Inactive [InActive] Computer acts weird.

Vinner · 2008/10/28

since when i came back from barcelona (been at the camp-nou, yay!) my comp started acting really weird - softwares didnt work, "Desktop is not accessible" ****, and nothing works to do anything so it may be a malaware. well here is RSIT log:

Logfile of random's system information tool 1.04 (written by random/random)
Run by ???? at 2008-10-28 19:14:09
Microsoft Windows XP Professional Service Pack 3
System drive C: has 91 GB (76%) free of 120 GB
Total RAM: 2047 MB (70% free)

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
???? ?????? ?? Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-09-29 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-09-29 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"BDAgent "=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"BDMCon "=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-04-02 290816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware "=D:\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-08 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 266792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders "=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=
"NoDriveAutoRun "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\eMule\emule.exe "= "C:\Program Files\eMule\emule.exe:*:Enabled:eMule "
"C:\Program Files\uTorrent\uTorrent.exe "= "C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 3 months======

2008-10-28 19:13:43 ----D---- C:\rsit
2008-10-28 19:06:17 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-28 18:40:06 ----A---- C:\WINDOWS\sxstall2.exe
2008-10-28 18:40:06 ----A---- C:\WINDOWS\gwpreset.ini
2008-10-28 18:40:06 ----A---- C:\WINDOWS\goldwave.ini
2008-10-28 17:54:36 ----A---- C:\WINDOWS\Irremote.ini
2008-10-28 17:52:23 ----D---- C:\Program Files\Windows Sidebar
2008-10-28 17:36:16 ----A---- C:\Nero-9.0.9.4b_trial.exe
2008-10-25 05:04:13 ----A---- C:\keygen.exe
2008-10-25 05:04:13 ----A---- C:\dfxInstall-WMP.exe
2008-10-24 20:44:12 ----SHD---- C:\RECYCLER
2008-10-23 22:02:48 ----A---- C:\Firefox_Portable_3.0.3_en-us.paf.exe
2008-10-23 20:43:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-23 20:43:14 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-23 19:55:28 ----D---- C:\keYgeN
2008-10-23 19:55:28 ----A---- C:\mbam-setup.exe
2008-10-23 19:53:01 ----A---- C:\Trojan_Remover_6.7.2.2542_DrClickCom.exe
2008-10-23 15:26:20 ----D---- C:\WINDOWS\temp
2008-10-23 15:26:19 ----A---- C:\ComboFix.txt
2008-10-23 15:20:41 ----A---- C:\WINDOWS\VFIND.exe
2008-10-23 15:20:41 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-23 15:20:41 ----A---- C:\WINDOWS\SWREG.exe
2008-10-23 15:20:41 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-23 15:20:38 ----D---- C:\WINDOWS\ERDNT
2008-10-23 15:20:38 ----D---- C:\Qoobox
2008-10-23 15:18:50 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-23 15:18:42 ----A---- C:\rapport.txt
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\Process.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-10-23 15:18:20 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-10-23 15:13:16 ----D---- C:\WINDOWS\pss
2008-10-23 15:07:48 ----D---- C:\m
2008-10-23 13:23:29 ----A---- C:\Malwarebytes_Anti-Malware_1.24_DrClickCom.exe
2008-10-23 00:40:29 ----A---- C:\WINDOWS\system32\PARTIZAN.TXT
2008-10-23 00:35:57 ----A---- C:\WINDOWS\system32\Partizan.exe
2008-10-23 00:35:51 ----RASHOT---- C:\WINDOWS\winstart.bat
2008-10-23 00:35:43 ----D---- C:\Program Files\UnHackMe
2008-10-23 00:21:03 ----D---- C:\Program Files\Trend Micro
2008-10-21 14:07:45 ----D---- C:\Documents and Settings\????\Application Data\Opera
2008-10-21 14:07:38 ----D---- C:\Program Files\Opera
2008-10-21 13:03:43 ----D---- C:\Program Files\Winamp
2008-10-20 11:16:52 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-09 19:04:27 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-10-09 18:56:17 ----D---- C:\Documents and Settings\????\Application Data\PC Suite
2008-10-09 18:56:17 ----D---- C:\Documents and Settings\????\Application Data\Nokia
2008-10-09 18:56:17 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-10-09 18:55:30 ----D---- C:\Program Files\Common Files\PCSuite
2008-10-09 18:55:30 ----D---- C:\Program Files\Common Files\Nokia
2008-10-09 18:55:20 ----D---- C:\Program Files\DIFX
2008-10-09 18:55:12 ----D---- C:\Program Files\PC Connectivity Solution
2008-10-09 18:55:06 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-10-09 18:55:06 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-10-09 18:55:02 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2008-10-09 18:55:01 ----D---- C:\Program Files\Nokia
2008-10-09 18:54:24 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-10-05 23:45:59 ----D---- C:\Program Files\Remove Empty Directories
2008-10-05 17:50:56 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-03 12:13:15 ----A---- C:\WINDOWS\oodcnt.INI
2008-10-03 12:04:54 ----A---- C:\WINDOWS\system32\WRLogonNtf.dll
2008-10-03 12:04:50 ----D---- C:\Program Files\Webroot
2008-10-03 12:04:50 ----D---- C:\Documents and Settings\????\Application Data\Webroot
2008-10-03 12:04:50 ----A---- C:\WINDOWS\WRSetup.dll
2008-10-03 11:38:26 ----D---- C:\Documents and Settings\????\Application Data\Systweak
2008-10-03 11:38:03 ----D---- C:\Program Files\Advanced System Optimizer
2008-10-03 09:23:05 ----D---- C:\Program Files\MSXML 4.0
2008-10-03 01:05:25 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-10-03 01:05:16 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-10-02 20:32:00 ----D---- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-10-02 19:51:54 ----D---- C:\Documents and Settings\????\Application Data\Vso
2008-10-02 19:51:54 ----A---- C:\Documents and Settings\????\Application Data\inst.exe
2008-10-02 19:51:50 ----A---- C:\WINDOWS\system32\drv43260.dll
2008-10-02 19:51:50 ----A---- C:\WINDOWS\system32\drv33260.dll
2008-10-02 19:51:50 ----A---- C:\WINDOWS\system32\drv23260.dll
2008-10-02 19:51:50 ----A---- C:\WINDOWS\system32\cook3260.dll
2008-10-02 19:51:49 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2008-10-02 19:51:49 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2008-10-02 19:51:49 ----A---- C:\WINDOWS\gdiplus.dll
2008-10-02 19:51:48 ----D---- C:\Program Files\VSO
2008-10-02 19:23:49 ----D---- C:\Documents and Settings\????\Application Data\Nero
2008-10-02 19:23:33 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2008-10-02 19:22:30 ----D---- C:\Program Files\Nero
2008-10-02 19:22:30 ----D---- C:\Program Files\Common Files\Nero
2008-10-02 19:22:30 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-10-02 18:42:44 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-10-02 18:42:43 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-10-02 18:09:54 ----D---- C:\Documents and Settings\????\Application Data\vlc
2008-10-02 17:51:31 ----D---- C:\Program Files\Wondershare
2008-10-02 15:19:37 ----SHD---- C:\WINDOWS\CSC
2008-10-02 15:15:14 ----D---- C:\Documents and Settings\????\Application Data\Auslogics
2008-10-02 15:14:47 ----D---- C:\Program Files\Auslogics
2008-10-02 12:41:27 ----D---- C:\WINDOWS\Internet Logs
2008-10-02 12:34:56 ----D---- C:\Documents and Settings\????\Application Data\Bitdefender
2008-10-02 12:32:50 ----D---- C:\Program Files\Softwin
2008-10-02 12:32:50 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-10-02 06:54:42 ----D---- C:\Program Files\Common Files\Softwin
2008-10-02 06:53:54 ----RSD---- C:\WINDOWS\assembly
2008-10-02 06:53:54 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-02 06:53:53 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-02 06:53:27 ----D---- C:\Program Files\Common Files\BitDefender
2008-10-01 21:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\DFX
2008-10-01 21:24:46 ----D---- C:\Program Files\DFX
2008-10-01 21:24:46 ----D---- C:\Program Files\Common Files\DFX
2008-09-29 17:31:48 ----D---- C:\WINDOWS\system32\Adobe
2008-09-29 17:30:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-29 17:30:49 ----D---- C:\Program Files\Adobe Media Player
2008-09-29 17:30:47 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-09-29 17:06:18 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-09-29 17:06:18 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-09-29 17:06:18 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-09-29 17:06:18 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-09-29 15:39:03 ----A---- C:\WINDOWS\system32\sqlrcmd.dll
2008-09-29 15:38:58 ----D---- C:\Program Files\RamCleaner
2008-09-29 14:41:32 ----A---- C:\WINDOWS\system32\XceedZip.dll
2008-09-29 14:41:26 ----D---- C:\Program Files\Driver-Soft
2008-09-29 14:41:01 ----D---- C:\Documents and Settings\????\Application Data\WinRAR
2008-09-29 14:40:06 ----D---- C:\Documents and Settings\????\Application Data\Help
2008-09-29 13:54:51 ----D---- C:\Program Files\uTorrent
2008-09-29 13:54:49 ----D---- C:\Documents and Settings\????\Application Data\uTorrent
2008-09-29 13:51:15 ----D---- C:\WINDOWS\Minidump
2008-09-29 12:21:05 ----A---- C:\WINDOWS\iun6002.exe
2008-09-29 12:20:43 ----D---- C:\Program Files\eMule
2008-09-29 12:19:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-09-29 12:19:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-09-29 12:10:07 ----D---- C:\Documents and Settings\????\Application Data\Mozilla
2008-09-29 12:05:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-29 12:02:43 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-29 12:02:37 ----D---- C:\Program Files\CCleaner
2008-09-29 12:02:12 ----D---- C:\Program Files\Windows Live
2008-09-29 12:02:04 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-29 12:00:54 ----D---- C:\Documents and Settings\????\Application Data\Google
2008-09-29 12:00:51 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-09-29 11:59:49 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-09-29 10:17:40 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-29 10:15:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-29 10:15:06 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-09-29 10:14:53 ----D---- C:\Program Files\Windows Media Connect 2
2008-09-29 10:14:44 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-09-29 10:14:13 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-09-29 10:13:55 ----D---- C:\WINDOWS\system32\LogFiles
2008-09-29 10:13:51 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-09-29 10:09:52 ----D---- C:\Documents and Settings\????\Application Data\Macromedia
2008-09-29 09:58:47 ----D---- C:\WINDOWS\ie7updates
2008-09-29 09:58:29 ----D---- C:\WINDOWS\WBEM
2008-09-29 09:57:32 ----HDC---- C:\WINDOWS\ie7
2008-09-29 09:57:21 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-09-29 09:57:07 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-09-29 03:08:18 ----D---- C:\WINDOWS\Prefetch
2008-09-28 19:58:39 ----D---- C:\WINDOWS\system32\he-il
2008-09-28 19:58:38 ----D---- C:\WINDOWS\system32\he
2008-09-28 19:58:38 ----D---- C:\WINDOWS\system32\bits
2008-09-28 19:58:38 ----D---- C:\WINDOWS\l2schemas
2008-09-28 19:56:22 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-28 19:54:15 ----D---- C:\WINDOWS\network diagnostic
2008-09-28 19:51:15 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-28 19:12:52 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-28 19:12:50 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-28 19:12:50 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-28 19:12:50 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-28 19:12:50 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-28 19:12:48 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-09-28 19:12:47 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-09-28 19:12:47 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-28 19:12:47 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-28 19:12:44 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-09-28 19:12:44 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-28 19:12:44 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-28 19:12:43 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-28 19:12:43 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-28 19:12:43 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-28 19:12:43 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-28 19:12:43 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-28 19:12:43 ----N---- C:\WINDOWS\slrundll.exe
2008-09-28 19:12:42 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-28 19:12:42 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-28 19:12:41 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-28 19:12:41 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-28 19:12:41 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-28 19:12:40 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-28 19:12:40 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-28 19:12:40 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-28 19:12:40 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-28 19:12:39 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-28 19:12:37 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-28 19:12:36 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-28 19:12:33 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-28 19:12:33 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-28 19:12:33 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-28 19:12:33 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-28 19:12:32 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-09-28 19:12:29 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-28 19:12:29 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-28 19:12:28 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-28 19:12:28 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-28 19:12:28 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-28 19:12:28 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-28 19:12:27 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-28 19:12:26 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-28 19:12:24 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-28 19:12:21 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-28 19:12:19 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-28 19:12:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-28 19:12:17 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-28 19:12:15 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-28 19:12:15 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-28 19:12:14 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-28 19:12:12 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-28 18:58:54 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-28 18:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-09-28 18:29:40 ----D---- C:\WINDOWS\system32\PreInstall
2008-09-28 18:29:39 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-09-28 18:29:38 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-28 18:19:18 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-09-28 18:18:55 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-09-28 18:18:48 ----D---- C:\Program Files\Realtek AC97
2008-09-28 18:18:48 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2008-09-28 18:18:47 ----A---- C:\WINDOWS\soundman.exe
2008-09-28 18:18:46 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-09-28 18:18:46 ----A---- C:\WINDOWS\alcupd.exe
2008-09-28 18:18:45 ----A---- C:\WINDOWS\Alcrmv.exe
2008-09-28 18:18:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-28 18:18:03 ----D---- C:\WINDOWS\OPTIONS
2008-09-28 18:18:03 ----D---- C:\Program Files\Realtek
2008-09-28 18:17:55 ----D---- C:\Documents and Settings\????\Application Data\InstallShield
2008-09-28 18:09:43 ----D---- C:\WINDOWS\nview
2008-09-28 18:09:43 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-09-28 18:09:35 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-09-28 18:09:23 ----D---- C:\NVIDIA
2008-09-28 18:05:10 ----A---- C:\WINDOWS\ODBC.INI
2008-09-28 18:05:07 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-09-28 18:04:40 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-28 18:04:15 ----D---- C:\Program Files\Microsoft.NET
2008-09-28 18:04:03 ----D---- C:\Drivers
2008-09-28 18:03:43 ----D---- C:\Program Files\Common Files\DESIGNER
2008-09-28 18:03:40 ----D---- C:\Program Files\Microsoft Works
2008-09-28 18:03:36 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-28 18:03:33 ----D---- C:\Program Files\Microsoft Visual Studio
2008-09-28 18:03:33 ----D---- C:\Program Files\CyberLink
2008-09-28 18:03:23 ----D---- C:\WINDOWS\SHELLNEW
2008-09-28 18:03:22 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-28 18:03:18 ----D---- C:\Program Files\Microsoft Office
2008-09-28 18:02:22 ----D---- C:\Program Files\WinZip
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-09-28 18:02:01 ----N---- C:\WINDOWS\system32\px.dll
2008-09-28 18:01:58 ----D---- C:\Program Files\Ahead
2008-09-28 18:01:45 ----D---- C:\Program Files\WinRAR
2008-09-28 18:01:42 ----D---- C:\Program Files\Google
2008-09-28 18:01:39 ----D---- C:\Program Files\Picasa2
2008-09-28 17:59:00 ----A---- C:\WINDOWS\system32\wups2.dll
2008-09-28 17:59:00 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-09-28 17:58:59 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-09-28 17:58:59 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-09-28 17:58:59 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-09-28 17:58:54 ----D---- C:\Program Files\ESET
2008-09-28 17:50:51 ----D---- C:\admin
2008-09-28 17:34:37 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-28 17:28:43 ----D---- C:\Documents and Settings\????\Application Data\Adobe
2008-09-28 17:27:52 ----D---- C:\WINDOWS\system32\QuickTime
2008-09-28 17:27:52 ----A---- C:\WINDOWS\system32\qtmlClient.dll
2008-09-28 17:27:48 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-09-28 17:27:48 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-09-28 17:27:48 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-09-28 17:27:48 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-09-28 17:27:47 ----A---- C:\WINDOWS\system32\vp6vfw.dll
2008-09-28 17:27:47 ----A---- C:\WINDOWS\system32\vp31vfw.dll
2008-09-28 17:27:47 ----A---- C:\WINDOWS\system32\MACDec.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\vobsub.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\unrar.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\OpenQuicktimeLib.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\huffyuv.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\3ivxVfWCodec.dll
2008-09-28 17:27:43 ----A---- C:\WINDOWS\system32\3ivx.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\vsfilter.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\vorbisfile.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\vorbis.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\OggDS.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\ogg.dll
2008-09-28 17:27:42 ----A---- C:\WINDOWS\system32\lameACM.acm.bak
2008-09-28 17:27:41 ----A---- C:\WINDOWS\system32\WMV9VCM.dll
2008-09-28 17:27:41 ----A---- C:\WINDOWS\system32\unicows.dll
2008-09-28 17:27:41 ----A---- C:\WINDOWS\system32\divx.dll
2008-09-28 17:27:40 ----D---- C:\Program Files\K-Lite Codec Pack
2008-09-28 17:27:40 ----D---- C:\Documents and Settings\????\Application Data\Real
2008-09-28 17:27:40 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2008-09-28 17:27:40 ----A---- C:\WINDOWS\system32\cpuinf32.dll
2008-09-28 16:34:53 ----A---- C:\WINDOWS\system32\h323log.txt
2008-09-28 16:07:37 ----A---- C:\WINDOWS\system32\usbui.dll
2008-09-28 16:06:20 ----SHD---- C:\WINDOWS\Installer
2008-09-28 16:06:20 ----D---- C:\Program Files\Common Files\ODBC
2008-09-28 16:06:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-28 16:06:20 ----A---- C:\WINDOWS\ODBCINST.INI
2008-09-28 16:06:16 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-09-28 16:06:15 ----RD---- C:\Program Files
2008-09-28 16:06:15 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-09-28 16:06:15 ----D---- C:\Program Files\Common Files
2008-09-28 16:06:11 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-09-28 16:06:11 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-09-28 16:06:11 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-09-28 16:06:09 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-09-28 16:06:08 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-09-28 16:06:08 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-09-28 16:06:08 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-09-28 16:06:06 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-09-28 16:06:04 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-09-28 16:06:04 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-09-28 16:06:04 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-09-28 16:06:04 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-09-28 16:06:04 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-09-28 16:06:02 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-09-28 16:06:01 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-09-28 16:06:01 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-09-28 16:06:01 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-09-28 16:06:01 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-09-28 16:06:00 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2008-09-28 16:06:00 ----A---- C:\WINDOWS\system32\kbdarmw.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdintel.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdintam.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdinpun.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdinmar.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdinkan.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdinhin.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdinguj.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdindev.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdgeo.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\kbdarme.dll
2008-09-28 16:05:59 ----A---- C:\WINDOWS\system32\c_iscii.dll
2008-09-28 16:05:58 ----A---- C:\WINDOWS\system32\kbdvntc.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbdurdu.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbdsyr2.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbdsyr1.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbdfa.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbddiv2.dll
2008-09-28 16:05:56 ----A---- C:\WINDOWS\system32\kbddiv1.dll
2008-09-28 16:05:55 ----A---- C:\WINDOWS\system32\kbdusa.dll
2008-09-28 16:05:55 ----A---- C:\WINDOWS\system32\kbda3.dll
2008-09-28 16:05:55 ----A---- C:\WINDOWS\system32\kbda2.dll
2008-09-28 16:05:55 ----A---- C:\WINDOWS\system32\kbda1.dll
2008-09-28 16:05:49 ----A---- C:\WINDOWS\system32\kbdth3.dll
2008-09-28 16:05:49 ----A---- C:\WINDOWS\system32\kbdth2.dll
2008-09-28 16:05:49 ----A---- C:\WINDOWS\system32\kbdth1.dll
2008-09-28 16:05:49 ----A---- C:\WINDOWS\system32\kbdth0.dll
2008-09-28 16:05:49 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2008-09-28 16:05:48 ----A---- C:\WINDOWS\system32\irclass.dll
2008-09-28 16:05:48 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-09-28 16:05:48 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-09-28 16:05:47 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-09-28 16:05:47 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-09-28 16:05:45 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-09-28 16:05:45 -------- C:\WINDOWS\system32\CONFIG.TMP
2008-09-28 16:05:44 ----A---- C:\WINDOWS\system32\batt.dll
2008-09-28 16:05:44 ----A---- C:\WINDOWS\notepad.exe
2008-09-28 16:05:42 ----A---- C:\WINDOWS\system32\storprop.dll
2008-09-28 16:05:35 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-09-28 16:03:53 ----RA---- C:\WINDOWS\SET8.tmp
2008-09-28 16:03:50 ----RA---- C:\WINDOWS\SET4.tmp
2008-09-28 16:03:49 ----RA---- C:\WINDOWS\SET3.tmp
2008-09-28 16:03:44 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-28 16:03:44 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-28 16:03:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-28 16:03:13 ----D---- C:\Documents and Settings
2008-09-28 16:03:12 ----SHD---- C:\System Volume Information
2008-09-28 15:54:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-28 15:54:26 ----RSD---- C:\WINDOWS\Fonts
2008-09-28 15:54:26 ----RD---- C:\WINDOWS\Web
2008-09-28 15:54:26 ----HD---- C:\WINDOWS\inf
2008-09-28 15:54:26 ----D---- C:\WINDOWS\WinSxS
2008-09-28 15:54:26 ----D---- C:\WINDOWS\twain_32
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\wins
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\wbem
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\usmt
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\spool
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\ShellExt
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\Setup
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\ras
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\oobe
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\npp
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\mui
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\IME
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\icsxml
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\ias
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\export
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\drivers
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\dhcp
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\config
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\3com_dmi
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\3076
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\2052
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1054
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1042
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1041
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1037
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1033
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1031
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1028
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32\1025
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system32
2008-09-28 15:54:26 ----D---- C:\WINDOWS\system
2008-09-28 15:54:26 ----D---- C:\WINDOWS\security
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Resources
2008-09-28 15:54:26 ----D---- C:\WINDOWS\repair
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Provisioning
2008-09-28 15:54:26 ----D---- C:\WINDOWS\PeerNet
2008-09-28 15:54:26 ----D---- C:\WINDOWS\pchealth
2008-09-28 15:54:26 ----D---- C:\WINDOWS\mui
2008-09-28 15:54:26 ----D---- C:\WINDOWS\msapps
2008-09-28 15:54:26 ----D---- C:\WINDOWS\msagent
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Media
2008-09-28 15:54:26 ----D---- C:\WINDOWS\java
2008-09-28 15:54:26 ----D---- C:\WINDOWS\ime
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Help
2008-09-28 15:54:26 ----D---- C:\WINDOWS\ehome
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Driver Cache
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Debug
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Cursors
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Connection Wizard
2008-09-28 15:54:26 ----D---- C:\WINDOWS\Config
2008-09-28 15:54:26 ----D---- C:\WINDOWS\AppPatch
2008-09-28 15:54:26 ----D---- C:\WINDOWS\addins
2008-09-28 15:54:26 ----D---- C:\WINDOWS
2008-09-28 14:45:55 ----D---- C:\Documents and Settings\????\Application Data\Identities
2008-09-28 14:45:53 ----HD---- C:\Program Files\Uninstall Information
2008-09-28 14:45:38 ----SD---- C:\Documents and Settings\????\Application Data\Microsoft
2008-09-28 14:45:38 ----ASH---- C:\Documents and Settings\????\Application Data\desktop.ini
2008-09-28 14:44:24 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-28 14:44:22 ----SD---- C:\WINDOWS\system32\Microsoft
2008-09-28 14:44:22 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-09-28 14:41:06 ----D---- C:\WINDOWS\system32\xircom
2008-09-28 14:41:06 ----D---- C:\Program Files\xerox
2008-09-28 14:41:06 ----D---- C:\Program Files\microsoft frontpage
2008-09-28 14:40:45 ----A---- C:\WINDOWS\control.ini
2008-09-28 14:40:45 ----A---- C:\AUTOEXEC.BAT
2008-09-28 14:40:33 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-09-28 14:39:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-28 14:39:49 ----RD---- C:\WINDOWS\Offline Web Pages
2008-09-28 14:39:49 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-28 14:39:44 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-09-28 14:39:40 ----HD---- C:\Program Files\WindowsUpdate
2008-09-28 14:39:37 ----D---- C:\Program Files\Online Services
2008-09-28 14:39:18 ----D---- C:\WINDOWS\system32\DirectX
2008-09-28 14:38:51 ----A---- C:\WINDOWS\system32\atrace.dll
2008-09-28 14:38:48 ----A---- C:\WINDOWS\system32\desktop.ini
2008-09-28 14:38:48 ----A---- C:\WINDOWS\desktop.ini
2008-09-28 14:38:40 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-09-28 14:38:39 ----A---- C:\WINDOWS\system32\acctres.dll
2008-09-28 14:38:38 ----D---- C:\Program Files\Common Files\Services
2008-09-28 14:38:35 ----SD---- C:\WINDOWS\Tasks
2008-09-28 14:38:35 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-09-28 14:38:33 ----D---- C:\Program Files\Common Files\MSSoap
2008-09-28 14:38:28 ----D---- C:\WINDOWS\srchasst
2008-09-28 14:38:27 ----D---- C:\WINDOWS\system32\Macromed
2008-09-28 14:38:24 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wups.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-09-28 14:38:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-09-28 14:38:22 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-09-28 14:38:16 ----D---- C:\Program Files\Movie Maker
2008-09-28 14:38:12 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-09-28 14:38:11 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-09-28 14:38:11 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-09-28 14:38:11 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-09-28 14:38:06 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-09-28 14:38:06 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-09-28 14:38:05 ----D---- C:\WINDOWS\system32\Restore
2008-09-28 14:38:05 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-09-28 14:38:05 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-09-28 14:38:05 ----A---- C:\WINDOWS\system32\srclient.dll
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\msconf.dll
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-09-28 14:38:04 ----A---- C:\WINDOWS\system32\ils.dll
2008-09-28 14:38:00 ----D---- C:\Program Files\NetMeeting
2008-09-28 14:38:00 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-09-28 14:38:00 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-09-28 14:37:59 ----A---- C:\WINDOWS\system32\inetres.dll
2008-09-28 14:37:59 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-09-28 14:37:56 ----D---- C:\Program Files\Outlook Express
2008-09-28 14:37:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-09-28 14:37:56 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-09-28 14:37:56 ----A---- C:\WINDOWS\system32\mstask.dll
2008-09-28 14:37:55 ----A---- C:\WINDOWS\system32\isign32.dll
2008-09-28 14:37:55 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-09-28 14:37:55 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-09-28 14:37:55 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-09-28 14:37:47 ----D---- C:\Program Files\Common Files\System
2008-09-28 14:37:46 ----D---- C:\Program Files\Internet Explorer
2008-09-28 14:37:17 ----D---- C:\Program Files\ComPlus Applications
2008-09-28 14:37:16 ----A---- C:\WINDOWS\vbaddin.ini
2008-09-28 14:37:16 ----A---- C:\WINDOWS\vb.ini
2008-09-28 14:37:12 ----D---- C:\WINDOWS\Registration
2008-09-28 14:37:06 ----D---- C:\Program Files\Windows Media Player
2008-09-28 14:37:01 ----D---- C:\Program Files\Messenger
2008-09-28 14:36:57 ----D---- C:\Program Files\MSN Gaming Zone
2008-09-28 14:36:57 ----A---- C:\WINDOWS\system32\write.exe
2008-09-28 14:36:45 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-09-28 14:36:44 ----A---- C:\WINDOWS\system32\hticons.dll
2008-09-28 14:36:44 ----A---- C:\WINDOWS\system32\avwav.dll
2008-09-28 14:36:44 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-09-28 14:36:44 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-09-28 14:36:43 ----A---- C:\WINDOWS\system32\winchat.exe
2008-09-28 14:36:35 ----A---- C:\WINDOWS\system32\getuname.dll
2008-09-28 14:36:34 ----A---- C:\WINDOWS\system32\sol.exe
2008-09-28 14:36:34 ----A---- C:\WINDOWS\system32\charmap.exe
2008-09-28 14:36:34 ----A---- C:\WINDOWS\system32\calc.exe
2008-09-28 14:36:33 ----A---- C:\WINDOWS\system32\winmine.exe
2008-09-28 14:36:33 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-09-28 14:36:33 ----A---- C:\WINDOWS\system32\freecell.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\tskill.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\tscon.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\shadow.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\reset.exe
2008-09-28 14:36:32 ----A---- C:\WINDOWS\system32\regini.exe
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\msg.exe
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\logoff.exe
2008-09-28 14:36:31 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-09-28 14:36:30 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-09-28 14:36:30 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-09-28 14:36:30 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-09-28 14:36:30 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-09-28 14:36:29 ----A---- C:\WINDOWS\system32\stclient.dll
2008-09-28 14:36:29 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-09-28 14:36:29 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-09-28 14:36:29 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-09-28 14:36:23 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-09-28 14:36:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-09-28 14:36:21 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-09-28 14:36:21 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-09-28 14:36:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-09-28 14:36:20 ----D---- C:\Program Files\Windows NT
2008-09-28 14:36:20 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-09-28 14:36:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-09-28 14:36:19 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-09-28 14:36:19 ----A---- C:\WINDOWS\system32\spider.exe
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-09-28 14:36:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-09-28 14:36:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-09-28 14:36:16 ----D---- C:\WINDOWS\system32\MsDtc
2008-09-28 14:36:16 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-09-28 14:36:16 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-09-28 14:36:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-09-28 14:36:16 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-09-28 14:36:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-09-28 14:36:15 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-09-28 14:36:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-09-28 14:36:15 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-09-28 14:36:15 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-09-28 14:36:14 ----D---- C:\WINDOWS\system32\Com
2008-09-28 14:36:14 ----A---- C:\WINDOWS\system32\colbact.dll
2008-09-28 14:36:14 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-09-28 14:36:13 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-09-28 14:36:13 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-09-28 14:36:13 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-09-28 14:36:12 ----A---- C:\WINDOWS\system32\comuid.dll
2008-09-28 14:36:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-09-28 14:36:12 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-09-28 14:36:04 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-09-28 14:36:03 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-09-28 14:36:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-09-28 14:36:03 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-09-05 22:30:52 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 22:30:00 ----N---- C:\WINDOWS\system32\WgaTray.exe

======List of files/folders modified in the last 3 months======

2008-10-23 15:45:04 ----A---- C:\WINDOWS\win.ini
2008-10-23 15:45:04 ----A---- C:\WINDOWS\system.ini
2008-10-15 18:37:01 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 19:16:39 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-02 07:01:11 ----D---- C:\WINDOWS\SxsCaPendDel
2008-09-05 22:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-08-27 11:11:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 10:11:54 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 10:11:54 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-26 10:11:54 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 10:11:54 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 10:11:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 10:11:54 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 10:11:53 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-26 10:11:53 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-26 10:11:53 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 10:11:50 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 10:11:50 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 10:11:50 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 10:11:49 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 10:11:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 10:11:46 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 10:11:46 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 10:11:46 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 10:11:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 10:11:46 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 10:11:45 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 10:11:45 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 10:11:45 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 10:11:45 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 10:39:40 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-25 10:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-23 07:54:51 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-08-14 15:24:04 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 15:24:01 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 39936]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-08-06 4122112]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-02 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;????? ????? ?? ??? ????? Windows Socket 2.0 Non-IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-27 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bdss;BitDefender Scan Server; C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [2008-10-02 278528]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
R3 usnjsvc;????? Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-29 138168]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 908800]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]

-----------------EOF-----------------

thx

noahdfear · 2008/10/29

Hi Vinner,

Lets run another tool. Download Lop S&D and save it to your desktop.

Please disable resident protections (Antivirus...) you'll re-enable them after the scan

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created at C:\lopR.txt

Don't forget to re-enable your resident protections now!

Vinner · 2008/10/30

yeah the only problem is that i can't use my desktop properly. it says:

"C:\Documents and Settings\????\????? ?????? is not accessible "

and so does to every kind of scan that need to be done from my desktop

BTW i tried all the "desktop is not accessible" solutions, didnt work, i think i got some serious **** here
any other ideas plz?

thank for ur help BTW!

Eric Robinson · 2008/10/30

Are you able to run your computer normally in SAFE MODE?
If so, perhaps this would be a good method to acquire the new tool and execute it.

noahdfear · 2008/10/30

I think the problem is the username being question marks. Try moving the tool to the root of drive (Local Disk C and run it from there.

Vinner · 2008/10/30

well here is the log

--------------------\\ Lop S&D 4.2.4-8 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Default System BIOS
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:117 Go (Free:68 Go)
D:\ (Local Disk) - NTFS - Total:115 Go (Free:49 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [1] ( Thu 10/30/2008|19:04 )

--------------------\\ Listing folders in APPLIC~1

[09/29/2008|05:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[10/02/2008|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BitDefender
[09/28/2008|06:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[10/25/2008|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DFX
[09/29/2008|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[10/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Installations
[09/28/2008|05:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[10/03/2008|01:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MailFrontier
[10/23/2008|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[10/20/2008|05:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[10/28/2008|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Nero
[10/09/2008|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Suite
[09/28/2008|05:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Real
[10/28/2008|07:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[10/05/2008|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[10/02/2008|08:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> vsosdk
[09/28/2008|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/01/2008|04:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller

[10/03/2008|02:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[09/28/2008|02:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/03/2008|02:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[10/24/2008 01:30 PM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
[10/24/2008 01:01 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/27/2004 02:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[09/29/2008|05:30] C:\Program Files\<DIR> Adobe Media Player
[10/03/2008|11:38] C:\Program Files\<DIR> Advanced System Optimizer
[10/02/2008|06:02] C:\Program Files\<DIR> Ahead
[10/02/2008|03:14] C:\Program Files\<DIR> Auslogics
[09/29/2008|12:02] C:\Program Files\<DIR> CCleaner
[10/28/2008|07:09] C:\Program Files\<DIR> Common Files
[09/28/2008|02:37] C:\Program Files\<DIR> ComPlus Applications
[09/28/2008|06:03] C:\Program Files\<DIR> CyberLink
[10/25/2008|05:04] C:\Program Files\<DIR> DFX
[10/09/2008|06:55] C:\Program Files\<DIR> DIFX
[09/29/2008|02:41] C:\Program Files\<DIR> Driver-Soft
[10/30/2008|07:44] C:\Program Files\<DIR> eMule
[10/02/2008|07:01] C:\Program Files\<DIR> ESET
[09/29/2008|12:00] C:\Program Files\<DIR> Google
[09/28/2008|06:18] C:\Program Files\<DIR> InstallShield Installation Information
[10/20/2008|05:29] C:\Program Files\<DIR> Internet Explorer
[09/28/2008|05:27] C:\Program Files\<DIR> K-Lite Codec Pack
[10/28/2008|05:31] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[09/29/2008|03:01] C:\Program Files\<DIR> Messenger
[09/28/2008|02:41] C:\Program Files\<DIR> microsoft frontpage
[09/28/2008|06:03] C:\Program Files\<DIR> Microsoft Office
[09/28/2008|06:03] C:\Program Files\<DIR> Microsoft Visual Studio
[09/28/2008|06:03] C:\Program Files\<DIR> Microsoft Works
[09/28/2008|06:04] C:\Program Files\<DIR> Microsoft.NET
[09/28/2008|07:58] C:\Program Files\<DIR> Movie Maker
[09/28/2008|02:36] C:\Program Files\<DIR> MSN Gaming Zone
[10/03/2008|09:23] C:\Program Files\<DIR> MSXML 4.0
[10/28/2008|05:53] C:\Program Files\<DIR> Nero
[09/28/2008|07:56] C:\Program Files\<DIR> NetMeeting
[10/09/2008|06:55] C:\Program Files\<DIR> Nokia
[09/28/2008|02:39] C:\Program Files\<DIR> Online Services
[10/23/2008|12:37] C:\Program Files\<DIR> Opera
[09/28/2008|07:55] C:\Program Files\<DIR> Outlook Express
[10/09/2008|06:55] C:\Program Files\<DIR> PC Connectivity Solution
[09/28/2008|06:02] C:\Program Files\<DIR> Picasa2
[10/03/2008|12:25] C:\Program Files\<DIR> RamCleaner
[09/28/2008|06:18] C:\Program Files\<DIR> Realtek
[09/28/2008|06:18] C:\Program Files\<DIR> Realtek AC97
[10/05/2008|11:46] C:\Program Files\<DIR> Remove Empty Directories
[10/02/2008|12:32] C:\Program Files\<DIR> Softwin
[10/28/2008|07:19] C:\Program Files\<DIR> Trend Micro
[10/23/2008|12:35] C:\Program Files\<DIR> UnHackMe
[09/28/2008|02:45] C:\Program Files\<DIR> Uninstall Information
[09/29/2008|01:54] C:\Program Files\<DIR> uTorrent
[10/02/2008|07:51] C:\Program Files\<DIR> VSO
[10/03/2008|12:04] C:\Program Files\<DIR> Webroot
[10/21/2008|01:04] C:\Program Files\<DIR> Winamp
[10/01/2008|04:09] C:\Program Files\<DIR> Windows Live
[09/29/2008|10:14] C:\Program Files\<DIR> Windows Media Connect 2
[09/29/2008|10:14] C:\Program Files\<DIR> Windows Media Player
[09/28/2008|07:55] C:\Program Files\<DIR> Windows NT
[10/28/2008|05:52] C:\Program Files\<DIR> Windows Sidebar
[09/28/2008|02:39] C:\Program Files\<DIR> WindowsUpdate
[05/27/2006|02:03] C:\Program Files\<DIR> WinRAR
[10/03/2008|11:41] C:\Program Files\<DIR> WinZip
[10/02/2008|05:51] C:\Program Files\<DIR> Wondershare
[09/28/2008|02:41] C:\Program Files\<DIR> xerox

--------------------\\ Listing Folders in C:\Program Files\Common Files

[09/29/2008|05:30] C:\Program Files\Common Files\<DIR> Adobe AIR
[10/02/2008|06:53] C:\Program Files\Common Files\<DIR> BitDefender
[09/28/2008|06:03] C:\Program Files\Common Files\<DIR> DESIGNER
[10/01/2008|09:24] C:\Program Files\Common Files\<DIR> DFX
[09/28/2008|06:09] C:\Program Files\Common Files\<DIR> InstallShield
[10/28/2008|05:40] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/28/2008|02:38] C:\Program Files\Common Files\<DIR> MSSoap
[10/28/2008|06:06] C:\Program Files\Common Files\<DIR> Nero
[10/09/2008|06:55] C:\Program Files\Common Files\<DIR> Nokia
[09/28/2008|04:06] C:\Program Files\Common Files\<DIR> ODBC
[10/09/2008|06:55] C:\Program Files\Common Files\<DIR> PCSuite
[09/28/2008|02:38] C:\Program Files\Common Files\<DIR> Services
[10/02/2008|12:32] C:\Program Files\Common Files\<DIR> Softwin
[09/28/2008|04:06] C:\Program Files\Common Files\<DIR> SpeechEngines
[09/28/2008|07:55] C:\Program Files\Common Files\<DIR> System
[09/29/2008|12:04] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller

--------------------\\ Process

( 42 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\2DBD~1\LOCALS~1\Temp\nskA5A.tmp
C:\DOCUME~1\2DBD~1\LOCALS~1\Temp\nsmB22.tmp
C:\DOCUME~1\2DBD~1\LOCALS~1\Temp\nsuA39.tmp
C:\DOCUME~1\2DBD~1\LOCALS~1\Temp\nswB21.tmp

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN

--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 19:05:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 108

--------------------\\ Searching for other infections

No other infections found !

[F:61][D:9]-> C:\DOCUME~1\2DBD~1\LOCALS~1\Temp
[F:12][D:0]-> C:\DOCUME~1\2DBD~1\Cookies
[F:392][D:5]-> C:\DOCUME~1\2DBD~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Thu 10/30/2008|19:05 - Option : [1]

--------------------\\ Scan completed at 19:05:41

what do u say?

noahdfear · 2008/10/30

What exactly is the username(s) on the computer? Have a look in C:\Documents and Settings as well, to see if the username folders match the username(s).

Are you quite sure that was the entire log?

Log in or Sign up

Inactive [InActive] Computer acts weird.

Vinner Inactive Thread Starter

noahdfear Inactive

Vinner Inactive Thread Starter

Eric Robinson Inactive

noahdfear Inactive

Vinner Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Inactive [InActive] Computer acts weird.

Vinner Inactive Thread Starter

noahdfear Inactive

Vinner Inactive Thread Starter

Eric Robinson Inactive

noahdfear Inactive

Vinner Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches