1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Browser pages being redirected / cannot remove a trojan

Discussion in 'Malware and Virus Removal Archive' started by shortnsweet3781, 2008/10/30.

  1. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    [Resolved] Browser pages being redirected / cannot remove a trojan

    Hi, I am having problems with a virus. It is affecting both Firefox and Internet Explorer. When I click on something in Google it takes me to something else entirely. Also sometimes Google will not even display.

    I have tried runnning antivrus and spybot they both pick up a Trojan called Zlob.DNSChanger. I choose to remove them, which they say they do successfully but when I try Google etc it is still there, and if I run Spybot it shows up again.

    Please please please help me get rid of this thing.

    I will post the 2 hijack this logs for infromation.
     
    shortnsweet3781,
    #1
  2. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    log part 1

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Cheryl at 2008-10-30 09:37:28
    Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
    System drive C: has 79 GB (55%) free of 142 GB
    Total RAM: 1917 MB (46% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:38:21, on 30/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\sttray.exe
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\RapidSolution\Tunebite\Tunebite.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Users\Cheryl\Downloads\RSIT.exe
    C:\Program Files\trend micro\Cheryl.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=6071203
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe "
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe "
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe "
    O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe "
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe "
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Tunebite] C:\Program Files\RapidSolution\Tunebite\Tunebite.exe -tray
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe "
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 9111 bytes
     
    shortnsweet3781,
    #2


  3. to hide this advert.

  4. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    Log part 2

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - c:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-12-03 501384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-08-13 90112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Mobile Device Center "=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
    "SunJavaUpdateSched "=c:\Program Files\Java\jre1.6.0\bin\jusched.exe [2007-12-03 77824]
    "ATICCC "=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-07-11 90112]
    "ISUSScheduler "=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
    "RoxWatchTray "=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
    "dscactivate "=c:\dell\dsca.exe [2007-07-30 16384]
    "Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "Broadcom Wireless Manager UI "=C:\Windows\system32\WLTRAY.exe [2007-03-21 1548288]
    "NeroFilterCheck "=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
    "HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
    "QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
    "SigmatelSysTrayApp "=C:\Windows\sttray.exe [2007-02-08 303104]
    "BDAgent "=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-29 716800]
    "BitDefender Antiphishing Helper "=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-08-10 69632]
    "Malwarebytes Anti-Malware (reboot) "=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-10-22 1261200]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "WindowsWelcomeCenter "=C:\Windows\system32\oobefldr.dll [2008-01-18 2153472]
    "MsnMsgr "=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "Tunebite "=C:\Program Files\RapidSolution\Tunebite\Tunebite.exe [2008-01-18 4953392]
    "TomTomHOME.exe "=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "ehTray.exe "=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
    "WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
    "SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    MiniMavis.lnk - C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "LogonHoursAction "=2
    "DontDisplayLogonHoursWarnings "=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1
    "EnableUIADesktopToggle "=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives "=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=
    "NoDrives "=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b5ed299-4e25-11dd-aa60-001d09aad19c}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com e:
    shell\Open\command - resycled\boot.com e:

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c43cbfee-daad-11dc-9200-001d09aad19c}]
    shell\AutoRun\command - G:\InstallTomTomHOME.exe


    ======List of files/folders created in the last 3 months======

    2008-10-30 09:37:29 ----D---- C:\Program Files\trend micro
    2008-10-30 09:37:27 ----D---- C:\rsit
    2008-10-29 22:43:51 ----A---- C:\ComboFix.txt
    2008-10-29 21:19:26 ----A---- C:\avenger.txt
    2008-10-29 19:59:12 ----D---- C:\Windows\Sun
    2008-10-29 18:56:10 ----A---- C:\Windows\zip.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\VFIND.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\SWXCACLS.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\SWSC.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\SWREG.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\sed.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\NIRCMD.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\grep.exe
    2008-10-29 18:56:10 ----A---- C:\Windows\fdsv.exe
    2008-10-29 18:55:21 ----D---- C:\Windows\ERDNT
    2008-10-29 18:55:21 ----D---- C:\Qoobox
    2008-10-29 18:29:23 ----D---- C:\Users\Cheryl\AppData\Roaming\Malwarebytes
    2008-10-29 18:29:13 ----D---- C:\ProgramData\Malwarebytes
    2008-10-29 18:29:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-29 14:20:06 ----D---- C:\Program Files\Lavasoft
    2008-10-29 14:20:05 ----D---- C:\ProgramData\Lavasoft
    2008-10-29 13:45:33 ----A---- C:\Windows\ntbtlog.txt
    2008-10-29 07:01:05 ----D---- C:\Windows\system32\logs
    2008-10-29 07:00:51 ----D---- C:\Users\Cheryl\AppData\Roaming\BitDefender
    2008-10-29 07:00:51 ----D---- C:\Program Files\Common Files\MSSoap
    2008-10-29 07:00:51 ----D---- C:\Binaries
    2008-10-29 07:00:12 ----D---- C:\ProgramData\BitDefender
    2008-10-29 07:00:12 ----D---- C:\Program Files\BitDefender
    2008-10-29 06:58:27 ----D---- C:\Windows\system32\URTTEMP
    2008-10-29 06:52:53 ----D---- C:\Program Files\Common Files\BitDefender
    2008-10-28 21:54:43 ----D---- C:\Program Files\Panda Security
    2008-10-27 17:42:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2008-10-27 17:42:38 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-24 04:03:54 ----A---- C:\Windows\system32\netapi32.dll
    2008-10-22 23:29:19 ----A---- C:\Windows\system32\EncDec.dll
    2008-10-22 23:29:16 ----A---- C:\Windows\system32\psisdecd.dll
    2008-10-18 08:39:58 ----D---- C:\Program Files\mkv2vob
    2008-10-18 08:39:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-17 22:16:58 ----A---- C:\Windows\NeroDigital.ini
    2008-10-17 18:44:23 ----D---- C:\Program Files\Pegasus Media Software
    2008-10-17 17:21:53 ----D---- C:\Program Files\Red Kawa
    2008-10-17 17:21:25 ----A---- C:\Windows\system32\javaws.exe
    2008-10-17 17:21:25 ----A---- C:\Windows\system32\javaw.exe
    2008-10-17 17:21:24 ----A---- C:\Windows\system32\java.exe
    2008-10-17 17:14:31 ----D---- C:\Program Files\Windows Live Safety Center
    2008-10-15 02:53:27 ----A---- C:\Windows\system32\ntoskrnl.exe
    2008-10-15 02:53:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2008-10-15 02:53:22 ----A---- C:\Windows\system32\mshtml.dll
    2008-10-15 02:53:21 ----A---- C:\Windows\system32\ieframe.dll
    2008-10-15 02:53:19 ----A---- C:\Windows\system32\wininet.dll
    2008-10-15 02:53:19 ----A---- C:\Windows\system32\urlmon.dll
    2008-10-15 02:53:18 ----A---- C:\Windows\system32\mstime.dll
    2008-10-15 02:53:18 ----A---- C:\Windows\system32\iertutil.dll
    2008-10-15 02:53:16 ----A---- C:\Windows\system32\jsproxy.dll
    2008-09-28 02:01:08 ----A---- C:\Windows\system32\msshooks.dll
    2008-09-28 02:01:07 ----A---- C:\Windows\system32\msscb.dll
    2008-09-28 02:01:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2008-09-28 02:01:05 ----A---- C:\Windows\system32\propdefs.dll
    2008-09-28 02:01:05 ----A---- C:\Windows\system32\msstrc.dll
    2008-09-28 02:01:05 ----A---- C:\Windows\system32\mssitlb.dll
    2008-09-28 02:01:05 ----A---- C:\Windows\system32\msshsq.dll
    2008-09-28 02:01:04 ----A---- C:\Windows\system32\thawbrkr.dll
    2008-09-28 02:01:04 ----A---- C:\Windows\system32\srchadmin.dll
    2008-09-28 02:01:04 ----A---- C:\Windows\system32\propsys.dll
    2008-09-28 02:01:04 ----A---- C:\Windows\system32\mssprxy.dll
    2008-09-28 02:01:04 ----A---- C:\Windows\system32\korwbrkr.dll
    2008-09-28 02:01:03 ----A---- C:\Windows\system32\wsepno.dll
    2008-09-28 02:01:03 ----A---- C:\Windows\system32\rtffilt.dll
    2008-09-28 02:01:03 ----A---- C:\Windows\system32\mimefilt.dll
    2008-09-28 02:01:02 ----A---- C:\Windows\system32\xmlfilter.dll
    2008-09-28 02:01:02 ----A---- C:\Windows\system32\offfilt.dll
    2008-09-28 02:01:02 ----A---- C:\Windows\system32\nlhtml.dll
    2008-09-28 02:01:02 ----A---- C:\Windows\system32\msscntrs.dll
    2008-09-28 02:01:02 ----A---- C:\Windows\system32\chsbrkr.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\tquery.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\SearchIndexer.exe
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\mssvp.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\mssrch.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\mssphtb.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\mssph.dll
    2008-09-28 02:01:01 ----A---- C:\Windows\system32\chtbrkr.dll
    2008-09-28 00:48:43 ----A---- C:\Windows\system32\rpcrt4.dll
    2008-09-28 00:48:40 ----A---- C:\Windows\system32\pacerprf.dll
    2008-09-28 00:48:38 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-09-28 00:48:38 ----A---- C:\Windows\system32\dataclen.dll
    2008-09-28 00:48:38 ----A---- C:\Windows\system32\cdd.dll
    2008-09-28 00:48:37 ----A---- C:\Windows\system32\wshext.dll
    2008-09-28 00:48:37 ----A---- C:\Windows\system32\vbscript.dll
    2008-09-28 00:48:37 ----A---- C:\Windows\system32\jscript.dll
    2008-09-28 00:48:36 ----A---- C:\Windows\system32\wscript.exe
    2008-09-28 00:48:36 ----A---- C:\Windows\system32\scrrun.dll
    2008-09-28 00:48:36 ----A---- C:\Windows\system32\scrobj.dll
    2008-09-28 00:48:36 ----A---- C:\Windows\system32\cscript.exe
    2008-09-27 22:07:22 ----D---- C:\PerfLogs
    2008-09-27 21:37:56 ----A---- C:\Windows\system32\SPWizUI.dll
    2008-09-27 21:37:56 ----A---- C:\Windows\system32\SPReview.exe
    2008-09-27 21:23:29 ----A---- C:\Windows\system32\recdisc.exe
    2008-09-27 21:23:25 ----A---- C:\Windows\system32\sdspres.dll
    2008-09-27 21:22:16 ----A---- C:\Windows\system32\vsp1cln.exe
    2008-09-27 21:22:03 ----A---- C:\Windows\system32\sxproxy.dll
    2008-09-27 21:21:53 ----A---- C:\Windows\system32\spp.dll
    2008-09-27 21:20:42 ----A---- C:\Windows\system32\mssha.dll
    2008-09-27 21:20:42 ----A---- C:\Windows\system32\msrepl40.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\mstask.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\msscp.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\msrdc.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\msrd3x40.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\msrating.dll
    2008-09-27 21:20:41 ----A---- C:\Windows\system32\msra.exe
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\NAPMONTR.DLL
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\napipsec.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\NapiNSP.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\NAPHLPR.DLL
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\napdsnap.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\NAPCRYPT.DLL
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mydocs.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mycomput.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\MuiUnattend.exe
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mtxoci.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mtxlegih.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mtxdm.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mtxclu.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mtstocom.exe
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\msvbvm60.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\msv1_0.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\msutb.dll
    2008-09-27 21:20:39 ----A---- C:\Windows\system32\mstlsapi.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\msxml6.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\msxml3.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\msxbde40.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\mswsock.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\MSVidCtl.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\msvfw32.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\msvcrt.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\mstscax.dll
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\mstsc.exe
    2008-09-27 21:20:38 ----A---- C:\Windows\system32\mstext40.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\mswmdm.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msvidc32.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msftedit.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msfeedssync.exe
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msfeedsbs.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msfeeds.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msexcl40.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msdtcVSp1res.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msdtcuiu.dll
    2008-09-27 21:20:37 ----A---- C:\Windows\system32\msdtctm.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\mshtmled.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\mshta.exe
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdtclog.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdtckrm.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdtc.exe
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdt.exe
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdelta.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdart.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msdadiag.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\msctfui.dll
    2008-09-27 21:20:35 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\mspbde40.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\mspatcha.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\mspaint.exe
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msorcl32.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msoert2.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msoeacct.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msnetobj.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msmmsp.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msltus40.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msls31.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msjtes40.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msdtcprx.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msdt.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msdrm.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msdri.dll
    2008-09-27 21:20:34 ----A---- C:\Windows\system32\msdmo.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msobjs.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msihnd.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msiexec.exe
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msieftp.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msidle.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msident.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msidcrl30.dll
    2008-09-27 21:20:33 ----A---- C:\Windows\system32\msi.dll
    2008-09-27 21:20:32 ----A---- C:\Windows\system32\msjet40.dll
    2008-09-27 21:20:31 ----A---- C:\Windows\system32\msjetoledb40.dll
    2008-09-27 21:20:31 ----A---- C:\Windows\system32\msisip.dll
    2008-09-27 21:20:31 ----A---- C:\Windows\system32\msinfo32.exe
    2008-09-27 21:20:31 ----A---- C:\Windows\system32\msimtf.dll
    2008-09-27 21:20:29 ----A---- C:\Windows\system32\notepad.exe
    2008-09-27 21:20:29 ----A---- C:\Windows\system32\Nlsdl.dll
    2008-09-27 21:20:29 ----A---- C:\Windows\notepad.exe
    2008-09-27 21:20:27 ----A---- C:\Windows\system32\nlsbres.dll
    2008-09-27 21:20:27 ----A---- C:\Windows\system32\nlmgp.dll
    2008-09-27 21:20:25 ----A---- C:\Windows\system32\occache.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbctrac.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbcjt32.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbccu32.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbccr32.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbccp32.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbcconf.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbcbcp.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\odbc32.dll
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\ocsetup.exe
    2008-09-27 21:20:24 ----A---- C:\Windows\system32\objsel.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntvdm.exe
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntshrui.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntprint.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntmarta.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntlanman.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntdsapi.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\ntdll.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\nslookup.exe
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\nsisvc.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\nsi.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\nshipsec.dll
    2008-09-27 21:20:23 ----A---- C:\Windows\system32\nshhttp.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netiougc.exe
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netiohlp.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netid.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netevent.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netdiagfx.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netcorehc.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netcfgx.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netcfg.exe
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netcenter.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\netbtugc.exe
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\net.exe
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\ncsi.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\ncryptui.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\ncrypt.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\ncobjapi.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\nci.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\NcdProp.dll
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\nbtstat.exe
    2008-09-27 21:20:22 ----A---- C:\Windows\system32\NAPSTAT.EXE
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\nlasvc.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\nlaapi.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\newdev.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\networkmap.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\networkitemfactory.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\networkexplorer.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\net1.exe
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\ndfetw.dll
    2008-09-27 21:20:21 ----A---- C:\Windows\system32\ndfapi.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netshell.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\NetProjW.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netprofm.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netprof.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\Netplwiz.exe
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netplwiz.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netman.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\netlogon.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\lsmproxy.dll
    2008-09-27 21:20:20 ----A---- C:\Windows\system32\lsm.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\mblctr.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\makecab.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\luainstall.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\lsass.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\lsasrv.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\lpksetup.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\lpk.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\logman.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\loghours.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\logagent.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\lodctr.exe
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\localui.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\localspl.dll
    2008-09-27 21:20:19 ----A---- C:\Windows\system32\localsec.dll
    2008-09-27 21:20:18 ----A---- C:\Windows\system32\mfplat.dll
    2008-09-27 21:20:18 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2008-09-27 21:20:18 ----A---- C:\Windows\system32\lpremove.exe
    2008-09-27 21:20:18 ----A---- C:\Windows\system32\LogonUI.exe
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\MFWMAAEC.DLL
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfvdsp.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfps.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfpmp.exe
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfcsubs.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfc42u.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mfc42.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mf.dll
    2008-09-27 21:20:17 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\MdSched.exe
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\mdminst.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\McxDriv.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\Mcx2Svc.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\mcmde.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\mcbuilder.exe
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\itss.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\iscsiwmi.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\iscsied.dll
    2008-09-27 21:20:16 ----A---- C:\Windows\system32\ipsmsnap.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\ktmw32.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\ktmutil.exe
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iscsium.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iscsilog.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iscsiexe.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\ipsecsnp.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iprtrmgr.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iprtprio.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\ipnathlp.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\iphlpsvc.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\ipconfig.exe
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\IPBusEnum.dll
    2008-09-27 21:20:15 ----A---- C:\Windows\system32\inseng.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\loadperf.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\lnkstub.exe
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\lltdsvc.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\lltdapi.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\licmgr10.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\L2SecHC.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\l2nacp.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\l2gpstore.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\KMSVC.DLL
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\keymgr.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\kernel32.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\kerberos.dll
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\KBDKOR.DLL
    2008-09-27 21:20:14 ----A---- C:\Windows\system32\KBDJPN.DLL
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\MPSSVC.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\mprmsg.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\mprdim.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\mprddm.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\mprapi.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\mpr.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\kdusb.dll
    2008-09-27 21:20:13 ----A---- C:\Windows\system32\kdcom.dll
    2008-09-27 21:20:12 ----A---- C:\Windows\system32\MPG4DECD.DLL
    2008-09-27 21:20:12 ----A---- C:\Windows\system32\mountvol.exe
    2008-09-27 21:20:11 ----A---- C:\Windows\system32\MP43DECD.DLL
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\msctf.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\mscories.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\mscorier.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\mscoree.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\msconfig.exe
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\mscms.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\mscandui.dll
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\MP4SDECD.DLL
    2008-09-27 21:20:10 ----A---- C:\Windows\system32\MP3DMOD.DLL
    2008-09-27 21:20:09 ----A---- C:\Windows\system32\msacm32.dll
    2008-09-27 21:20:09 ----A---- C:\Windows\system32\MSAC3ENC.DLL
    2008-09-27 21:20:09 ----A---- C:\Windows\system32\msaatext.dll
    2008-09-27 21:20:06 ----A---- C:\Windows\system32\mmcshext.dll
    2008-09-27 21:20:06 ----A---- C:\Windows\system32\mmcndmgr.dll
    2008-09-27 21:20:06 ----A---- C:\Windows\system32\mmcbase.dll
    2008-09-27 21:20:06 ----A---- C:\Windows\system32\mmc.exe
    2008-09-27 21:20:05 ----A---- C:\Windows\system32\modemui.dll
    2008-09-27 21:20:05 ----A---- C:\Windows\system32\mobsync.exe
    2008-09-27 21:20:05 ----A---- C:\Windows\system32\MMDevAPI.dll
    2008-09-27 21:20:05 ----A---- C:\Windows\system32\mmcss.dll
    2008-09-27 21:20:05 ----A---- C:\Windows\system32\mlang.dll
    2008-09-27 21:20:04 ----A---- C:\Windows\system32\milcore.dll
    2008-09-27 21:20:04 ----A---- C:\Windows\system32\midimap.dll
    2008-09-27 21:20:03 ----A---- C:\Windows\system32\migisol.dll
    2008-09-27 21:20:03 ----A---- C:\Windows\system32\MigAutoPlay.exe
    2008-09-27 21:20:00 ----A---- C:\Windows\system32\SecEdit.exe
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\secur32.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\secproc_ssp.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\secproc_isv.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\secproc.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\seclogon.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\sdshext.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\sdrsvc.dll
    2008-09-27 21:19:59 ----A---- C:\Windows\system32\sdohlp.dll
    2008-09-27 21:19:57 ----A---- C:\Windows\system32\shrink.dll
    2008-09-27 21:19:57 ----A---- C:\Windows\system32\shlwapi.dll
    2008-09-27 21:19:57 ----A---- C:\Windows\system32\shimgvw.dll
    2008-09-27 21:19:57 ----A---- C:\Windows\system32\shgina.dll
    2008-09-27 21:19:52 ----A---- C:\Windows\system32\shsvcs.dll
    2008-09-27 21:19:52 ----A---- C:\Windows\system32\shsetup.dll
    2008-09-27 21:19:52 ----A---- C:\Windows\system32\shrpubw.exe
    2008-09-27 21:19:51 ----A---- C:\Windows\system32\shwebsvc.dll
    2008-09-27 21:19:51 ----A---- C:\Windows\system32\shutdown.exe
    2008-09-27 21:19:51 ----A---- C:\Windows\system32\shacct.dll
    2008-09-27 21:19:50 ----A---- C:\Windows\system32\smss.exe
    2008-09-27 21:19:50 ----A---- C:\Windows\system32\shdocvw.dll
    2008-09-27 21:19:49 ----A---- C:\Windows\system32\softkbd.dll
    2008-09-27 21:19:49 ----A---- C:\Windows\system32\SnippingTool.exe
    2008-09-27 21:19:49 ----A---- C:\Windows\system32\SndVol.exe
    2008-09-27 21:19:49 ----A---- C:\Windows\system32\SmiInstaller.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\slwmi.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\slwga.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLUINotify.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLUI.exe
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLsvc.exe
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\slmgr.vbs
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLLUA.exe
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLCommDlg.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\slcinst.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\slcc.dll
    2008-09-27 21:19:47 ----A---- C:\Windows\system32\SLC.dll
    2008-09-27 21:19:46 ----A---- C:\Windows\system32\SmiEngine.dll
    2008-09-27 21:19:46 ----A---- C:\Windows\system32\SLCExt.dll
    2008-09-27 21:19:45 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2008-09-27 21:19:45 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\sfc_os.dll
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\sfc.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\setupugc.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\setupSNK.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\setupcln.dll
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\setupcl.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\sethc.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\SessEnv.dll
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\services.exe
    2008-09-27 21:19:44 ----A---- C:\Windows\system32\serialui.dll
    2008-09-27 21:19:43 ----A---- C:\Windows\system32\setupapi.dll
    2008-09-27 21:19:43 ----A---- C:\Windows\system32\Sens.dll
    2008-09-27 21:19:43 ----A---- C:\Windows\system32\sendmail.dll
    2008-09-27 21:19:43 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2008-09-27 21:19:42 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2008-09-27 21:19:42 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2008-09-27 21:19:42 ----A---- C:\Windows\system32\PresentationHost.exe
    2008-09-27 21:19:42 ----A---- C:\Windows\system32\powrprof.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PSHED.DLL
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\psbase.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\powercpl.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pots.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pnrpnsp.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PNPXAssoc.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PnPutil.exe
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\PnPUnattend.exe
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pnpui.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pnpts.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pnpsetup.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pnidui.dll
    2008-09-27 21:19:41 ----A---- C:\Windows\system32\pngfilt.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\QAGENT.DLL
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\puiobj.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\puiapi.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\provthrd.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\printcom.dll
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\prevhost.exe
    2008-09-27 21:19:40 ----A---- C:\Windows\system32\PresentationSettings.exe
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\profsvc.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\profprov.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\procinst.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\prntvpt.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\prnntfy.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\printui.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\p2psvc.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\p2pcollab.dll
    2008-09-27 21:19:39 ----A---- C:\Windows\system32\P2P.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\pcaui.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\pcasvc.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\pcadm.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\p2pnetsh.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\p2phost.exe
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\P2PGraph.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\osblprov.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\OptionalFeatures.exe
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\oobefldr.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\olethk32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\olesvr32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\olepro32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\oleprn.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\oledlg.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\olecli32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\oleaut32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\oleacc.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\ole32.dll
    2008-09-27 21:19:38 ----A---- C:\Windows\system32\ogldrv.dll
    2008-09-27 21:19:37 ----A---- C:\Windows\system32\pidgenx.dll
    2008-09-27 21:19:37 ----A---- C:\Windows\system32\photowiz.dll
    2008-09-27 21:19:37 ----A---- C:\Windows\system32\osbaseln.dll
    2008-09-27 21:19:37 ----A---- C:\Windows\system32\onex.dll
    2008-09-27 21:19:36 ----A---- C:\Windows\system32\PlaySndSrv.dll
    2008-09-27 21:19:36 ----A---- C:\Windows\system32\pla.dll
    2008-09-27 21:19:36 ----A---- C:\Windows\system32\PkgMgr.exe
    2008-09-27 21:19:36 ----A---- C:\Windows\system32\PING.EXE
    2008-09-27 21:19:36 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\RstrtMgr.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\rshx32.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\rrinstaller.exe
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\perfts.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\perfnet.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\perfmon.msc
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\perfmon.exe
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\pdhui.dll
    2008-09-27 21:19:35 ----A---- C:\Windows\system32\pdh.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\samsrv.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\samlib.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\runonce.exe
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\rtm.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\rsaenh.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\rpcss.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\rpchttp.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\RMActivate.exe
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\riched32.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\riched20.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\rgb9rast.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\resutils.dll
    2008-09-27 21:19:34 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\sdengin2.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\sdclt.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\sdchange.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\scksp.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\schtasks.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\schedsvc.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\schannel.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\scesrv.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\scecli.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\SCardSvr.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\scansetting.dll
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\sbunattend.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\RpcPing.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\ROUTE.EXE
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\Robocopy.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2008-09-27 21:19:33 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2008-09-27 21:19:32 ----A---- C:\Windows\system32\sbeio.dll
    2008-09-27 21:19:32 ----A---- C:\Windows\system32\sbe.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rasdlg.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rasdiag.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rasctrs.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\raschap.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rascfg.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rasauto.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\rasapi32.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\RacEngn.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\RacAgent.exe
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\qedit.dll
    2008-09-27 21:19:31 ----A---- C:\Windows\system32\qdvd.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\qwave.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\QUTIL.DLL
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\Query.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\QSVRMGMT.DLL
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\QSHVHOST.DLL
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\qmgr.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\qdv.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\QCLIPROV.DLL
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\qcap.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\qasf.dll
    2008-09-27 21:19:30 ----A---- C:\Windows\system32\QAGENTRT.DLL
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\remotepg.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\RelMon.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rekeywiz.exe
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\regsvc.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\regini.exe
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\RegCtrl.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\regapi.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\reg.exe
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rdrleakdiag.exe
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rdpwsx.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rdpencom.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\RDPENCDD.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rasppp.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rasplap.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rasphone.exe
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rasmontr.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\RASMM.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\system32\rasgcw.dll
    2008-09-27 21:19:29 ----A---- C:\Windows\regedit.exe
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rdpdd.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rdpcfgex.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rastls.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rastapi.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rasqec.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rasmans.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\rasman.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\raserver.exe
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\devenum.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\Defrag.exe
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3dim700.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3dim.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d9.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d8.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d10core.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d10_1core.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d10_1.dll
    2008-09-27 21:19:28 ----A---- C:\Windows\system32\d3d10.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\ddraw.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\dbnetlib.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\dbghelp.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\dbgeng.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\d3dxof.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\csrstub.exe
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\csrss.exe
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\csrsrv.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cscdll.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cscapi.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cryptui.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cryptsvc.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cryptnet.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\cryptdll.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\crypt32.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\credui.dll
    2008-09-27 21:19:27 ----A---- C:\Windows\system32\credssp.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dispex.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dispdiag.exe
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dispci.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\diskraid.exe
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\diskpart.exe
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dinput8.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dimsroam.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\dimsjob.dll
    2008-09-27 21:19:26 ----A---- C:\Windows\system32\diantz.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfsr.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfshim.dll
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfrgui.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\DfrgNtfs.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfrgifc.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfrgfat.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\DFDWiz.exe
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\dfdts.dll
    2008-09-27 21:19:25 ----A---- C:\Windows\system32\devmgr.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\diagperf.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\dhcpsapi.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\DHCPQEC.DLL
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\DfsShlEx.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\cmlua.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\cmdial32.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\cmd.exe
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\cmcfg32.dll
    2008-09-27 21:19:24 ----A---- C:\Windows\system32\clusapi.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cmmon32.exe
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cmipnpinstall.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cmifw.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cmicryptinstall.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cmdl32.exe
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\clfsw32.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\clbcatq.dll
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cipher.exe
    2008-09-27 21:19:23 ----A---- C:\Windows\system32\cic.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\corpol.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\convert.exe
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\comuid.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\comsvcs.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\comsnap.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\comres.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\comrepl.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\ComputerDefaults.exe
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\compstui.dll
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
    2008-09-27 21:19:22 ----A---- C:\Windows\system32\CompatUI.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\consent.exe
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\connect.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\conime.exe
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\comdlg32.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\colorui.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\COLORCNV.DLL
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\colbact.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cofiredm.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmutil.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmstplua.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmstp.exe
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmpbk32.dll
    2008-09-27 21:19:20 ----A---- C:\Windows\system32\els.dll
    2008-09-27 21:19:20 ----A---- C:\Windows\system32\comctl32.dll
    2008-09-27 21:19:17 ----A---- C:\Windows\system32\esentutl.exe
    2008-09-27 21:19:17 ----A---- C:\Windows\system32\esentprf.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\esent.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\EncDump.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\efsadu.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\eapsvc.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\EAPQEC.DLL
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\eappprxy.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\filemgmt.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\feclient.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fdWSD.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fdeploy.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fde.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fontsub.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fontext.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fmifs.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\FirewallControlPanel.exe
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\FirewallAPI.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\findstr.exe
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\findnetprinters.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdWCN.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdSSDP.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdPHost.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\Faultrep.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\f3ahvoas.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\evr.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\eventcls.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\extrac32.exe
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\extmgr.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\expand.exe
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3ui.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3svc.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3cfg.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\explorer.exe
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\driverquery.exe
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dpx.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3msm.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3gpui.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3gpclnt.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3dlg.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3api.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\drmv2clt.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\drmmgrtn.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dps.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dpnet.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\DpiScaling.exe
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dpapimig.exe
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dmime.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dxdiag.exe
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnsrslvr.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnshc.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnscacheugc.exe
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnsapi.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmvdsitf.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmutil.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmusic.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmsynth.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmscript.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmocx.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmloader.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdskres2.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdskmgr.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdlgs.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eapphost.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eappgnui.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eappcfg.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eapp3hst.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxva2.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxtrans.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxtmsft.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxmasf.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxgi.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxdiagn.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\DWWIN.EXE
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwmredir.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwmapi.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwm.exe
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dsdmo.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\duser.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsuiext.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dssenh.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dssec.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsquery.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsprop.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsound.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dskquoui.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dskquota.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsauth.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\drvstore.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\drvinst.exe
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\audiodg.exe
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\atmfd.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AuthFWSnapin.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AuthFWGP.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\authfwcfg.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AudioEng.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\audiodev.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\atl.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AtBroker.exe
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\at.exe
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\auditpol.exe
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\audiosrv.dll
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\AudioSes.dll
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\bcdedit.exe
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\batt.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\basesrv.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\basecsp.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bitsadmin.exe
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\BFE.DLL
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcrypt.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcdsrv.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcdprov.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32
     
    shortnsweet3781,
    #3
  5. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    log part 3

    2008-09-27 21:19:21 ----A---- C:\Windows\system32\connect.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\conime.exe
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\comdlg32.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\colorui.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\COLORCNV.DLL
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\colbact.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cofiredm.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmutil.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmstplua.dll
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmstp.exe
    2008-09-27 21:19:21 ----A---- C:\Windows\system32\cmpbk32.dll
    2008-09-27 21:19:20 ----A---- C:\Windows\system32\els.dll
    2008-09-27 21:19:20 ----A---- C:\Windows\system32\comctl32.dll
    2008-09-27 21:19:17 ----A---- C:\Windows\system32\esentutl.exe
    2008-09-27 21:19:17 ----A---- C:\Windows\system32\esentprf.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\esent.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\EncDump.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\efsadu.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\eapsvc.dll
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\EAPQEC.DLL
    2008-09-27 21:19:16 ----A---- C:\Windows\system32\eappprxy.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\filemgmt.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\feclient.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fdWSD.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fdeploy.dll
    2008-09-27 21:19:10 ----A---- C:\Windows\system32\fde.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fontsub.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fontext.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fmifs.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\FirewallControlPanel.exe
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\FirewallAPI.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\findstr.exe
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\findnetprinters.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdWCN.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdSSDP.dll
    2008-09-27 21:19:09 ----A---- C:\Windows\system32\fdPHost.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\Faultrep.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\f3ahvoas.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\evr.dll
    2008-09-27 21:19:08 ----A---- C:\Windows\system32\eventcls.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\extrac32.exe
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\extmgr.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\expand.exe
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3ui.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3svc.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\system32\dot3cfg.dll
    2008-09-27 21:19:07 ----A---- C:\Windows\explorer.exe
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\driverquery.exe
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dpx.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3msm.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3gpui.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3gpclnt.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3dlg.dll
    2008-09-27 21:19:06 ----A---- C:\Windows\system32\dot3api.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\drmv2clt.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\drmmgrtn.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dps.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dpnet.dll
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\DpiScaling.exe
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dpapimig.exe
    2008-09-27 21:19:05 ----A---- C:\Windows\system32\dmime.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dxdiag.exe
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnsrslvr.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnshc.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnscacheugc.exe
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dnsapi.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmvdsitf.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmutil.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmusic.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmsynth.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmscript.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmocx.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmloader.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdskres2.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdskmgr.dll
    2008-09-27 21:19:04 ----A---- C:\Windows\system32\dmdlgs.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eapphost.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eappgnui.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eappcfg.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\eapp3hst.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxva2.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxtrans.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxtmsft.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxmasf.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxgi.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dxdiagn.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\DWWIN.EXE
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwmredir.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwmapi.dll
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dwm.exe
    2008-09-27 21:19:03 ----A---- C:\Windows\system32\dsdmo.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\duser.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsuiext.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dssenh.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dssec.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsquery.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsprop.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsound.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dskquoui.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dskquota.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\dsauth.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\drvstore.dll
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\drvinst.exe
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\audiodg.exe
    2008-09-27 21:19:02 ----A---- C:\Windows\system32\atmfd.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AuthFWSnapin.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AuthFWGP.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\authfwcfg.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AudioEng.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\audiodev.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\atl.dll
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\AtBroker.exe
    2008-09-27 21:19:01 ----A---- C:\Windows\system32\at.exe
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\auditpol.exe
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\audiosrv.dll
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\AudioSes.dll
    2008-09-27 21:19:00 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\bcdedit.exe
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\batt.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\basesrv.dll
    2008-09-27 21:18:59 ----A---- C:\Windows\system32\basecsp.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bitsadmin.exe
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\BFE.DLL
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcrypt.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcdsrv.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\bcdprov.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\autoplay.dll
    2008-09-27 21:18:58 ----A---- C:\Windows\system32\autofmt.exe
    2008-09-27 21:18:58 ----A---- C:\Windows\bfsvc.exe
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\azroles.dll
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\autoconv.exe
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\autochk.exe
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\authz.dll
    2008-09-27 21:18:57 ----A---- C:\Windows\system32\authui.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\AzSqlExt.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\azroleui.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\avrt.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\avifil32.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\ACW.exe
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\actxprxy.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\activeds.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\ActiveContentWizard.dll
    2008-09-27 21:18:56 ----A---- C:\Windows\system32\ActionQueue.dll
    2008-09-27 21:18:55 ----A---- C:\Windows\system32\admparse.dll
    2008-09-27 21:18:55 ----A---- C:\Windows\system32\aclui.dll
    2008-09-27 21:18:55 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2008-09-27 21:18:55 ----A---- C:\Windows\system32\aaclient.dll
    2008-09-27 21:18:54 ----A---- C:\Windows\system32\apircl.dll
    2008-09-27 21:18:54 ----A---- C:\Windows\system32\apilogen.dll
    2008-09-27 21:18:54 ----A---- C:\Windows\system32\apds.dll
    2008-09-27 21:18:54 ----A---- C:\Windows\system32\amxread.dll
    2008-09-27 21:18:54 ----A---- C:\Windows\system32\amstream.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\apss.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\appinfo.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\apphelp.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\alg.exe
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\advpack.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\advapi32.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\adtschema.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\adsnt.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\adsmsext.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\adsldpc.dll
    2008-09-27 21:18:53 ----A---- C:\Windows\system32\adsldp.dll
    2008-09-27 21:18:52 ----A---- C:\Windows\system32\catsrvut.dll
    2008-09-27 21:18:52 ----A---- C:\Windows\system32\cabview.dll
    2008-09-27 21:18:52 ----A---- C:\Windows\system32\cabinet.dll
    2008-09-27 21:18:52 ----A---- C:\Windows\system32\btpanui.dll
    2008-09-27 21:18:51 ----A---- C:\Windows\system32\catsrv.dll
    2008-09-27 21:18:51 ----A---- C:\Windows\system32\capisp.dll
    2008-09-27 21:18:51 ----A---- C:\Windows\system32\cacls.exe
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\bthci.dll
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\browseui.dll
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\browser.dll
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\bridgeunattend.exe
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\brcplsdw.dll
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\brcpl.dll
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\BOOTVID.DLL
    2008-09-27 21:18:50 ----A---- C:\Windows\system32\bootstr.dll
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\certutil.exe
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\certreq.exe
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\certprop.dll
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\certmgr.dll
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\CertEnroll.dll
    2008-09-27 21:18:49 ----A---- C:\Windows\system32\certcli.dll
    2008-09-27 21:18:48 ----A---- C:\Windows\system32\cfgmgr32.dll
    2008-09-27 21:18:48 ----A---- C:\Windows\system32\cfgbkend.dll
    2008-09-27 21:18:48 ----A---- C:\Windows\system32\cewmdm.dll
    2008-09-27 21:18:48 ----A---- C:\Windows\system32\cdosys.dll
    2008-09-27 21:18:47 ----A---- C:\Windows\system32\bootcfg.exe
    2008-09-27 21:18:46 ----A---- C:\Windows\system32\blackbox.dll
    2008-09-27 21:18:46 ----A---- C:\Windows\system32\bitsigd.dll
    2008-09-27 21:18:39 ----A---- C:\Windows\system32\IMJP10K.DLL
    2008-09-27 21:18:39 ----A---- C:\Windows\system32\imgutil.dll
    2008-09-27 21:18:38 ----A---- C:\Windows\system32\imagesp1.dll
    2008-09-27 21:18:37 ----A---- C:\Windows\system32\imapi2fs.dll
    2008-09-27 21:18:37 ----A---- C:\Windows\system32\imapi2.dll
    2008-09-27 21:18:37 ----A---- C:\Windows\system32\imapi.dll
    2008-09-27 21:18:37 ----A---- C:\Windows\system32\imagehlp.dll
    2008-09-27 21:18:37 ----A---- C:\Windows\system32\IKEEXT.DLL
    2008-09-27 21:18:36 ----A---- C:\Windows\system32\InkEd.dll
    2008-09-27 21:18:36 ----A---- C:\Windows\system32\inetppui.dll
    2008-09-27 21:18:36 ----A---- C:\Windows\system32\inetpp.dll
    2008-09-27 21:18:36 ----A---- C:\Windows\system32\inetmib1.dll
    2008-09-27 21:18:35 ----A---- C:\Windows\system32\input.dll
    2008-09-27 21:18:35 ----A---- C:\Windows\system32\infocardapi.dll
    2008-09-27 21:18:35 ----A---- C:\Windows\system32\InfDefaultInstall.exe
    2008-09-27 21:18:33 ----A---- C:\Windows\system32\imm32.dll
    2008-09-27 21:18:33 ----A---- C:\Windows\system32\iasads.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\icaapi.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iassvcs.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iassdo.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iassam.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iasrecst.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iasrad.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iaspolcy.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iasnap.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iashost.exe
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iashlpr.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iasdatastore.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\iasacct.dll
    2008-09-27 21:18:32 ----A---- C:\Windows\system32\ias.dll
    2008-09-27 21:18:31 ----A---- C:\Windows\system32\httpapi.dll
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\ifsutil.dll
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\ifmon.dll
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\iexpress.exe
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\iesetup.dll
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\iernonce.dll
    2008-09-27 21:18:30 ----A---- C:\Windows\system32\iepeers.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\ieakeng.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\ie4uinit.exe
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\idndl.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\icsunattend.exe
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\icsfiltr.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\icm32.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\icardie.dll
    2008-09-27 21:18:29 ----A---- C:\Windows\system32\icardagt.exe
    2008-09-27 21:18:28 ----A---- C:\Windows\system32\ieencode.dll
    2008-09-27 21:18:28 ----A---- C:\Windows\system32\icfupgd.dll
    2008-09-27 21:18:28 ----A---- C:\Windows\system32\icardres.dll
    2008-09-27 21:18:28 ----A---- C:\Windows\system32\icacls.exe
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\iedkcs32.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\ieapfltr.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\ieaksie.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBPROPS.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBPRO.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBOIDPS.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBOID.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBMINI.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HPBMIAPI.DLL
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\HotStartUserAgent.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\hnetmon.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\hnetcfg.dll
    2008-09-27 21:18:27 ----A---- C:\Windows\system32\hlink.dll
    2008-09-27 21:18:25 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2008-09-27 21:18:24 ----A---- C:\Windows\system32\fsmgmt.msc
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\hbaapi.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\fwcfg.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\fundisc.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\ftp.exe
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\fsutil.exe
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\framedynos.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\framedyn.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\framebuf.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\system32\fphc.dll
    2008-09-27 21:18:23 ----A---- C:\Windows\fveupdate.exe
    2008-09-27 21:18:22 ----A---- C:\Windows\system32\HelpPaneProxy.dll
    2008-09-27 21:18:22 ----A---- C:\Windows\system32\GuidedHelp.dll
    2008-09-27 21:18:21 ----A---- C:\Windows\system32\getmac.exe
    2008-09-27 21:18:21 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
    2008-09-27 21:18:21 ----A---- C:\Windows\HelpPane.exe
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\graftabl.com
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gpupdate.exe
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gpsvc.dll
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gpresult.exe
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gpedit.dll
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gpapi.dll
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
    2008-09-27 21:18:20 ----A---- C:\Windows\system32\gacinstall.dll
    2008-09-27 21:18:09 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
    2008-09-27 21:18:09 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
    2008-09-27 21:18:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wiadss.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wiadefui.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wiaaut.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wiaacmgr.exe
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\whealogr.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wfapigp.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wevtutil.exe
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wevtsvc.dll
    2008-09-27 21:18:07 ----A---- C:\Windows\system32\wevtfwd.dll
    2008-09-27 21:18:06 ----A---- C:\Windows\system32\win32spl.dll
    2008-09-27 21:18:06 ----A---- C:\Windows\system32\wextract.exe
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\winusb.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\wintrust.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\winsta.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\winsrv.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\WINSRPC.DLL
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\wiashext.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\wiaservc.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\wiascanprofiles.dll
    2008-09-27 21:18:05 ----A---- C:\Windows\system32\wiarpc.dll
    2008-09-27 21:18:04 ----A---- C:\Windows\system32\WinSCard.dll
    2008-09-27 21:18:04 ----A---- C:\Windows\system32\WinSATAPI.dll
    2008-09-27 21:18:04 ----A---- C:\Windows\system32\WinSAT.exe
    2008-09-27 21:18:04 ----A---- C:\Windows\system32\winrsmgr.dll
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\WLanConn.dll
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\wlancfg.dll
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\wlanapi.dll
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\wkssvc.dll
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\wisptis.exe
    2008-09-27 21:18:03 ----A---- C:\Windows\system32\wininit.exe
    2008-09-27 21:18:02 ----A---- C:\Windows\system32\winethc.dll
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winrshost.exe
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winrscmd.dll
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winrs.exe
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winrm.vbs
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winnsi.dll
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winmm.dll
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winlogon.exe
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\winhttp.dll
    2008-09-27 21:18:01 ----A---- C:\Windows\system32\WinFXDocObj.exe
    2008-09-27 21:18:00 ----A---- C:\Windows\system32\wbemcomn.dll
    2008-09-27 21:18:00 ----A---- C:\Windows\system32\wavemsp.dll
    2008-09-27 21:18:00 ----A---- C:\Windows\system32\WavDest.dll
    2008-09-27 21:18:00 ----A---- C:\Windows\system32\w32tm.exe
    2008-09-27 21:18:00 ----A---- C:\Windows\system32\w32time.dll
    2008-09-27 21:17:59 ----A---- C:\Windows\system32\waitfor.exe
    2008-09-27 21:17:59 ----A---- C:\Windows\system32\vssadmin.exe
    2008-09-27 21:17:59 ----A---- C:\Windows\system32\vss_ps.dll
    2008-09-27 21:17:58 ----A---- C:\Windows\system32\VSSVC.exe
    2008-09-27 21:17:58 ----A---- C:\Windows\system32\vsstrace.dll
    2008-09-27 21:17:58 ----A---- C:\Windows\system32\vssapi.dll
    2008-09-27 21:17:57 ----A---- C:\Windows\system32\WebClnt.dll
    2008-09-27 21:17:57 ----A---- C:\Windows\system32\webcheck.dll
    2008-09-27 21:17:56 ----A---- C:\Windows\system32\wermgr.exe
    2008-09-27 21:17:56 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2008-09-27 21:17:56 ----A---- C:\Windows\system32\WerFault.exe
    2008-09-27 21:17:56 ----A---- C:\Windows\system32\werdiagcontroller.dll
    2008-09-27 21:17:56 ----A---- C:\Windows\system32\wdscore.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wevtapi.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wersvc.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wercplsupport.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wercon.exe
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wer.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wecutil.exe
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wecsvc.dll
    2008-09-27 21:17:55 ----A---- C:\Windows\system32\wecapi.dll
    2008-09-27 21:17:54 ----A---- C:\Windows\system32\wdigest.dll
    2008-09-27 21:17:54 ----A---- C:\Windows\system32\wdi.dll
    2008-09-27 21:17:54 ----A---- C:\Windows\system32\wdc.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\WSDMon.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\WSDApi.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\wscsvc.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\wscproxystub.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\wscntfy.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\wcnwiz.dll
    2008-09-27 21:17:53 ----A---- C:\Windows\system32\wcncsvc.dll
    2008-09-27 21:17:52 ----A---- C:\Windows\system32\wshcon.dll
    2008-09-27 21:17:52 ----A---- C:\Windows\system32\wscmisetup.dll
    2008-09-27 21:17:52 ----A---- C:\Windows\system32\wscisvif.dll
    2008-09-27 21:17:52 ----A---- C:\Windows\system32\wscapi.dll
    2008-09-27 21:17:51 ----A---- C:\Windows\system32\wship6.dll
    2008-09-27 21:17:51 ----A---- C:\Windows\system32\wsecedit.dll
    2008-09-27 21:17:50 ----A---- C:\Windows\system32\wpdbusenum.dll
    2008-09-27 21:17:49 ----A---- C:\Windows\system32\wpcao.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\ws2_32.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpnpinst.exe
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpdwcn.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\WPDSp.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\WPDShServiceObj.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpd_ci.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpcsvc.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpclsp.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\wpccpl.dll
    2008-09-27 21:17:48 ----A---- C:\Windows\system32\Wpc.dll
    2008-09-27 21:17:47 ----A---- C:\Windows\system32\xcopy.exe
    2008-09-27 21:17:47 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
    2008-09-27 21:17:47 ----A---- C:\Windows\system32\wpdshext.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\XPSSHHDR.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\xolehlp.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\xmlprovi.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\xmllite.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\xactsrv.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\wzcdlg.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\wvc.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\wusa.exe
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\WUDFx.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\WUDFSvc.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\WUDFPlatform.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\wsnmp32.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\WsmWmiPl.dll
    2008-09-27 21:17:45 ----A---- C:\Windows\system32\WsmRes.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\xpssvcs.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WUDFHost.exe
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\wsqmcons.exe
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\wsock32.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WsmSvc.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WsmProv.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WsmCl.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WsmAuto.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
    2008-09-27 21:17:44 ----A---- C:\Windows\system32\WSHTCPIP.DLL
    2008-09-27 21:17:43 ----A---- C:\Windows\system32\xwizards.dll
    2008-09-27 21:17:43 ----A---- C:\Windows\system32\wtsapi32.dll
    2008-09-27 21:17:43 ----A---- C:\Windows\system32\wmidx.dll
    2008-09-27 21:17:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\Wldap32.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlanui.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlansvc.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlansec.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlanpref.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlanmsm.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\WlanMmHC.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlanhlp.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlangpui.dll
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlanext.exe
    2008-09-27 21:17:42 ----A---- C:\Windows\system32\wlandlg.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\wmdrmnet.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\wmdrmdev.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\WMASF.DLL
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\WMADMOE.DLL
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\WMADMOD.DLL
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\wlgpclnt.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\WlanMM.dll
    2008-09-27 21:17:41 ----A---- C:\Windows\system32\WLanHC.dll
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\WMSPDMOE.DLL
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\WMSPDMOD.DLL
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\wmpsrcwp.dll
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\wmpshell.dll
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\wmpmde.dll
    2008-09-27 21:17:40 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
    2008-09-27 21:17:38 ----A---- C:\Windows\system32\wow32.dll
    2008-09-27 21:17:38 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2008-09-27 21:17:38 ----A---- C:\Windows\system32\WMVSENCD.DLL
    2008-09-27 21:17:38 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2008-09-27 21:17:38 ----A---- C:\Windows\system32\wmploc.DLL
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\wmvdspa.dll
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\WMVDECOD.DLL
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\WMVCORE.DLL
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\wmpdxm.dll
    2008-09-27 21:17:37 ----A---- C:\Windows\system32\wmiprop.dll
    2008-09-27 21:17:36 ----A---- C:\Windows\system32\WMPhoto.dll
    2008-09-27 21:17:36 ----A---- C:\Windows\system32\WMPEncEn.dll
    2008-09-27 21:17:36 ----A---- C:\Windows\system32\WMNetMgr.dll
    2008-09-27 21:17:34 ----A---- C:\Windows\system32\wmpcm.dll
    2008-09-27 21:17:34 ----A---- C:\Windows\system32\wmp.dll
    2008-09-27 21:17:32 ----A---- C:\Windows\system32\Tabbtn.dll
    2008-09-27 21:17:32 ----A---- C:\Windows\system32\systeminfo.exe
    2008-09-27 21:17:32 ----A---- C:\Windows\system32\systemcpl.dll
    2008-09-27 21:17:31 ----A---- C:\Windows\system32\t2embed.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\tcpmon.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\tcpipcfg.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\tbssvc.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\tbs.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\taskschd.dll
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\taskmgr.exe
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\tasklist.exe
    2008-09-27 21:17:28 ----A---- C:\Windows\system32\taskkill.exe
    2008-09-27 21:17:27 ----A---- C:\Windows\system32\tdh.dll
    2008-09-27 21:17:27 ----A---- C:\Windows\system32\tcpmon.ini
    2008-09-27 21:17:27 ----A---- C:\Windows\system32\tabcal.exe
    2008-09-27 21:17:27 ----A---- C:\Windows\system32\TabbtnEx.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\taskeng.exe
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\taskcomp.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\tapisrv.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\TapiMigPlugin.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\takeown.exe
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\srrstr.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\sqmapi.dll
    2008-09-27 21:17:26 ----A---- C:\Windows\system32\sqlcese30.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\sstpsvc.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\SSShim.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\ssdpsrv.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\srwmi.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\sqlsrv32.dll
    2008-09-27 21:17:25 ----A---- C:\Windows\system32\sqlceqp30.dll
    2008-09-27 21:17:24 ----A---- C:\Windows\system32\srvsvc.dll
    2008-09-27 21:17:23 ----A---- C:\Windows\system32\spoolsv.exe
    2008-09-27 21:17:23 ----A---- C:\Windows\system32\spoolss.dll
    2008-09-27 21:17:23 ----A---- C:\Windows\system32\SoundRecorder.exe
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\syncui.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\synceng.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\sxstrace.exe
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spwmp.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spwizres.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spwizimg.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spwizeng.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\sppnp.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spopk.dll
    2008-09-27 21:17:22 ----A---- C:\Windows\system32\spbcd.dll
    2008-09-27 21:17:21 ----A---- C:\Windows\system32\SysFxUI.dll
    2008-09-27 21:17:21 ----A---- C:\Windows\system32\SyncCenter.dll
    2008-09-27 21:17:21 ----A---- C:\Windows\system32\sxsstore.dll
    2008-09-27 21:17:21 ----A---- C:\Windows\system32\sxs.dll
    2008-09-27 21:17:21 ----A---- C:\Windows\system32\swprv.dll
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\syssetup.dll
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\sysmain.dll
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\syskey.exe
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\Storprop.dll
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\stobject.dll
    2008-09-27 21:17:20 ----A---- C:\Windows\system32\sti_ci.dll
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\userinit.exe
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\userenv.dll
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\user32.dll
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\usbperf.dll
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\usbmon.dll
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\svchost.exe
    2008-09-27 21:17:19 ----A---- C:\Windows\system32\sud.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\usp10.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\usercpl.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\usbui.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\url.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\upnphost.dll
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\upnpcont.exe
    2008-09-27 21:17:18 ----A---- C:\Windows\system32\upnp.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\zipfldr.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\xwtpw32.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\vga64k.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\vga256.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\vga.dll
    2008-09-27 21:17:17 ----A---- C:\Windows\system32\untfs.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\VIDRESZR.DLL
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vfwwdm32.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\version.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\verifier.exe
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\verifier.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vdsutil.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vds_ps.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vds.exe
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vdmredir.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\vdmdbg.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\VAN.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\uxtheme.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\uxsms.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\uudf.dll
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\Utilman.exe
    2008-09-27 21:17:16 ----A---- C:\Windows\system32\utildll.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\vdsldr.exe
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\vdsdyn.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\vdsbas.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\TSTheme.exe
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\TSpkg.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\tsgqec.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\tsddd.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\tscupgrd.exe
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\trkwks.dll
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\tracerpt.exe
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\TpmInit.exe
    2008-09-27 21:17:15 ----A---- C:\Windows\system32\TMM.dll
    2008-09-27 21:17:14 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
    2008-09-27 21:17:14 ----A---- C:\Windows\system32\themecpl.dll
    2008-09-27 21:17:14 ----A---- C:\Windows\system32\termsrv.dll
    2008-09-27 21:17:14 ----A---- C:\Windows\system32\termmgr.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\unregmp2.exe
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\unlodctr.exe
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\unattendedjoin.exe
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\umpnpmgr.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\umb.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\ulib.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\UIHub.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\thumbcache.dll
    2008-09-27 21:17:13 ----A---- C:\Windows\system32\themeui.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\unbcl.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\unattend.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\UIAutomationCore.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\UI0Detect.exe
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\ufat.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\uexfat.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\uDWM.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\ucsvc.exe
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\txfw32.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\txflog.dll
    2008-09-27 21:17:12 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2008-09-27 21:12:41 ----A---- C:\Windows\system32\cbsra.exe
    2008-09-27 21:11:39 ----D---- C:\ccf93dd45aaa802f155ad1397c
    2008-09-26 16:06:27 ----D---- C:\Program Files\Apple Software Update
    2008-09-26 16:05:09 ----A---- C:\Windows\system32\GEARAspi.dll
    2008-09-26 16:05:08 ----DC---- C:\Windows\system32\DRVSTORE
    2008-09-26 16:04:48 ----D---- C:\Program Files\iPod
    2008-09-26 16:04:45 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-26 16:04:45 ----D---- C:\Program Files\iTunes
    2008-09-26 16:01:56 ----D---- C:\Program Files\QuickTime
    2008-09-26 15:54:13 ----D---- C:\Program Files\Bonjour
    2008-09-10 06:30:20 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-09-10 06:30:20 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-09-10 06:30:03 ----A---- C:\Windows\system32\wmpeffects.dll
    2008-08-29 09:18:58 ----A---- C:\Windows\system32\dns-sd.exe
    2008-08-29 08:53:50 ----A---- C:\Windows\system32\dnssd.dll
    2008-08-27 14:23:16 ----A---- C:\Windows\system32\wups2.dll
    2008-08-27 14:23:16 ----A---- C:\Windows\system32\wucltux.dll
    2008-08-27 14:23:16 ----A---- C:\Windows\system32\wuaueng.dll
    2008-08-27 14:23:16 ----A---- C:\Windows\system32\wuauclt.exe
    2008-08-27 14:22:52 ----A---- C:\Windows\system32\wups.dll
    2008-08-27 14:22:52 ----A---- C:\Windows\system32\wudriver.dll
    2008-08-27 14:22:52 ----A---- C:\Windows\system32\wuapi.dll
    2008-08-27 14:22:35 ----A---- C:\Windows\system32\wuwebv.dll
    2008-08-27 14:22:35 ----A---- C:\Windows\system32\wuapp.exe
    2008-08-16 02:06:36 ----A---- C:\Windows\system32\tzres.dll
    2008-08-14 18:49:44 ----A---- C:\Windows\system32\winipsec.dll
    2008-08-14 18:49:44 ----A---- C:\Windows\system32\polstore.dll
    2008-08-14 18:49:44 ----A---- C:\Windows\system32\IPSECSVC.DLL
    2008-08-14 18:49:44 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2008-08-14 18:49:40 ----A---- C:\Windows\system32\es.dll
    2008-08-14 18:49:30 ----A---- C:\Windows\system32\ieui.dll
    2008-08-14 18:49:12 ----A---- C:\Windows\system32\inetcomm.dll
     
    shortnsweet3781,
    #4
  6. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    log part 5

    ======List of files/folders modified in the last 3 months======

    2008-10-30 09:37:54 ----D---- C:\Windows\Prefetch
    2008-10-30 09:37:29 ----RD---- C:\Program Files
    2008-10-30 09:37:18 ----D---- C:\Windows\Temp
    2008-10-30 09:21:18 ----D---- C:\Users\Cheryl\AppData\Roaming\Tunebite
    2008-10-30 03:28:31 ----D---- C:\Windows\System32
    2008-10-30 03:28:31 ----D---- C:\Windows\inf
    2008-10-30 03:28:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-10-30 03:00:17 ----SHD---- C:\Windows\Installer
    2008-10-30 03:00:17 ----HD---- C:\Config.Msi
    2008-10-29 22:43:55 ----D---- C:\Windows
    2008-10-29 22:36:09 ----A---- C:\Windows\system.ini
    2008-10-29 22:25:37 ----D---- C:\Windows\system32\drivers
    2008-10-29 22:25:36 ----D---- C:\Windows\AppPatch
    2008-10-29 22:25:36 ----D---- C:\Program Files\Common Files
    2008-10-29 21:53:01 ----D---- C:\Windows\system32\LogFiles
    2008-10-29 19:55:57 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-29 18:29:13 ----HD---- C:\ProgramData
    2008-10-29 07:02:48 ----D---- C:\Windows\winsxs
    2008-10-29 07:01:45 ----D---- C:\Windows\system32\catroot
    2008-10-29 06:59:16 ----D---- C:\Windows\Registration
    2008-10-29 06:59:09 ----RSD---- C:\Windows\assembly
    2008-10-29 06:58:27 ----D---- C:\Program Files\Internet Explorer
    2008-10-29 06:57:00 ----D---- C:\ProgramData\avg8
    2008-10-29 06:54:53 ----SD---- C:\Users\Cheryl\AppData\Roaming\Microsoft
    2008-10-28 20:49:32 ----SHD---- C:\System Volume Information
    2008-10-27 17:27:02 ----HD---- C:\$AVG8.VAULT$
    2008-10-23 02:15:19 ----D---- C:\Windows\Microsoft.NET
    2008-10-23 02:10:03 ----D---- C:\Windows\system32\catroot2
    2008-10-23 02:06:54 ----D---- C:\Windows\ehome
    2008-10-20 17:31:49 ----D---- C:\Windows\Minidump
    2008-10-20 17:31:37 ----SD---- C:\Windows\Downloaded Program Files
    2008-10-18 08:43:36 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-17 17:21:23 ----D---- C:\Program Files\Java
    2008-10-17 16:22:43 ----D---- C:\Users\Cheryl\AppData\Roaming\Roxio
    2008-10-17 16:17:38 ----D---- C:\ProgramData\Roxio
    2008-10-16 02:14:03 ----D---- C:\Program Files\Windows Mail
    2008-10-16 02:14:01 ----D---- C:\Windows\system32\migration
    2008-10-12 21:01:17 ----D---- C:\Users\Cheryl\AppData\Roaming\uTorrent
    2008-10-07 19:19:40 ----A---- C:\Windows\system32\mrt.exe
    2008-09-28 02:24:13 ----D---- C:\Windows\rescache
    2008-09-28 02:04:29 ----D---- C:\Windows\system32\en-US
    2008-09-28 02:04:29 ----D---- C:\Windows\PolicyDefinitions
    2008-09-27 23:08:18 ----D---- C:\Windows\Logs
    2008-09-27 22:27:00 ----SHD---- C:\Boot
    2008-09-27 22:26:29 ----ASH---- C:\Program Files\desktop.ini
    2008-09-27 22:14:16 ----D---- C:\Program Files\Windows Calendar
    2008-09-27 22:14:15 ----D---- C:\Program Files\Windows Sidebar
    2008-09-27 22:14:15 ----D---- C:\Program Files\Movie Maker
    2008-09-27 22:14:10 ----D---- C:\Program Files\Windows Media Player
    2008-09-27 22:14:08 ----D---- C:\Program Files\Windows Collaboration
    2008-09-27 22:14:06 ----D---- C:\Program Files\Windows Journal
    2008-09-27 22:14:04 ----D---- C:\Program Files\Windows Photo Gallery
    2008-09-27 22:13:47 ----D---- C:\Program Files\Common Files\System
    2008-09-27 22:13:46 ----D---- C:\Program Files\Windows Defender
    2008-09-27 22:13:44 ----D---- C:\Windows\servicing
    2008-09-27 22:13:08 ----D---- C:\Windows\MSAgent
    2008-09-27 22:13:06 ----D---- C:\Windows\DigitalLocker
    2008-09-27 22:13:05 ----D---- C:\Windows\L2Schemas
    2008-09-27 22:13:05 ----D---- C:\Windows\IME
    2008-09-27 22:13:03 ----D---- C:\Windows\system32\com
    2008-09-27 22:13:02 ----D---- C:\Windows\system32\XPSViewer
    2008-09-27 22:13:02 ----D---- C:\Windows\system32\ko-KR
    2008-09-27 22:13:02 ----D---- C:\Windows\system32\da-DK
    2008-09-27 22:12:57 ----D---- C:\Windows\system32\oobe
    2008-09-27 22:12:57 ----D---- C:\Windows\system32\it-IT
    2008-09-27 22:12:57 ----D---- C:\Windows\system32\el-GR
    2008-09-27 22:12:57 ----D---- C:\Windows\system32\de-DE
    2008-09-27 22:12:55 ----D---- C:\Windows\system32\sysprep
    2008-09-27 22:12:41 ----D---- C:\Windows\system32\AdvancedInstallers
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\sv-SE
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\setup
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\ru-RU
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\ias
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\he-IL
    2008-09-27 22:12:40 ----D---- C:\Windows\system32\fr-FR
    2008-09-27 22:12:39 ----D---- C:\Windows\system32\SLUI
    2008-09-27 22:12:39 ----D---- C:\Windows\system32\pt-PT
    2008-09-27 22:12:39 ----D---- C:\Windows\system32\hu-HU
    2008-09-27 22:12:39 ----D---- C:\Windows\system32\fi-FI
    2008-09-27 22:12:39 ----D---- C:\Windows\system32\cs-CZ
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\zh-TW
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\zh-CN
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\pl-PL
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\manifeststore
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\ja-JP
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\es-ES
    2008-09-27 22:12:37 ----D---- C:\Windows\system32\en
    2008-09-27 22:12:36 ----D---- C:\Windows\system32\ro-RO
    2008-09-27 22:12:26 ----D---- C:\Windows\system32\tr-TR
    2008-09-27 22:12:25 ----D---- C:\Windows\system32\wbem
    2008-09-27 22:12:18 ----D---- C:\Windows\system32\nl-NL
    2008-09-27 22:12:18 ----D---- C:\Windows\system32\nb-NO
    2008-09-27 22:12:18 ----D---- C:\Windows\system32\ar-SA
    2008-09-27 22:12:11 ----D---- C:\Windows\system32\migwiz
    2008-09-27 22:12:07 ----D---- C:\Windows\system32\pt-BR
    2008-09-27 22:07:35 ----D---- C:\Windows\Boot
    2008-09-27 22:07:28 ----D---- C:\Windows\system32\Boot
    2008-09-27 21:47:33 ----A---- C:\Windows\system32\ifxcardm.dll
    2008-09-27 21:47:14 ----A---- C:\Windows\system32\axaltocm.dll
    2008-09-26 16:06:33 ----D---- C:\Windows\system32\Tasks
    2008-09-26 16:02:05 ----D---- C:\Program Files\Common Files\Apple
    2008-09-11 02:01:55 ----D---- C:\Program Files\Microsoft Works
    2008-08-27 12:57:09 ----D---- C:\Users\Cheryl\AppData\Roaming\Mozilla
    2008-08-21 21:25:11 ----D---- C:\Windows\WindowsMobile
    2008-08-21 21:25:10 ----D---- C:\Program Files\Adobe
    2008-08-11 18:47:00 ----D---- C:\Windows\Tasks

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-10-29 135560]
    R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-11-11 12672]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-20 32256]
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-11 8192]
    R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2007-03-12 45568]
    R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-08-12 108864]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-29 103944]
    R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-08-12 228672]
    R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2008-02-26 8448]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
    R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-11 986624]
    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-11 206848]
    R3 NWADI;NWADI Bus Enumerator; C:\Windows\system32\DRIVERS\NWADIenum.sys [2006-11-03 158720]
    R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-10-17 2085888]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-02-08 647680]
    R3 tbhsd;Tunebite High-Speed Dubbing; C:\Windows\system32\drivers\tbhsd.sys [2007-12-11 26784]
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-11 659968]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
    S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-07-20 25288]
    S2 BCMWLNPF;Broadcom Netgroup Packet Filter; C:\Windows\system32\drivers\bcmwlnpf.sys []
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
    S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
    S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-03 18560]
    S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
    S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-18 31616]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
    S4 rimsptsk;rimsptsk; C:\Windows\system32\drivers\rimsptsk.sys [2006-11-20 43520]
    S4 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\drivers\rixdptsk.sys [2006-11-20 37376]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-10-17 557056]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-29 393216]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-10-29 1527808]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-21 24064]
    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-11 386560]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
    R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
    R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-18 21504]
    S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
    S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
     
    shortnsweet3781,
    #5
  7. 2008/10/30
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    the info log

    info.txt logfile of random's system information tool 1.04 2008-10-30 09:38:37

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Reader for Pocket PC 2.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{291A772C-FFB9-4681-B720-AB2A0A620896}
    ALUpdate--> "C:\Program Files\ESTsoft\ALUpdate\unins000.exe "
    ALZip--> "C:\Program Files\ESTsoft\ALZip\unins000.exe "
    Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ATI Catalyst Control Center Ex-->MsiExec.exe /I{15CC668C-F37C-CE24-9047-40EC8034E29D}
    ATI PCI Express (3GIO) Filter Driver-->C:\Program Files\InstallShield Installation Information\{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}\setup.exe -runfromtemp -l0x0009 -removeonly
    BitDefender Total Security 2009-->MsiExec.exe /X{E892011A-4DA1-415E-9AAD-5956ED628822}
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
    CloneDVD2--> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D= "C:\Program Files\Elaborate Bytes\CloneDVD2 "
    Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf
    Dell Mobile Broadband Card Utility-->MsiExec.exe /X{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}
    Dell Wireless WLAN Card--> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey= "Software\Broadcom\802.11\UninstallInfo" /rootdir= "C:\Program Files\Dell\Dell Wireless WLAN Card "
    Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
    DVD Decrypter (Remove Only)--> "C:\Program Files\DVD Decrypter\uninstall.exe "
    HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
    HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
    HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
    HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
    ImgBurn--> "C:\Program Files\ImgBurn\uninstall.exe "
    iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
    J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    K-Lite Mega Codec Pack 3.9.5--> "C:\Program Files\K-Lite Codec Pack\unins000.exe "
    LG GSM PC Components-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB8251EE-C86B-410D-83B2-1E28E9DE2C2B}\setup.exe" -l0x9
    LG USB Modem Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x9 -removeonly
    Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
    Mavis Beacon Teaches Typing 12 Standard-->C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\uninstall.exe
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
    mkv2vob-->MsiExec.exe /X{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}
    Modem Diagnostic Tool-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    Nero 7 Ultra Edition-->MsiExec.exe /X{A20A58C4-6784-4B4B-86CC-94E2E3671033}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PixiePack Codec Pack-->MsiExec.exe /I{621FCD24-4498-4324-A81E-07D331376EDF}
    PS3 Media Center X 0.92-->C:\Program Files\Red Kawa\Media Center\uninst.exe
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
    Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
    Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
    SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
    Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
    TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    Tunebite-->MsiExec.exe /I{9F1C033E-ADF0-43D8-A5DD-D66041E76E8F}
    User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows Live OneCare safety scanner--> "C:\Program Files\Windows Live Safety Center\UnInstall.exe "
    Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
    Windows Mobile Device Center-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: BitDefender Antivirus
    FW: BitDefender Firewall
    AS: BitDefender Antispyware
    AS: Windows Defender

    ======Environment variables======

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK "=NO
    "OS "=Windows_NT
    "Path "=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\ESTsoft\ALZip;C:\Program Files\QuickTime\QTSystem
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE "=x86
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "USERNAME "=SYSTEM
    "windir "=%SystemRoot%
    "PROCESSOR_LEVEL "=15
    "PROCESSOR_IDENTIFIER "=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
    "PROCESSOR_REVISION "=6801
    "NUMBER_OF_PROCESSORS "=2
    "RoxioCentral "=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
    "CLASSPATH "=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
    "QTJAVA "=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

    -----------------EOF-----------------
     
    shortnsweet3781,
    #6
  8. 2008/10/31
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Welcome to WindowsBBS shortnsweet3781 :)

    I see that you have also run MBAM and ComboFix. Please post the logs from both tools.
     
    noahdfear,
    #7
  9. 2008/10/31
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    combofix log

    ComboFix 08-10-29.07 - Cheryl 2008-10-31 12:24:49.3 - NTFSx86
    Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.951 [GMT 0:00]
    Running from: C:\Users\Cheryl\Downloads\ComboFix.exe
    * Resident AV is active

    .

    ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-31 )))))))))))))))))))))))))))))))
    .

    2008-10-30 09:37 . 2008-10-30 09:38 <DIR> d-------- C:\rsit
    2008-10-30 09:37 . 2008-10-30 09:38 <DIR> d-------- C:\Program Files\trend micro
    2008-10-29 19:59 . 2008-10-29 19:59 <DIR> d-------- C:\Windows\Sun
    2008-10-29 18:29 . 2008-10-29 18:29 <DIR> d-------- C:\Users\Cheryl\AppData\Roaming\Malwarebytes
    2008-10-29 18:29 . 2008-10-29 18:29 <DIR> d-------- C:\Users\All Users\Malwarebytes
    2008-10-29 18:29 . 2008-10-29 18:29 <DIR> d-------- C:\ProgramData\Malwarebytes
    2008-10-29 18:29 . 2008-10-31 12:22 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-29 18:29 . 2008-10-22 16:10 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
    2008-10-29 18:29 . 2008-10-22 16:10 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-10-29 14:20 . 2008-10-29 14:21 <DIR> d-------- C:\Users\All Users\Lavasoft
    2008-10-29 14:20 . 2008-10-29 14:21 <DIR> d-------- C:\ProgramData\Lavasoft
    2008-10-29 14:20 . 2008-10-29 14:20 <DIR> d-------- C:\Program Files\Lavasoft
    2008-10-29 07:06 . 2008-10-29 07:06 850 --a------ C:\Windows\System32\ProductTweaks.xml
    2008-10-29 07:05 . 2008-10-29 07:05 385 --a------ C:\Windows\System32\user_gensett.xml
    2008-10-29 07:01 . 2008-10-29 07:01 <DIR> d-------- C:\Windows\System32\logs
    2008-10-29 07:00 . 2008-10-29 07:00 <DIR> d-------- C:\Users\Cheryl\AppData\Roaming\BitDefender
    2008-10-29 07:00 . 2008-10-29 07:04 <DIR> d-------- C:\Users\All Users\BitDefender
    2008-10-29 07:00 . 2008-10-29 07:04 <DIR> d-------- C:\ProgramData\BitDefender
    2008-10-29 07:00 . 2008-10-29 07:00 <DIR> d-------- C:\Program Files\BitDefender
    2008-10-29 07:00 . 2008-10-29 07:00 <DIR> d-------- C:\Binaries
    2008-10-29 06:58 . 2008-10-29 06:58 <DIR> d-------- C:\Windows\System32\URTTEMP
    2008-10-29 06:52 . 2008-10-29 07:00 <DIR> d-------- C:\Program Files\Common Files\BitDefender
    2008-10-28 21:58 . 2008-06-19 17:24 28,544 --a------ C:\Windows\System32\drivers\pavboot.sys
    2008-10-28 21:54 . 2008-10-28 21:54 <DIR> d-------- C:\Program Files\Panda Security
    2008-10-27 17:42 . 2008-10-27 19:01 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
    2008-10-27 17:42 . 2008-10-27 19:01 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
    2008-10-27 17:42 . 2008-10-27 17:49 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-10-27 16:50 . 2008-10-27 16:50 <DIR> dr------- C:\Users\Cheryl\Searches
    2008-10-22 23:29 . 2008-08-05 09:49 428,544 --a------ C:\Windows\System32\EncDec.dll
    2008-10-22 23:29 . 2008-08-05 09:49 293,376 --a------ C:\Windows\System32\psisdecd.dll
    2008-10-22 23:29 . 2008-08-05 09:48 217,088 --a------ C:\Windows\System32\psisrndr.ax
    2008-10-22 23:29 . 2008-08-05 09:48 177,664 --a------ C:\Windows\System32\mpg2splt.ax
    2008-10-22 23:29 . 2008-08-05 09:48 80,896 --a------ C:\Windows\System32\MSNP.ax
    2008-10-18 08:39 . 2008-10-18 08:39 <DIR> d-------- C:\Program Files\mkv2vob
    2008-10-18 08:39 . 2008-10-29 14:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-17 22:16 . 2008-10-17 22:16 49 --a------ C:\Windows\NeroDigital.ini
    2008-10-17 20:55 . 2008-10-17 20:58 <DIR> d-------- C:\Users\Cheryl\stephen documents
    2008-10-17 18:44 . 2008-10-17 18:44 <DIR> d-------- C:\Program Files\Pegasus Media Software
    2008-10-17 17:21 . 2008-10-17 17:21 <DIR> d-------- C:\Program Files\Red Kawa
    2008-10-17 17:14 . 2008-10-17 17:15 <DIR> d-------- C:\Program Files\Windows Live Safety Center
    2008-10-15 02:53 . 2008-09-18 05:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
    2008-10-15 02:53 . 2008-09-18 05:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
    2008-10-15 02:53 . 2008-09-18 02:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
    2008-10-15 02:53 . 2008-10-02 01:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-10-15 02:53 . 2008-10-02 03:49 827,392 --a------ C:\Windows\System32\wininet.dll
    2008-10-15 02:53 . 2008-08-27 01:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
    2008-10-05 20:05 . 2008-10-05 20:05 <DIR> d-------- C:\Users\Marg & John\AppData\Roaming\Template
    2008-10-05 20:05 . 2008-10-06 12:36 244 --a------ C:\Users\Marg & John\AppData\Roaming\wklnhst.dat
    2008-10-01 17:41 . 2008-10-01 17:41 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2008-09-28 00:48 . 2008-04-26 08:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
    2008-09-27 22:07 . 2008-09-27 22:07 <DIR> d-------- C:\PerfLogs
    2008-09-27 21:37 . 2008-09-27 21:11 152,576 --a------ C:\Windows\System32\SPWizUI.dll
    2008-09-27 21:37 . 2008-09-27 21:11 47,560 --a------ C:\Windows\System32\SPReview.exe
    2008-09-27 21:23 . 2008-01-18 22:33 193,024 --a------ C:\Windows\System32\recdisc.exe
    2008-09-27 21:23 . 2008-01-18 22:36 6,656 --a------ C:\Windows\System32\sdspres.dll
    2008-09-27 21:22 . 2008-01-18 22:33 599,552 --a------ C:\Windows\System32\vsp1cln.exe
    2008-09-27 21:22 . 2008-01-18 22:36 28,160 --a------ C:\Windows\System32\sxproxy.dll
    2008-09-27 21:21 . 2008-01-18 22:36 142,336 --a------ C:\Windows\System32\spp.dll
    2008-09-27 21:19 . 2008-01-18 22:38 4,595,712 --a------ C:\Windows\System32\AuthFWSnapin.dll
    2008-09-27 21:18 . 2008-01-18 22:33 3,216,896 --a------ C:\Windows\System32\WinSAT.exe
    2008-09-27 21:12 . 2008-01-18 22:33 44,032 --a------ C:\Windows\System32\cbsra.exe
    2008-09-27 21:11 . 2008-09-27 21:11 <DIR> d-------- C:\ccf93dd45aaa802f155ad1397c
    2008-09-27 21:11 . 2008-09-27 21:39 196,608 --a------ C:\Windows\SPInstall.etl
    2008-09-26 16:06 . 2008-09-26 16:06 <DIR> d-------- C:\Program Files\Apple Software Update
    2008-09-26 16:05 . 2008-09-26 16:05 <DIR> d----c--- C:\Windows\System32\DRVSTORE
    2008-09-26 16:05 . 2008-04-17 12:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
    2008-09-26 16:05 . 2008-04-17 12:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
    2008-09-26 16:04 . 2008-09-26 16:05 <DIR> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-26 16:04 . 2008-09-26 16:05 <DIR> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-26 16:04 . 2008-09-26 16:05 <DIR> d-------- C:\Program Files\iTunes
    2008-09-26 16:04 . 2008-09-26 16:04 <DIR> d-------- C:\Program Files\iPod
    2008-09-26 16:01 . 2008-09-26 16:02 <DIR> d-------- C:\Program Files\QuickTime
    2008-09-26 15:54 . 2008-09-26 15:54 <DIR> d-------- C:\Program Files\Bonjour
    2008-09-10 06:30 . 2008-07-31 01:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-09-10 06:30 . 2008-06-26 03:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
    2008-09-10 06:30 . 2008-07-31 03:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
    2008-09-06 14:09 . 2008-09-06 14:09 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
    2008-09-06 14:09 . 2008-09-06 14:09 57,344 --a------ C:\Windows\System32\QuickTime.qts

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 12:23 --------- d-----w C:\Users\Cheryl\AppData\Roaming\Tunebite
    2008-10-29 08:35 103,944 ----a-w C:\Windows\system32\drivers\bdfndisf.sys
    2008-10-29 06:57 --------- d-----w C:\ProgramData\avg8
    2008-10-20 18:54 11,048 ----a-w C:\Users\Cheryl\AppData\Roaming\wklnhst.dat
    2008-10-18 08:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-17 17:21 --------- d-----w C:\Program Files\Java
    2008-10-17 16:22 --------- d-----w C:\Users\Cheryl\AppData\Roaming\Roxio
    2008-10-17 16:17 --------- d-----w C:\ProgramData\Roxio
    2008-10-16 02:14 --------- d-----w C:\Program Files\Windows Mail
    2008-10-12 21:01 --------- d-----w C:\Users\Cheryl\AppData\Roaming\uTorrent
    2008-09-27 22:26 174 --sha-w C:\Program Files\desktop.ini
    2008-09-27 22:14 --------- d-----w C:\Program Files\Windows Sidebar
    2008-09-27 22:14 --------- d-----w C:\Program Files\Windows Photo Gallery
    2008-09-27 22:14 --------- d-----w C:\Program Files\Windows Journal
    2008-09-27 22:14 --------- d-----w C:\Program Files\Windows Collaboration
    2008-09-27 22:14 --------- d-----w C:\Program Files\Windows Calendar
    2008-09-27 22:13 --------- d-----w C:\Program Files\Windows Defender
    2008-09-27 21:47 82,432 ----a-w C:\Windows\System32\axaltocm.dll
    2008-09-27 21:47 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
    2008-09-26 16:02 --------- d-----w C:\Program Files\Common Files\Apple
    2008-09-11 02:01 --------- d-----w C:\Program Files\Microsoft Works
    2008-08-29 09:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
    2008-08-29 08:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
    2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
    2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-07-19 05:10 53,448 ----a-w C:\Windows\System32\wuauclt.exe
    2008-07-19 05:10 45,768 ----a-w C:\Windows\System32\wups2.dll
    2008-07-19 05:10 36,552 ----a-w C:\Windows\System32\wups.dll
    2008-07-19 05:09 563,912 ----a-w C:\Windows\System32\wuapi.dll
    2008-07-19 05:09 1,811,656 ----a-w C:\Windows\System32\wuaueng.dll
    2008-07-19 03:44 83,456 ----a-w C:\Windows\System32\wudriver.dll
    2008-07-19 03:44 1,524,736 ----a-w C:\Windows\System32\wucltux.dll
    2008-07-18 21:08 163,904 ----a-w C:\Windows\System32\wuwebv.dll
    2008-07-18 19:44 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-03-27 13:44 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    2008-03-27 13:44 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    2008-03-27 13:44 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-29_19.13.19.63 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-10-29 14:09:05 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-10-30 03:22:34 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-10-29 14:09:05 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2008-10-30 03:22:34 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-10-29 14:10:46 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-10-30 03:37:19 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    - 2008-10-29 15:44:24 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-10-30 15:31:07 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-10-29 15:44:24 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-10-30 15:31:07 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-10-29 15:44:24 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-10-30 15:31:07 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-10-29 14:10:41 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-10-30 09:21:27 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-10-30 09:21:27 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-10-29 11:24:26 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-10-30 03:23:01 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-10-29 11:24:26 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-10-30 03:23:01 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-10-29 11:24:26 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-10-30 03:23:01 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-10-29 14:57:15 109,878 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-10-30 03:28:31 109,878 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-10-29 14:57:15 609,146 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-10-30 03:28:31 609,146 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-10-29 14:11:31 8,998 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3259924969-2019564871-2065369873-1000_UserData.bin
    + 2008-10-29 21:50:56 8,998 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3259924969-2019564871-2065369873-1000_UserData.bin
    - 2008-10-29 14:11:30 64,696 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-10-29 21:50:53 64,852 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-10-29 14:11:20 42,422 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-10-29 21:50:47 43,368 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr "= "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "Tunebite "= "C:\Program Files\RapidSolution\Tunebite\Tunebite.exe" [2008-01-18 4953392]
    "TomTomHOME.exe "= "C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
    "ehTray.exe "= "C:\Windows\ehome\ehTray.exe" [2008-01-18 125952]
    "WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
    "SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
    "AdobeUpdater "= "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
    "WindowsWelcomeCenter "= "oobefldr.dll" [2008-01-18 C:\Windows\System32\oobefldr.dll]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Mobile Device Center "= "C:\Windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
    "SunJavaUpdateSched "= "c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-12-03 77824]
    "ATICCC "= "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
    "ISUSScheduler "= "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
    "RoxWatchTray "= "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
    "dscactivate "= "c:\dell\dsca.exe" [2007-07-30 16384]
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "Broadcom Wireless Manager UI "= "C:\Windows\system32\WLTRAY.exe" [2007-03-21 1548288]
    "NeroFilterCheck "= "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
    "HP Software Update "= "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
    "BDAgent "= "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [2008-10-29 716800]
    "BitDefender Antiphishing Helper "= "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [2008-08-10 69632]
    "Malwarebytes Anti-Malware (reboot) "= "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200]
    "SigmatelSysTrayApp "= "sttray.exe" [2007-02-08 C:\Windows\sttray.exe]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-12-03 50688]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
    MiniMavis.lnk - C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe [2008-07-15 2392064]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle "= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "LogonHoursAction "= 2 (0x2)
    "DontDisplayLogonHoursWarnings "= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring "=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall "= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "TCP Query User{6324C604-B80C-4D38-BB0C-D2B364AA0E3B}C:\\program files\\utorrent\\utorrent.exe "= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
    "UDP Query User{688EF699-4463-405A-B167-04A0E9F6C61C}C:\\program files\\utorrent\\utorrent.exe "= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
    "{8AE874B4-4646-4AB7-AFA5-FE54C7FC0FD3} "= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{75919A43-7761-4941-899D-62F71599B266}C:\\program files\\mozilla firefox\\firefox.exe "= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{967C2B42-C50B-423D-897D-D06F578A855B}C:\\program files\\mozilla firefox\\firefox.exe "= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "{5C9FFA63-552D-4C32-9CE0-F8354B9D724A} "= UDP:C:\Program Files\RapidSolution\Tunebite\TunebiteHelper.exe:TunebiteHelper
    "{884F71B9-F7FC-442C-A48B-6A8183E2F22E} "= TCP:C:\Program Files\RapidSolution\Tunebite\TunebiteHelper.exe:TunebiteHelper
    "{16CED140-E983-430C-9ED0-500398E8F49A} "= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{59E49D9F-ACF1-465A-BC6F-7398D42EF206} "= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "TCP Query User{0EDAF769-872D-43F8-9702-4F3B644EC5C5}C:\\program files\\utorrent\\utorrent.exe "= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
    "UDP Query User{9C2D3826-C4D0-42CA-A4DA-23AF39A6271B}C:\\program files\\utorrent\\utorrent.exe "= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
    "{C3CB234E-13F8-4399-A1B9-7FA6AA94471C} "= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{73EF76A3-D739-41BB-9A7E-DC5D69EE0DDC} "= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{7C5D8E15-260D-4E0F-BF87-426514B44921} "= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{BF9F81B4-D78A-413E-9AD7-CB6400D48D06} "= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{8146E458-DE65-4E44-A4E7-A53BCF04FFFA} "= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{3714091B-3638-48B7-B7B5-1719C21BE6C1} "= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{CBCD44EB-A703-4530-BE23-94356550C4ED} "= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "TCP Query User{B3DAF9BA-88A8-4E99-B54B-E2007103CE1F}C:\\program files\\java\\jre1.6.0\\bin\\javaw.exe "= UDP:C:\program files\java\jre1.6.0\bin\javaw.exe:Java(TM) Platform SE binary
    "UDP Query User{DF4FAFF3-81A8-4BF2-A091-0926F2085DFE}C:\\program files\\java\\jre1.6.0\\bin\\javaw.exe "= TCP:C:\program files\java\jre1.6.0\bin\javaw.exe:Java(TM) Platform SE binary

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall "= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall "= 0 (0x0)

    R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
    R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot.sys [2008-06-19 28544]
    R2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
    R3 bdfm;BDFM;C:\Windows\system32\drivers\bdfm.sys [2008-08-12 108864]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-29 103944]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
    R3 NWADI;NWADI Bus Enumerator;C:\Windows\system32\DRIVERS\NWADIenum.sys [2006-11-03 158720]
    S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PCASp50.sys [2006-11-03 18560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    bdx REG_MULTI_SZ scan

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b5ed299-4e25-11dd-aa60-001d09aad19c}]
    \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com e:
    \shell\Open\command - resycled\boot.com e:

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c43cbfee-daad-11dc-9200-001d09aad19c}]
    \shell\AutoRun\command - G:\InstallTomTomHOME.exe

    *Newly Created Service* - MBAMSWISSARMY

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
    C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
    .
    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Users\Cheryl\AppData\Roaming\Mozilla\Firefox\Profiles\v1farv99.default\
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava11.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava12.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava13.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava14.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava32.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npoji610.dll
    FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-31 12:35:30
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...


    **************************************************************************
    .
    Completion time: 2008-10-31 12:40:50
    ComboFix-quarantined-files.txt 2008-10-31 12:39:37
    ComboFix2.txt 2008-10-29 22:43:51
    ComboFix3.txt 2008-10-29 19:16:09

    Pre-Run: 80,863,559,680 bytes free
    Post-Run: 80,868,012,032 bytes free

    289 --- E O F --- 2008-10-31 03:00:36
     
    shortnsweet3781,
    #8
  10. 2008/10/31
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    mbam log

    Malwarebytes' Anti-Malware 1.30
    Database version: 1337
    Windows 6.0.6001 Service Pack 1

    30/10/2008 03:20:37
    mbam-log-2008-10-30 (03-20-37).txt

    Scan type: Full Scan (C:\|D:\|)
    Objects scanned: 145089
    Time elapsed: 2 hour(s), 58 minute(s), 15 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 6
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3b1200de-46ce-491f-bee0-0eedec14efec}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3b1200de-46ce-491f-bee0-0eedec14efec}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{3b1200de-46ce-491f-bee0-0eedec14efec}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.116 85.255.112.183 -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
    shortnsweet3781,
    #9
  11. 2008/11/02
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    In the C:\Qoobox folder there are 2 more logs I'd like for you to post please.

    ComboFix2.txt
    ComboFix3.txt
     
    noahdfear,
    #10
  12. 2008/11/03
    shortnsweet3781

    shortnsweet3781 Inactive Thread Starter

    Joined:
    2008/10/30
    Messages:
    9
    Likes Received:
    0
    It seems to have been resolved now, we reset our router and changed the settings as some of them had been changed and it now seems fine. Thanks anyway.
     
    shortnsweet3781,
    #11
  13. 2008/11/05
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Glad to hear it's all sorted now. Thanks for posting back with your fix! :)
     
    noahdfear,
    #12

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...