplay32.exe
2007-04-02 01:34 10,240 --------- C:\WINDOWS\system32\localui.dll
2007-04-02 01:34 1,128,960 --------- C:\WINDOWS\system32\mmcndmgr.dll
2007-04-02 01:33 72,192 --a------ C:\WINDOWS\system32\uniime.dll
2007-04-02 01:33 57,856 --------- C:\WINDOWS\system32\licwmi.dll
2007-04-02 01:33 381,440 --------- C:\WINDOWS\system32\lmrt.dll
2007-04-02 01:33 19,456 --------- C:\WINDOWS\system32\licmgr10.dll
2007-04-02 01:27 91,648 --------- C:\WINDOWS\system32\iuctl.dll
2007-04-02 01:27 827,438 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-04-02 01:27 7,040 --------- C:\WINDOWS\system32\kd1394.dll
2007-04-02 01:27 49,664 --------- C:\WINDOWS\system32\ixsso.dll
2007-04-02 01:27 42,537 --------- C:\WINDOWS\system32\keyboard.sys
2007-04-02 01:27 272,896 --a------ C:\WINDOWS\system32\kerberos.dll
2007-04-02 01:27 166,912 --------- C:\WINDOWS\system32\iuengine.dll
2007-04-02 01:27 122,368 --------- C:\WINDOWS\system32\itss.dll
2007-04-02 01:26 73,728 --------- C:\WINDOWS\system32\tlntsess.exe
2007-04-02 01:26 7,168 --------- C:\WINDOWS\system32\tlntsvrp.dll
2007-04-02 01:26 67,584 --------- C:\WINDOWS\system32\tlntsvr.exe
2007-04-02 01:26 60,928 --------- C:\WINDOWS\system32\ipv6.exe
2007-04-02 01:26 57,856 --------- C:\WINDOWS\system32\tlntadmn.exe
2007-04-02 01:26 545,792 --------- C:\WINDOWS\system32\wsecedit.dll
2007-04-02 01:26 51,712 --------- C:\WINDOWS\system32\ipconfig.exe
2007-04-02 01:26 435,200 --------- C:\WINDOWS\system32\ipnathlp.dll
2007-04-02 01:26 318,464 --------- C:\WINDOWS\system32\ippromon.dll
2007-04-02 01:26 231,936 --------- C:\WINDOWS\system32\tracerpt.exe
2007-04-02 01:26 155,648 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-04-02 01:26 143,872 --------- C:\WINDOWS\system32\itircl.dll
2007-04-02 01:26 134,144 --------- C:\WINDOWS\system32\ipv6mon.dll
2007-04-02 01:24 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-02 01:24 89,088 --------- C:\WINDOWS\system32\mqsec.dll
2007-04-02 01:24 73,728 --------- C:\WINDOWS\system32\ils.dll
2007-04-02 01:24 67,584 --------- C:\WINDOWS\system32\fdeploy.dll
2007-04-02 01:24 67,200 --------- C:\WINDOWS\system32\drivers\mqac.sys
2007-04-02 01:24 613,888 --------- C:\WINDOWS\system32\mqqm.dll
2007-04-02 01:24 59,392 --------- C:\WINDOWS\system32\iesetup.dll
2007-04-02 01:24 587,776 --------- C:\WINDOWS\system32\inetcomm.dll
2007-04-02 01:24 57,344 --------- C:\WINDOWS\system32\nwwks.dll
2007-04-02 01:24 478,720 --------- C:\WINDOWS\system32\mqsnap.dll
2007-04-02 01:24 469,504 --------- C:\WINDOWS\system32\mqutil.dll
2007-04-02 01:24 37,888 --------- C:\WINDOWS\system32\hhsetup.dll
2007-04-02 01:24 36,922 --------- C:\WINDOWS\system32\imeshare.dll
2007-04-02 01:24 30,208 --------- C:\WINDOWS\system32\imgutil.dll
2007-04-02 01:24 29,696 --------- C:\WINDOWS\system32\asr_pfu.exe
2007-04-02 01:24 28,160 --------- C:\WINDOWS\system32\pidgen.dll
2007-04-02 01:24 277,504 --------- C:\WINDOWS\system32\appmgr.dll
2007-04-02 01:24 240,640 --a------ C:\WINDOWS\system32\hnetcfg.dll
2007-04-02 01:24 236,032 --------- C:\WINDOWS\system32\icm32.dll
2007-04-02 01:24 183,296 --------- C:\WINDOWS\system32\gptext.dll
2007-04-02 01:24 17,792 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-04-02 01:24 164,864 --------- C:\WINDOWS\system32\mqrt.dll
2007-04-02 01:24 164,352 --------- C:\WINDOWS\system32\mqtrig.dll
2007-04-02 01:24 156,672 --a------ C:\WINDOWS\system32\appmgmts.dll
2007-04-02 01:24 156,544 --------- C:\WINDOWS\system32\drivers\nwrdr.sys
2007-04-02 01:24 14,848 --------- C:\WINDOWS\system32\mqise.dll
2007-04-02 01:24 130,048 --------- C:\WINDOWS\system32\mqad.dll
2007-04-02 01:24 123,904 --------- C:\WINDOWS\system32\imapi.exe
2007-04-02 01:24 115,200 --------- C:\WINDOWS\system32\dpcdll.dll
2007-04-02 01:24 114,176 --------- C:\WINDOWS\system32\input.dll
2007-04-02 01:24 113,664 --------- C:\WINDOWS\system32\schtasks.exe
2007-04-02 01:24 113,152 --------- C:\WINDOWS\system32\idq.dll
2007-04-02 01:24 113,152 --------- C:\WINDOWS\system32\gpresult.exe
2007-04-02 01:24 103,936 --a------ C:\WINDOWS\system32\imm32.dll
2007-04-02 01:24 103,936 --------- C:\WINDOWS\system32\rsnotify.exe
2007-04-02 01:24 10,752 --------- C:\WINDOWS\system32\spiisupd.exe
2007-04-02 01:24 10,752 --------- C:\WINDOWS\hh.exe
2007-04-02 01:23 8,832 --------- C:\WINDOWS\system32\framebuf.dll
2007-04-02 01:21 98,816 --------- C:\WINDOWS\system32\clipbrd.exe
2007-04-02 01:21 94,720 --------- C:\WINDOWS\system32\dmusic.dll
2007-04-02 01:21 9,216 --------- C:\WINDOWS\system32\dumprep.exe
2007-04-02 01:21 82,432 --------- C:\WINDOWS\system32\fldrclnr.dll
2007-04-02 01:21 802,304 --------- C:\WINDOWS\system32\dxmrtp.dll
2007-04-02 01:21 8,192 --------- C:\WINDOWS\system32\autolfn.exe
2007-04-02 01:21 786,432 --------- C:\WINDOWS\system32\dxdiag.exe
2007-04-02 01:21 77,312 --------- C:\WINDOWS\system32\dmscript.dll
2007-04-02 01:21 76,288 --a------ C:\WINDOWS\system32\avifil32.dll
2007-04-02 01:21 76,288 --------- C:\WINDOWS\system32\dfrgfat.exe
2007-04-02 01:21 74,810 --a------ C:\WINDOWS\system32\atl.dll
2007-04-02 01:21 71,680 --------- C:\WINDOWS\system32\browsewm.dll
2007-04-02 01:21 70,656 --------- C:\WINDOWS\system32\defrag.exe
2007-04-02 01:21 70,144 --------- C:\WINDOWS\system32\cryptdlg.dll
2007-04-02 01:21 66,560 --------- C:\WINDOWS\system32\faultrep.dll
2007-04-02 01:21 64,512 --------- C:\WINDOWS\system32\ciodm.dll
2007-04-02 01:21 62,976 --a------ C:\WINDOWS\system32\browselc.dll
2007-04-02 01:21 61,440 --------- C:\WINDOWS\system32\dbnetlib.dll
2007-04-02 01:21 6,656 --------- C:\WINDOWS\system32\batt.dll
2007-04-02 01:21 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2007-04-02 01:21 582,656 --------- C:\WINDOWS\system32\catsrvut.dll
2007-04-02 01:21 58,368 --------- C:\WINDOWS\system32\dpvsetup.exe
2007-04-02 01:21 57,344 --------- C:\WINDOWS\system32\dmcompos.dll
2007-04-02 01:21 56,320 --------- C:\WINDOWS\system32\dpnhupnp.dll
2007-04-02 01:21 557,568 --a------ C:\WINDOWS\system32\crypt32.dll
2007-04-02 01:21 55,296 --------- C:\WINDOWS\system32\digest.dll
2007-04-02 01:21 54,272 --a------ C:\WINDOWS\system32\clusapi.dll
2007-04-02 01:21 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-04-02 01:21 498,205 --------- C:\WINDOWS\system32\dxmasf.dll
2007-04-02 01:21 49,664 --------- C:\WINDOWS\system32\dpwsockx.dll
2007-04-02 01:21 49,152 --a------ C:\WINDOWS\system32\eventlog.dll
2007-04-02 01:21 49,152 --a------ C:\WINDOWS\system32\browser.dll
2007-04-02 01:21 489,984 --a------ C:\WINDOWS\system32\dbghelp.dll
2007-04-02 01:21 471,040 --a------ C:\WINDOWS\system32\cryptui.dll
2007-04-02 01:21 45,568 --------- C:\WINDOWS\system32\docprop2.dll
2007-04-02 01:21 41,472 --------- C:\WINDOWS\system32\cmdl32.exe
2007-04-02 01:21 380,445 --------- C:\WINDOWS\system32\expsrv.dll
2007-04-02 01:21 38,912 --a------ C:\WINDOWS\system32\audiosrv.dll
2007-04-02 01:21 35,328 --------- C:\WINDOWS\system32\dfrgsnap.dll
2007-04-02 01:21 324,608 --------- C:\WINDOWS\system32\cmdial32.dll
2007-04-02 01:21 32,768 --------- C:\WINDOWS\system32\cfgbkend.dll
2007-04-02 01:21 31,744 --------- C:\WINDOWS\system32\dmloader.dll
2007-04-02 01:21 307,712 --a------ C:\WINDOWS\system32\cscui.dll
2007-04-02 01:21 29,696 --------- C:\WINDOWS\system32\dpnhpast.dll
2007-04-02 01:21 28,672 --------- C:\WINDOWS\system32\dbnmpntw.dll
2007-04-02 01:21 263,680 --------- C:\WINDOWS\system32\duser.dll
2007-04-02 01:21 263,168 --------- C:\WINDOWS\system32\devmgr.dll
2007-04-02 01:21 26,112 --------- C:\WINDOWS\system32\dmband.dll
2007-04-02 01:21 253,440 --------- C:\WINDOWS\system32\ddraw.dll
2007-04-02 01:21 25,600 --------- C:\WINDOWS\system32\dfsshlex.dll
2007-04-02 01:21 24,576 --a------ C:\WINDOWS\system32\conime.exe
2007-04-02 01:21 24,576 --------- C:\WINDOWS\system32\dbmsvinn.dll
2007-04-02 01:21 24,576 --------- C:\WINDOWS\system32\dbmsrpcn.dll
2007-04-02 01:21 238,592 --------- C:\WINDOWS\system32\compatui.dll
2007-04-02 01:21 227,840 --------- C:\WINDOWS\system32\dsquery.dll
2007-04-02 01:21 225,280 --a------ C:\WINDOWS\system32\es.dll
2007-04-02 01:21 206,336 --------- C:\WINDOWS\system32\dpvoice.dll
2007-04-02 01:21 20,480 --------- C:\WINDOWS\system32\dbmsadsn.dll
2007-04-02 01:21 19,456 --a------ C:\WINDOWS\system32\ersvc.dll
2007-04-02 01:21 19,456 --------- C:\WINDOWS\system32\fontview.exe
2007-04-02 01:21 186,880 --a------ C:\WINDOWS\system32\certcli.dll
2007-04-02 01:21 180,224 --------- C:\WINDOWS\system32\dwwin.exe
2007-04-02 01:21 178,688 --------- C:\WINDOWS\system32\eudcedit.exe
2007-04-02 01:21 172,544 --------- C:\WINDOWS\system32\dmime.dll
2007-04-02 01:21 168,960 --------- C:\WINDOWS\system32\dinput8.dll
2007-04-02 01:21 165,376 --------- C:\WINDOWS\system32\els.dll
2007-04-02 01:21 16,384 --------- C:\WINDOWS\system32\ds32gt.dll
2007-04-02 01:21 158,720 --a------ C:\WINDOWS\system32\credui.dll
2007-04-02 01:21 156,672 --------- C:\WINDOWS\system32\dpnet.dll
2007-04-02 01:21 151,552 --------- C:\WINDOWS\system32\dinput.dll
2007-04-02 01:21 14,848 --------- C:\WINDOWS\system32\cdm.dll
2007-04-02 01:21 135,680 --------- C:\WINDOWS\system32\dsprop.dll
2007-04-02 01:21 13,312 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-04-02 01:21 124,928 --a------ C:\WINDOWS\system32\dssenh.dll
2007-04-02 01:21 113,152 --------- C:\WINDOWS\system32\dfrgui.dll
2007-04-02 01:21 110,080 --------- C:\WINDOWS\system32\dmstyle.dll
2007-04-02 01:21 103,424 --------- C:\WINDOWS\system32\dgnet.dll
2007-04-02 01:21 1,740 --------- C:\WINDOWS\system32\dcache.bin
2007-04-02 01:21 1,180,672 --------- C:\WINDOWS\system32\d3d8.dll
2007-04-02 01:21 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-02 01:21 1,004,032 --a------ C:\WINDOWS\explorer.exe
2007-04-02 01:19 91,648 --------- C:\WINDOWS\system32\ahui.exe
2007-04-02 01:19 62,464 --------- C:\WINDOWS\system32\adsmsext.dll
2007-04-02 01:19 59,392 --------- C:\WINDOWS\system32\6to4svc.dll
2007-04-02 01:19 41,984 --------- C:\WINDOWS\system32\alg.exe
2007-04-02 01:19 32,512 --------- C:\WINDOWS\system32\drivers\amdk7.sys
2007-04-02 01:19 239,616 --------- C:\WINDOWS\system32\adsnt.dll
2007-04-02 01:19 22,528 --------- C:\WINDOWS\system32\at.exe
2007-04-02 01:19 162,816 --------- C:\WINDOWS\system32\adsldp.dll
2007-04-02 01:19 14,366 --------- C:\WINDOWS\system32\asfsipc.dll
2007-04-02 01:19 139,776 --a------ C:\WINDOWS\system32\adsldpc.dll
2007-04-02 01:19 115,712 --a------ C:\WINDOWS\system32\apphelp.dll
2007-04-01 21:25 <DIR> d-------- C:\Program Files\Ahead
2007-04-01 21:24 <DIR> d--hs---- C:\RECYCLER
2007-04-01 20:59 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-01 20:59 44,416 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-04-01 20:59 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-01 20:59 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-01 20:59 131,712 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-04-01 20:59 <DIR> d-------- C:\Program Files\InterVideo
2007-04-01 20:58 87,648 --a------ C:\WINDOWS\system32\drivers\ialmsbw.sys
2007-04-01 20:58 86,912 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2007-04-01 20:58 86,016 --a------ C:\WINDOWS\system32\igfxdo.dll
2007-04-01 20:58 77,181 --a------ C:\WINDOWS\system32\drivers\ialmnt5.sys
2007-04-01 20:58 74,814 --a------ C:\WINDOWS\system32\ialmdnt5.dll
2007-04-01 20:58 69,472 --a------ C:\WINDOWS\system32\drivers\ialmkchw.sys
2007-04-01 20:58 67,072 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-01 20:58 61,440 --a------ C:\WINDOWS\system32\iAlmCoIn_0.dll
2007-04-01 20:58 524,868 --a------ C:\WINDOWS\system32\ialmdd5.dll
2007-04-01 20:58 524,288 --a------ C:\WINDOWS\system32\igfxress.dll
2007-04-01 20:58 5,120 --a------ C:\WINDOWS\system32\drivers\hccoin.dll
2007-04-01 20:58 49,152 --a------ C:\WINDOWS\system32\ialmrem.dll
2007-04-01 20:58 475,136 --a------ C:\WINDOWS\system32\igfxcfg.exe
2007-04-01 20:58 41,529 --a------ C:\WINDOWS\system32\drivers\wa310b.sys
2007-04-01 20:58 41,529 --a------ C:\WINDOWS\system32\drivers\wa310a.sys
2007-04-01 20:58 35,840 --a------ C:\WINDOWS\system32\drivers\isapnp.sys
2007-04-01 20:58 3,328 --a------ C:\WINDOWS\system32\drivers\pciide.sys
2007-04-01 20:58 294,912 --a------ C:\WINDOWS\system32\igfxsrvc.dll
2007-04-01 20:58 28,672 --a------ C:\WINDOWS\system32\igfxdgps.dll
2007-04-01 20:58 28,672 --a------ C:\WINDOWS\system32\ialmrnt5.dll
2007-04-01 20:58 262,144 --------- C:\WINDOWS\system32\shpshftr.dll
2007-04-01 20:58 26,681 --a------ C:\WINDOWS\system32\drivers\wa301b.sys
2007-04-01 20:58 26,681 --a------ C:\WINDOWS\system32\drivers\wa301a.sys
2007-04-01 20:58 26,169 --a------ C:\WINDOWS\system32\drivers\a303.sys
2007-04-01 20:58 25,657 --a------ C:\WINDOWS\system32\drivers\a304.sys
2007-04-01 20:58 23,680 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2007-04-01 20:58 23,609 --a------ C:\WINDOWS\system32\drivers\a309.sys
2007-04-01 20:58 221,184 --a------ C:\WINDOWS\system32\igfxeud.dll
2007-04-01 20:58 200,704 --a------ C:\WINDOWS\system32\igfxpph.dll
2007-04-01 20:58 19,513 --a------ C:\WINDOWS\system32\drivers\a307.sys
2007-04-01 20:58 19,328 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2007-04-01 20:58 18,487 --a------ C:\WINDOWS\system32\drivers\vch.sys
2007-04-01 20:58 163,901 --a------ C:\WINDOWS\system32\ialmdev5.dll
2007-04-01 20:58 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe
2007-04-01 20:58 151,552 --a------ C:\WINDOWS\system32\igfxdiag.exe
2007-04-01 20:58 147,456 --a------ C:\WINDOWS\system32\ialmgdev.dll
2007-04-01 20:58 139,264 --a------ C:\WINDOWS\system32\igfxdev.dll
2007-04-01 20:58 13,881 --a------ C:\WINDOWS\system32\drivers\a306.sys
2007-04-01 20:58 114,688 --a------ C:\WINDOWS\system32\hccutils.dll
2007-04-01 20:58 110,592 --a------ C:\WINDOWS\system32\igfxhk.dll
2007-04-01 20:58 11,321 --a------ C:\WINDOWS\system32\drivers\a305.sys
2007-04-01 20:58 106,496 --a------ C:\WINDOWS\system32\hkcmd.exe
2007-04-01 20:58 10,297 --a------ C:\WINDOWS\system32\drivers\a308.sys
2007-04-01 20:58 10,297 --a------ C:\WINDOWS\system32\drivers\a302.sys
2007-04-01 20:58 1,785,856 --a------ C:\WINDOWS\system32\ialmgicd.dll
2007-04-01 20:58 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-01 20:58 <DIR> d-------- C:\WINDOWS\Drivers
2007-04-01 20:58 <DIR> d-------- C:\Program Files\Intel
2007-04-01 20:58 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-01 20:57 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-01 20:41 945,424 --a------ C:\WINDOWS\system32\msjava.dll
2007-04-01 20:41 63,248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-04-01 20:41 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-04-01 20:41 49,424 --a------ C:\WINDOWS\system32\clspack.exe
2007-04-01 20:41 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-04-01 20:41 404,752 --a------ C:\WINDOWS\system32\javart.dll
2007-04-01 20:41 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-04-01 20:41 286,992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-04-01 20:41 21,264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-04-01 20:41 187,152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-04-01 20:41 172,304 --a------ C:\WINDOWS\system32\jview.exe
2007-04-01 20:41 171,792 --a------ C:\WINDOWS\system32\wjview.exe
2007-04-01 20:41 171,280 --a------ C:\WINDOWS\system32\jit.dll
2007-04-01 20:41 154,896 --a------ C:\WINDOWS\system32\msawt.dll
2007-04-01 20:41 15,120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-04-01 20:41 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-04-01 20:41 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-04-01 20:41 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-04-01 20:40 2,359,296 --ah----- C:\DOCUME~1\J578B~1.P_Y\NTUSER.DAT
2007-04-01 20:39 262,144 --a------ C:\DOCUME~1\ALLUSE~1\NTUSER.DAT
2007-04-01 19:20 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-01 19:20 <DIR> d-------- C:\Program Files\Magnus Brading Software
2007-04-01 19:17 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-01 17:17 845,312 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-01 17:17 719,872 --a------ C:\WINDOWS\system32\devil.dll
2007-04-01 17:17 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-01 17:17 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2007-04-01 17:17 66,560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-01 17:17 502,784 --a------ C:\WINDOWS\x2.64.exe
2007-04-01 17:17 306,688 --a------ C:\WINDOWS\system32\avisynth.dll
2007-04-01 17:17 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-01 17:17 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2007-04-01 17:17 217,073 --a------ C:\WINDOWS\meta4.exe
2007-04-01 17:17 163,328 -r-hs---- C:\WINDOWS\system32\flvDX.dll
2007-04-01 17:17 <DIR> d--hs---- C:\WINDOWS\system32\ShellDHCP
2007-04-01 17:17 <DIR> d-------- C:\Program Files\eRightSoft
2007-04-01 17:17 <DIR> d-------- C:\Program Files\AviSynth 2.5
2007-04-01 17:16 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-04-01 17:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
2007-04-01 17:02 495,104 --a------ C:\WINDOWS\system32\mp3tsshx.dll
2007-04-01 16:58 <DIR> d-------- C:\Program Files\SmartFTP Client Setup Files
2007-04-01 16:58 <DIR> d-------- C:\Program Files\SmartFTP
2007-04-01 16:57 <DIR> d-------- C:\Program Files\MSN Messenger
2007-04-01 16:52 <DIR> d-------- C:\Program Files\OpenOffice.org 2.0
2007-04-01 16:48 <DIR> d-------- C:\Program Files\Movie Splitter
2007-04-01 16:43 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-04-01 16:38 46,080 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-01 16:38 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-01 16:38 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-01 16:36 <DIR> d-------- C:\Program Files\Winamp
2007-04-01 16:36 <DIR> d-------- C:\Program Files\Monkey's Audio
2007-04-01 16:34 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Media Player Classic
2007-04-01 16:21 <DIR> d-------- C:\Program Files\eMule
2007-04-01 16:19 <DIR> d-------- C:\Program Files\Magnus Brading
2007-04-01 16:11 <DIR> d-------- C:\Program Files\MP3Gain
2007-04-01 16:08 <DIR> d-------- C:\Program Files\mIRC
2007-04-01 16:07 <DIR> d-------- C:\Program Files\GuerillaSoft
2007-04-01 16:06 <DIR> d-------- C:\Program Files\GoldWave
2007-04-01 16:06 <DIR> d-------- C:\DOCUME~1\J578B~1.P_Y\APPLIC~1\Help
2007-04-01 16:05 <DIR> d-------- C:\Program Files\hkSFV
2007-04-01 00:29 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-04-01 00:29 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-04-01 00:29 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-04-01 00:29 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-04-01 00:29 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-04-01 00:29 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-04-01 00:29 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-04-01 00:29 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-04-01 00:29 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-04-01 00:29 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-04-01 00:29 6,144 --a------ C:\WINDOWS\system32\ftlx041e.dll
2007-04-01 00:29 5,632 --a------ C:\WINDOWS\system32\kbdusa.dll
2007-04-01 00:29 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-04-01 00:29 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-04-01 00:29 185,344 --a------ C:\WINDOWS\system32\Thawbrkr.dll
2007-04-01 00:29 10,752 --a------ C:\WINDOWS\system32\c_iscii.dll
2007-04-01 00:29 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-04-01 00:28 9,856 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-04-01 00:28 56,576 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-01 00:28 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2007-04-01 00:25 123,984 --a------ C:\WINDOWS\system32\drivers\STAC97.sys
2007-04-01 00:14 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-01 00:13 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Online Services
2007-04-01 00:13 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Messenger
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-01 00:13 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-01 00:12 882 --------- C:\WINDOWS\system32\share.exe
2007-04-01 00:12 741 --------- C:\WINDOWS\system32\noise.dat
2007-04-01 00:12 668,672 --------- C:\WINDOWS\system32\ntdll.dll
2007-04-01 00:12 4,511 --------- C:\WINDOWS\system32\oembios.dat
2007-04-01 00:12 36,864 --------- C:\WINDOWS\system32\ntsdexts.dll
2007-04-01 00:12 31,744 --------- C:\WINDOWS\system32\ntsd.exe
2007-04-01 00:12 13,107,200 --------- C:\WINDOWS\system32\oembios.bin
2007-04-01 00:12 1,161 --------- C:\WINDOWS\system32\usrlogon.cmd
2007-04-01 00:12 1,129 --------- C:\WINDOWS\system32\vwipxspx.exe
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-01 00:12 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-01 00:11 882 --------- C:\WINDOWS\system32\fastopen.exe
2007-04-01 00:11 847,872 --------- C:\WINDOWS\system32\dbgeng.dll
2007-04-01 00:11 817 --------- C:\WINDOWS\system32\mscdexnt.exe
2007-04-01 00:11 79,744 --------- C:\WINDOWS\system32\drivers\ksecdd.sys
2007-04-01 00:11 7,168 --------- C:\WINDOWS\system32\kbdnec.dll
2007-04-01 00:11 6,656 --------- C:\WINDOWS\system32\kbdsg.dll
2007-04-01 00:11 6,656 --------- C:\WINDOWS\system32\kbdla.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusx.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdusl.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsw.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsp.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdsf.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdpo.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdno.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdne.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdic.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdgr1.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdgr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfi.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdfc.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdes.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdda.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdca.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdbr.dll
2007-04-01 00:11 6,144 --------- C:\WINDOWS\system32\kbdbe.dll
2007-04-01 00:11 561,920 --------- C:\WINDOWS\system32\drivers\ntfs.sys
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdus.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbduk.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdit142.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdit.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdir.dll
2007-04-01 00:11 5,632 --------- C:\WINDOWS\system32\kbdgae.dll
2007-04-01 00:11 5,120 --------- C:\WINDOWS\system32\kbddv.dll
2007-04-01 00:11 487 --------- C:\WINDOWS\system32\login.cmd
2007-04-01 00:11 15,872 --------- C:\WINDOWS\system32\expand.exe
2007-04-01 00:11 126,976 --------- C:\WINDOWS\system32\imagehlp.dll
2007-04-01 00:11 121,856 --------- C:\WINDOWS\system32\exts.dll
2007-04-01 00:11 1,131 --------- C:\WINDOWS\system32\loadfix.com
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-01 00:11 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-01 00:10 707 --------- C:\WINDOWS\_default.pif
2007-04-01 00:10 565,760 --------- C:\WINDOWS\system32\autochk.exe
2007-04-01 00:10 558,592 --------- C:\WINDOWS\system32\autofmt.exe
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system32
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\system
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\security
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\repair
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\mui
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\msapps
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\msagent
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\java
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\ime
2007-04-01 00:10 <DIR> d-------- C:\WINDOWS\addins
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\Resources
2007-04-01 00:07 <DIR> d-------- C:\WINDOWS\Registration
2007-04-01 00:06 <DIR> d-------- C:\WINDOWS\PCHEALTH
2007-04-01 00:06 <DIR> d-------- C:\WINDOWS\Media
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Help
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Debug
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\Config

Edited by rody, 07 April 2007 - 06:03 PM.


#14 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 06:05 PM

follow up:

2007-04-01 00:04 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-01 00:04 <DIR> d-------- C:\WINDOWS
2007-04-01 00:02 <DIR> d-------- C:\Documents and Settings
2007-03-31 23:58 6,144 --a------ C:\WINDOWS\system32\kbdth3.dll
2007-03-31 23:58 6,144 --a------ C:\WINDOWS\system32\kbdth2.dll
2007-03-31 23:58 6,144 --a------ C:\WINDOWS\system32\kbdinpun.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdvntc.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdurdu.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdth1.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdth0.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdsyr2.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdsyr1.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdintel.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdintam.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdinmar.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdinkan.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdinhin.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdinguj.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdindev.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdheb.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbdfa.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbddiv2.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbddiv1.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbda3.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbda2.dll
2007-03-31 23:58 5,632 --a------ C:\WINDOWS\system32\kbda1.dll
2007-03-31 23:58 5,120 --a------ C:\WINDOWS\system32\kbdgeo.dll
2007-03-31 23:58 5,120 --a------ C:\WINDOWS\system32\kbdarmw.dll
2007-03-31 23:58 5,120 --a------ C:\WINDOWS\system32\kbdarme.dll
2007-03-31 23:56 <DIR> d-------- C:\i386
2007-03-31 23:44 53,248 --a------ C:\WINDOWS\system32\Prounstl.exe
2007-03-31 23:44 23,040 --a------ C:\WINDOWS\system32\IntelNic.dll
2007-03-31 23:44 139,776 --a------ C:\WINDOWS\system32\drivers\e100b325.sys
2007-03-31 23:41 5,120 --------- C:\WINDOWS\system32\hccoin.dll
2007-03-31 23:41 19,072 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-31 23:35 <DIR> d-------- C:\COMPAQ


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-04 12:44 -------- d--h----- C:\Program Files\windowsupdate
2007-04-04 12:44 -------- d--h----- C:\Program Files\windowsupdate


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\Windows\\System32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IMJPMIG8.1"="C:\\Windows\\IME\\imjp8_1\\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
"IMEKRMIG6.1"="C:\\Windows\\ime\\imkr6_1\\IMEKRMIG.EXE"
"MSPY2002"="C:\\Windows\\System32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\Windows\\System32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\Windows\\System32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"AutoLogon"="regedit.exe /s \\appl.zip\\WXPPUPTW\\logon.reg"
"IgfxTray"="C:\\Windows\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\Windows\\System32\\hkcmd.exe"
"NeroCheck"="C:\\Windows\\System32\\\\NeroCheck.exe"
"Ati Display"="~.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotSnD"="\"C:\\Program Files\\Spybot - Search & Destroy\\SpybotSD.exe\" /autocheck"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"k1d3u52"="C:\\Windows\\TEMP\\iexpl0re.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-04-08 6:50:31
C:\ComboFix-quarantined-files.txt ... 07-04-08 06:50







thats it

#15 rody

rody
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Brass Castle
  • Local time:04:53 AM

Posted 07 April 2007 - 06:06 PM

and finally....
HiJackThis Log





Logfile of HijackThis v1.99.1
Scan saved at 6:56:29 AM, on 4/8/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Windows\System32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Documents and Settings\J.P_Yang\Desktop\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\Windows\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\Windows\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\Windows\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\Windows\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AutoLogon] regedit.exe /s \appl.zip\WXPPUPTW\logon.reg
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Ati Display] ~.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxsrvc.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: System Event Logger (NHLscA) - Unknown owner - C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE (file missing)
O23 - Service: WebPrint - Unknown owner - c:\windows\system32\webprint.exe (file missing)



Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users