Inactive [InActive] bolivar27.exe ..I think it's a virus, I cant seem to remove it.

Aslan9 · 2008/11/24

I have the ZoneAlarm free firewall and as of late a program called 'bolivar27.exe' keeps asking for permission to access the internet. I was suspicious straight away so I clicked deny. It kept asking every so often, so I clicked deny AND 'remember this setting'. I then proceeded to do a spyware check with Ad-Aware and it came back with some tracking cookies. It has a feature that asks me to submit my findings to the Ad-Aware website so I clicked agree. It showed it was sending information about a 'bolivar27.exe'. SO naturally I thought it was sorted. I removed everything else and carried on as usual. But I turned on the computer today and there it was, asking for access to the internet again. I was slightly frustrated so i did a manual search of the computer for said file. It returned two results:

bolivar27 C:\WINDOWS
BOLIVAR27.EXE-299EDBFF.pf C:\WINDOWS\Prefetch

Now Im not a hugely experienced computer user, but the top result seemed like the one that needed to be deleted. I scanned both of them first with Avast first, but it returned nothing. I tried to delete the top one, but it said that access was denied etc. So I made the file un-hidden and tried again, to no success. No matter what I do I cant delete it. So now I need a bit of help to try and get rid of it, or just to let me know if Im even doing the right thing. Anyone got any suggestions? Thanks

Admin. · 2008/11/24

Hi,

Read this post as indicated at the top of this forum.

Aslan9 · 2008/11/24

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Administrator at 2008-11-24 22:05:37
Microsoft Windows XP Professional Service Pack 3
System drive C: has 146 GB (80%) free of 182 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:05:53 p.m., on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\tinyproxy\tinyproxy.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\windows\bolivar27.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\WYI0R4WW\RSIT[1].exe
C:\Program Files\trend micro\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_NZ&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_NZ&c=64&bd=PAVILION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://signupcd.ihug.co.nz/acnts/signup.pl?version=8&base=5:1&pop=Anywhere+in+New+Zealand
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = ihug Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9090
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe "
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [sysftray2] c:\windows\bolivar27.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COM+ Event System (EventSystem) - Unknown owner - C:\Program Files\tinyproxy\tinyproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 12046 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-20 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-16 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-20 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray "=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ftutil2 "=C:\WINDOWS\system32\ftutil2.dll [2004-06-07 106496]
"IMJPMIG8.1 "=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002 "=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync "=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A "=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2006-06-14 16239616]
"AlwaysReady Power Message APP "=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"nwiz "=nwiz.exe /install []
"DMAScheduler "=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-23 237568]
"PCDrProfiler "= []
"HPBootOp "=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-16 249856]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-20 78008]
"TkBellExe "=C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []
"NeroFilterCheck "=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"PC Suite for Smartphones "=C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-05-28 528384]
"M1000Mnt "=M1000Rmv.exe /StartStillMnt []
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-14 136600]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"sysftray2 "=c:\windows\bolivar27.exe [2008-11-24 27648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-05 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"mRouterConfig "=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe "= "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP "
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe "= "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner "
"C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\tinyproxy\tinyproxy.exe "= "C:\Program Files\tinyproxy\tinyproxy.exe:*:Enabled:tinyproxy "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe "= "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f507bd19-4000-11dc-bb41-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

======List of files/folders created in the last 3 months======

2008-11-24 22:05:10 ----D---- C:\Program Files\trend micro
2008-11-24 22:05:09 ----D---- C:\rsit
2008-11-24 17:59:37 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2008-11-23 23:07:47 ----D---- C:\Program Files\tinyproxy
2008-11-23 23:07:43 ----H---- C:\WINDOWS\che6.exe
2008-11-23 23:07:03 ----AH---- C:\WINDOWS\bolivar27.exe
2008-11-15 13:15:53 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-14 21:45:47 ----AH---- C:\WINDOWS\system32\RBK5C04.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BFF.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BFC.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BF7.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BF4.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BEF.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BEC.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BE7.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BE4.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BDF.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BDC.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BD7.tmp.LOG
2008-11-14 21:45:41 ----A---- C:\WINDOWS\system32\RBK5BD7.tmp
2008-11-14 21:27:19 ----D---- C:\WINDOWS\Prefetch
2008-11-14 20:30:50 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Systweak
2008-11-14 20:29:48 ----D---- C:\Program Files\Advanced System Optimizer
2008-11-14 20:18:41 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-14 19:51:54 ----D---- C:\WINDOWS\system32\scripting
2008-11-14 19:51:53 ----D---- C:\WINDOWS\l2schemas
2008-11-14 19:51:52 ----D---- C:\WINDOWS\system32\en
2008-11-14 19:51:52 ----D---- C:\WINDOWS\system32\bits
2008-11-14 19:44:16 ----A---- C:\WINDOWS\system32\sprecovr.exe
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\bthci.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\verclsid.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-11-14 19:40:48 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-11-14 19:40:48 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-11-14 19:40:38 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-11-14 19:40:37 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-11-14 19:40:36 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\secedit.exe
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\mssap.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\twext.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\encapi.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\p2p.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\cipher.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\gptext.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\getmac.exe
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\fde.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqise.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqad.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\logman.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-11-14 19:40:20 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-11-14 19:39:51 ----A---- C:\WINDOWS\winhlp32.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\twain_32.dll
2008-11-14 19:39:51 ----A---- C:\WINDOWS\regedit.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\hh.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\explorer.exe
2008-11-14 19:39:50 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\alg.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\ahui.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\activeds.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\aclui.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\authz.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\attrib.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atl.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\at.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\amstream.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\camocx.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\cabview.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browseui.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browser.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browselc.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cic.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\certcli.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\compatui.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\credui.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\corpol.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\conime.exe
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comres.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\compstui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\csrss.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscript.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\defrag.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\datime.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\danim.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\devenum.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmime.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmband.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dispex.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dinput.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\digest.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diantz.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dswave.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dssec.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsound.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\drprov.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\els.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\duser.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\findstr.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\feclient.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\exts.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\esent.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\es.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsres.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsperf.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsmon.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsext32.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsevent.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsdrv.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscover.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscomex.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscom.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsclnt.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsapi.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontview.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontext.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\glu32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsxp32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxswzrd.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsui.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxstiff.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxst30.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxssvc.exe
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsst.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icmp.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icm32.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\htui.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hlink.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hid.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\help.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imm32.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imapi.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\idq.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\input.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\initpki.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\jgpl400.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\jgdw400.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\itss.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\itircl.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\licdll.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\jscript.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\makecab.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\magnify.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lsass.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lpk.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\logonui.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\localui.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\localsec.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mmc.exe
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mlang.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\midimap.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc42u.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mpr.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\moricons.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\more.com
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\modemui.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mobsync.dll

Aslan9 · 2008/11/24

2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msdart.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msctf.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscms.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msafd.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msgina.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msidle.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msident.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msi.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjter40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msisip.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimsg.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msutb.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxml.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswstr10.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswdat10.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\net1.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\net.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\narrator.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\newdev.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netui1.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netui0.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netstat.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netshell.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netsh.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netrap.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netman.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netid.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netdde.exe
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\npptools.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\notepad.exe
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\notepad.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\objsel.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\oakley.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\packager.exe
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\osk.exe
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\ole32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\psbase.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\psapi.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\proquota.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\progman.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\profmap.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\polstore.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\ping.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pid.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfos.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pdh.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\raschap.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\query.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\quartz.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qedit.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qdv.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qcap.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regapi.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\reg.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcp.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rastls.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsh.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\riched20.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rexec.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\resutils.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scecli.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\runonce.exe
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sfc.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\setup.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sethc.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sens.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\security.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\secur32.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shgina.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shell32.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\skeys.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\sort.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stobject.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stimon.exe
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\sti.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\syncui.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\synceng.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\sxs.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\svchost.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\txflog.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tree.com
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tracert.exe
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\themeui.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\telnet.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\utilman.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usp10.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\userenv.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\user32.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\ups.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnp.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\uniime.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\w32time.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\version.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\verifier.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wextract.exe
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\webvw.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winver.exe
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winsta.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winscard.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winmm.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wow32.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmi.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wship6.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshext.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wscript.exe
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\ftp.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\format.com
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\cmd.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\cacls.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\autochk.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\locator.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\localspl.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\samlib.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasman.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\printui.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\smss.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\services.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\schannel.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\savedump.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\userinit.exe
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\untfs.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\ulib.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\hal.dll
2008-11-14 19:21:19 ----D---- C:\WINDOWS\ie7updates
2008-11-14 19:19:16 ----HDC---- C:\WINDOWS\ie7
2008-11-14 19:15:46 ----D---- C:\WINDOWS\network diagnostic
2008-11-14 19:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-14 19:15:30 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-14 19:10:53 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-14 18:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-14 18:24:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\java.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-14 17:46:27 ----D---- C:\WINDOWS\system32\Adobe
2008-11-14 14:14:06 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-11-14 13:49:23 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-11-14 00:42:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-14 00:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-14 00:42:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-14 00:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-14 00:41:57 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2008-11-14 00:41:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2008-11-14 00:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-14 00:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-14 00:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-14 00:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-14 00:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-14 00:40:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-14 00:40:53 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-11-14 00:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2008-11-14 00:39:00 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-14 00:38:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-14 00:38:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-14 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-14 00:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-14 00:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-11-14 00:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-14 00:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2008-11-14 00:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2008-11-14 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2008-11-14 00:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-14 00:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-14 00:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-14 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-14 00:35:39 ----D---- C:\Program Files\MSXML 4.0
2008-11-14 00:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-11-14 00:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-11-14 00:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-14 00:13:13 ----D---- C:\Program Files\Shareaza
2008-11-14 00:13:13 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Shareaza
2008-11-13 21:09:17 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\IMVUClient
2008-11-13 20:40:29 ----D---- C:\Program Files\Microsoft Silverlight
2008-11-13 20:18:36 ----N---- C:\WINDOWS\kb913800.exe
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\muweb.dll
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-07 07:56:46 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll

======List of files/folders modified in the last 3 months======

2008-11-24 22:05:10 ----RD---- C:\Program Files
2008-11-24 21:14:52 ----D---- C:\WINDOWS\Temp
2008-11-24 21:13:17 ----D---- C:\WINDOWS\Registration
2008-11-24 21:13:08 ----AD---- C:\WINDOWS
2008-11-24 21:11:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-24 12:22:18 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2008-11-24 10:09:30 ----D---- C:\WINDOWS\Internet Logs
2008-11-23 23:24:46 ----D---- C:\Program Files\PolderbitS
2008-11-23 23:23:51 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-23 13:18:24 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-22 10:20:57 ----SHD---- C:\WINDOWS\Installer
2008-11-22 10:20:57 ----HD---- C:\Config.Msi
2008-11-22 10:18:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-22 10:17:11 ----D---- C:\WINDOWS\system32
2008-11-21 17:46:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-17 00:15:06 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-17 00:07:32 ----D---- C:\WINDOWS\nview
2008-11-16 23:29:18 ----D---- C:\WINDOWS\nvidia icons
2008-11-16 23:28:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-16 23:28:54 ----D---- C:\WINDOWS\Help
2008-11-16 23:28:19 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-16 23:28:10 ----D---- C:\WINDOWS\system32\drivers
2008-11-16 22:46:11 ----D---- C:\Program Files\LimeWire
2008-11-15 13:19:45 ----D---- C:\WINDOWS\security
2008-11-15 12:42:02 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-11-15 12:29:38 ----HD---- C:\WINDOWS\inf
2008-11-14 21:48:28 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BFF.bak
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BF7.bak
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BEF.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BEC.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BE7.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BE4.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BDF.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BDC.bak
2008-11-14 21:46:01 ----AH---- C:\WINDOWS\system32\RBK5C04.bak
2008-11-14 21:45:46 ----D---- C:\WINDOWS\system32\config
2008-11-14 21:40:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-14 21:26:17 ----D---- C:\WINDOWS\system32\wbem
2008-11-14 21:26:17 ----D---- C:\WINDOWS\AppPatch
2008-11-14 21:26:11 ----RSD---- C:\WINDOWS\Fonts
2008-11-14 21:21:07 ----D---- C:\WINDOWS\WinSxS
2008-11-14 21:20:41 ----D---- C:\Program Files\Messenger
2008-11-14 21:20:35 ----D---- C:\WINDOWS\system32\usmt
2008-11-14 21:20:33 ----D---- C:\WINDOWS\system32\Setup
2008-11-14 21:20:31 ----D---- C:\WINDOWS\system32\Restore
2008-11-14 21:20:31 ----D---- C:\WINDOWS\system32\oobe
2008-11-14 21:20:30 ----D---- C:\WINDOWS\system32\npp
2008-11-14 21:18:13 ----D---- C:\WINDOWS\system32\Com
2008-11-14 21:16:15 ----D---- C:\WINDOWS\system
2008-11-14 21:16:14 ----D---- C:\WINDOWS\srchasst
2008-11-14 21:16:14 ----D---- C:\WINDOWS\PeerNet
2008-11-14 21:16:12 ----D---- C:\WINDOWS\mui
2008-11-14 21:16:10 ----D---- C:\WINDOWS\msagent
2008-11-14 21:15:53 ----D---- C:\WINDOWS\ime
2008-11-14 21:15:45 ----D---- C:\Program Files\Windows NT
2008-11-14 21:15:44 ----D---- C:\Program Files\Outlook Express
2008-11-14 21:15:43 ----D---- C:\Program Files\NetMeeting
2008-11-14 21:15:41 ----D---- C:\Program Files\Movie Maker
2008-11-14 21:15:32 ----D---- C:\Program Files\Common Files\System
2008-11-14 21:10:50 ----SD---- C:\WINDOWS\Tasks
2008-11-14 21:03:43 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-14 21:03:43 ----D---- C:\WINDOWS\system32\en-US
2008-11-14 20:51:08 ----D---- C:\WINDOWS\Minidump
2008-11-14 20:51:07 ----D---- C:\WINDOWS\twain_32
2008-11-14 20:33:07 ----D---- C:\WINDOWS\repair
2008-11-14 19:38:16 ----AD---- C:\WINDOWS\ehome
2008-11-14 19:23:23 ----D---- C:\Program Files\Internet Explorer
2008-11-14 19:21:43 ----A---- C:\WINDOWS\imsins.BAK
2008-11-14 19:21:15 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-14 19:20:32 ----D---- C:\WINDOWS\WBEM
2008-11-14 19:20:23 ----D---- C:\WINDOWS\Media
2008-11-14 19:10:55 ----D---- C:\WINDOWS\Debug
2008-11-14 18:25:38 ----D---- C:\Program Files\Lavasoft
2008-11-14 18:25:36 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Lavasoft
2008-11-14 18:24:23 ----D---- C:\Program Files\Common Files
2008-11-14 18:13:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-14 18:12:45 ----D---- C:\Program Files\Java
2008-11-14 18:10:12 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-14 17:47:26 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-11-14 08:53:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-13 22:13:42 ----D---- C:\Valve
2008-11-13 21:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-13 21:26:54 ----D---- C:\Program Files\Common Files\Adobe
2008-11-13 21:26:53 ----D---- C:\Program Files\Adobe
2008-11-13 21:10:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\IMVU
2008-11-13 21:09:28 ----D---- C:\Program Files\IMVU
2008-11-13 19:29:32 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-11-13 18:32:28 ----A---- C:\WINDOWS\ModemLog_D-Link DFM-562IS HSFi PCI Modem.txt
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-06 19:54:26 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-10-04 06:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-05 05:42:02 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-27 13:54:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 20:24:30 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 20:24:29 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 20:24:29 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 20:24:28 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 20:24:28 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 20:24:28 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 20:24:28 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 20:24:28 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 21:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 21:37:59 ----N---- C:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-20 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-20 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-20 42912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-20 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-20 94416]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2005-08-03 22784]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2005-08-03 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2005-08-03 4992]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-11 60800]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2005-08-03 10112]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-20 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-08 138752]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-29 1036928]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-09-29 219136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-15 4299264]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-11 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-13 19072]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-28 81408]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-03-31 27008]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-29 702592]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2007-04-13 62984]
S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2005-08-03 19200]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 gkmixern;gkmixern; \??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\gkmixern.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-02-01 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-02-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-02-01 21568]
S3 M1000Srv;Trek 320R Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-01 276926]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-10 20480]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2007-04-13 83080]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2007-04-13 15112]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2007-04-13 108296]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2007-04-13 108424]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2007-04-13 90888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2005-08-03 58880]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-20 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-20 147640]
R2 COM+ Event System (EventSystem) ;COM+ Event System (EventSystem) ; C:\Program Files\tinyproxy\tinyproxy.exe [2008-11-23 6912]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-14 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-20 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-24 348344]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-11-22 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 267776]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-05 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

Aslan9 · 2008/11/24

info.txt logfile of random's system information tool 1.04 2008-11-24 22:06:00

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\Setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7 Wonders of the Ancient World--> "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\Uninstall.exe" "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\install.log "
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c "C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll "
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
Bejeweled 2 Deluxe--> "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\install.log "
Bengal - Game of Gods--> "C:\Program Files\Oberon Media\Bengal - Game of Gods\Uninstall.exe" "C:\Program Files\Oberon Media\Bengal - Game of Gods\install.log "
BeTrapped!--> "C:\Program Files\Oberon Media\BeTrapped!\Uninstall.exe" "C:\Program Files\Oberon Media\BeTrapped!\install.log "
Bookworm Deluxe--> "C:\Program Files\Oberon Media\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bookworm Deluxe\install.log "
Bricks of Atlantis--> "C:\Program Files\Oberon Media\Bricks of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Atlantis\install.log "
Bricks of Egypt--> "C:\Program Files\Oberon Media\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Egypt\install.log "
Cake Mania--> "C:\Program Files\Oberon Media\Cake Mania\Uninstall.exe" "C:\Program Files\Oberon Media\Cake Mania\install.log "
Chuzzle--> "C:\Program Files\Oberon Media\Chuzzle\Uninstall.exe" "C:\Program Files\Oberon Media\Chuzzle\install.log "
Counter-Strike: Condition Zero-->C:\Valve\CONDIT~1\UNWISE.EXE C:\Valve\CONDIT~1\INSTALL.LOG
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
D-Link DFM-562IS HSFi PCI Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_20D514F1\HXFSETUP.EXE -U -IPSCRCTR5K.INF
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Gem Shop--> "C:\Program Files\Oberon Media\Gem Shop\Uninstall.exe" "C:\Program Files\Oberon Media\Gem Shop\install.log "
GemMaster Mystic--> "C:\Program Files\GemMaster\uninstallgemmaster.exe "
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll "
Hexic--> "C:\Program Files\Oberon Media\Hexic\Uninstall.exe" "C:\Program Files\Oberon Media\Hexic\install.log "
High Definition Audio Driver Package - KB888111--> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe "
HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 10 (KB910393)--> "C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB893357)--> "C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB906569)--> "C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB912024)--> "C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB914440)--> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB926239)--> "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB935448)--> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}\setup\hpzscr01.exe -datfile hposcr09.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Insaniquarium Deluxe--> "C:\Program Files\Oberon Media\Insaniquarium Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Insaniquarium Deluxe\install.log "
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jewel of Atlantis--> "C:\Program Files\Oberon Media\Jewel of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel of Atlantis\install.log "
Jewel Quest--> "C:\Program Files\Oberon Media\Jewel Quest\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel Quest\install.log "
Jigsaw 365--> "C:\Program Files\Oberon Media\Jigsaw 365\Uninstall.exe" "C:\Program Files\Oberon Media\Jigsaw 365\install.log "
LimeWire PRO 4.18.8--> "C:\Program Files\LimeWire\uninstall.exe "
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Magic Ball 2--> "C:\Program Files\Oberon Media\Magic Ball 2\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Ball 2\install.log "
Magic Match--> "C:\Program Files\Oberon Media\Magic Match\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Match\install.log "
Mahjong Match--> "C:\Program Files\Oberon Media\Mahjong Match\Uninstall.exe" "C:\Program Files\Oberon Media\Mahjong Match\install.log "
Microsoft .NET Framework 1.0 Hotfix (KB930494)--> "C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe "
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Encarta Standard 2006-->MsiExec.exe /I{06680048-3E21-46D6-9A91-D927BA08F41D}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mosiac - Tomb of Mystery--> "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\Uninstall.exe" "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\install.log "
Mozaki Blocks--> "C:\Program Files\Oberon Media\Mozaki Blocks\Uninstall.exe" "C:\Program Files\Oberon Media\Mozaki Blocks\install.log "
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x9
Nero 7 Essentials-->MsiExec.exe /X{1C00A3F1-6DA0-49F8-94E4-01AB6FC01033}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Ocean Express--> "C:\Program Files\Oberon Media\Ocean Express\Uninstall.exe" "C:\Program Files\Oberon Media\Ocean Express\install.log "
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Otto--> "C:\Program Files\EnglishOtto\uninstallotto.exe "
Pat Sajak’s Lucky Letters--> "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\Uninstall.exe" "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\install.log "
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Picasa 2--> "C:\Program Files\Picasa2\Uninstall.exe "
Picture Package Music Transfer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe" -l0x9 -removeonly
Python 2.2 pywin32 extensions (build 203)--> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log "
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Rainbow Web--> "C:\Program Files\Oberon Media\Rainbow Web\Uninstall.exe" "C:\Program Files\Oberon Media\Rainbow Web\install.log "
RCT3 Soaked-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\Setup.exe" -l0x9
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Ricochet Lost Worlds--> "C:\Program Files\Oberon Media\Ricochet Lost Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Ricochet Lost Worlds\install.log "
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x9
Sandlot Games Client Services--> "C:\Program Files\Common Files\Sandlot Shared\unins000.exe "
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723)--> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB911565)--> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358)--> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896422)--> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896424)--> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901190)--> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214)--> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400)--> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB904706)--> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519)--> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908531)--> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562)--> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912812)--> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912919)--> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944338-v2)--> "C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956390)--> "C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Slingo--> "C:\Program Files\Oberon Media\Slingo\Uninstall.exe" "C:\Program Files\Oberon Media\Slingo\install.log "
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sony Ericsson PC Suite for Smartphones-->C:\WINDOWS\Installer\{E1252473-6306-4d5d-904D-B06AA7F38161}\setup.exe /uninstall
Sony Ericsson PC Suite for Smartphones-->MsiExec.exe /I{1E76BE75-F256-4BA4-A9A3-F433AD3D2D00}
Sony Ericsson Symbian 9 Drivers-->C:\Program Files\Sony Ericsson\Sony Ericsson Symbian 9 Drivers\ZEBRUninstall.exe
Sony Picture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tiks Texas Hold em--> "C:\Program Files\Oberon Media\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Oberon Media\Tiks Texas Hold em\install.log "
Trek 320R-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17202B70-A9FB-483E-81A0-320610F0DE2F}\setup.exe" -l0x9
Update for Windows Media Player 10 (KB913800)--> "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe "
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB904942)--> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe "
Update for Windows XP (KB912945)--> "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update Service-->C:\Program Files\Sony Ericsson\Update Service\uninst.exe
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB892050--> "C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe "
Windows XP Hotfix - KB893066--> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe "
Windows XP Media Center Edition 2005 KB925766--> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
Wonderland - Secret Worlds--> "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\install.log "
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zuma Deluxe--> "C:\Program Files\Oberon Media\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Zuma Deluxe\install.log "

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081123-0]
FW: ZoneAlarm Firewall

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Intuwave\Shared\mRouterRuntime
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION "=0604
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"SonicCentral "=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"DEFAULT_CA_NR "=CA8
"tvdumpflags "=8

-----------------EOF-----------------

Aslan9 · 2008/11/24

The first two were the log file and the second is the info file..

Aslan9 · 2008/11/24

****, the first two didnt seem to get posted

Aslan9 · 2008/11/24

Sorry if Im a bit of a noob with forums, I havnt used them before :S

noahdfear · 2008/11/25

Hi Aslan9, and welcome to WindowsBBS

Did you install TinyProxy?

You have a flash drive infection. Please download Flash_Disinfector by sUBs and save it to your desktop:

NOTE: In the event you already have Flash_Disinfector, this is a new version that I need you to download.

Plug in your USB flash drive.

Double-click Flash_Disinfector.exe to run it.

Follow any prompts that may appear.

Your desktop will vanish for a while, and then reappear. This is normal.

Wait until the program has finished scanning, then please exit the program. If you use more than 1 flash drive, run the tool with each plugged in.

Now, download ComboFix by sUBs from here, saving the file to your desktop.

Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

Close all open programs and windows

Double click ComboFix.exe and follow the prompts.

It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log and a new HijackThis log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Aslan9 · 2008/11/25

Hi Thanks heaps for your reply. Just today I managed to remove the bolivar27.exe manually. I looked for the process after pressing ctrl+alt+del. I ended the process and was able to delete said file. ZoneAlarm has not asked to give it permission since. I also did a full ad aware scan and avast home virus scan. Avast detected only one malware virus and deleted it, and ad aware, the usual tracking cookies. The only flash drive I ever attach to my PC is my camera(which im nearly 100% sure doesnt have a virus, its an SD card if thats any help to you) and my Sony Ericsson W950i touch screen phone, its sort of a smart phone. I hardly ever plug in the phone. Do you still think I should do what you recommended? Thanks

Aslan9 · 2008/11/25

And I dont know what TinyProxy is, but I dont ever remember installing something with that name..

noahdfear · 2008/11/25

Good to hear you got bolivar killed, but Yes, please complete the recommended steps.

Aslan9 · 2008/11/27

ComboFix 08-11-26.05 - HP_Administrator 2008-11-27 18:04:09.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.526 [GMT 13:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
c:\documents and settings\HP_Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
c:\program files\TinyProxy
c:\program files\TinyProxy\tinyproxy.exe
c:\windows\fmark2.dat
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-10-27 to 2008-11-27 )))))))))))))))))))))))))))))))
.

2008-11-27 17:57 . 2008-11-27 17:57 <DIR> d--hs---- c:\documents and settings\HP_Administrator\UserData
2008-11-26 22:11 . 2008-11-26 22:11 5,632 --ahs---- c:\windows\Thumbs.db
2008-11-26 11:25 . 2008-11-26 11:27 <DIR> d--h----- c:\windows\msdownld.tmp
2008-11-26 11:25 . 2008-11-26 11:25 <DIR> d-------- c:\windows\Logs
2008-11-26 10:03 . 2006-05-11 18:36 11,648 --a------ c:\windows\system32\drivers\diag69xp.sys
2008-11-25 08:44 . 2008-01-11 12:29 27,264 -ra------ c:\windows\system32\drivers\rndismpk.sys
2008-11-25 08:44 . 2008-01-11 12:29 11,136 -ra------ c:\windows\system32\drivers\usb8023k.sys
2008-11-24 22:05 . 2008-11-24 22:06 <DIR> d-------- C:\rsit
2008-11-24 22:05 . 2008-11-24 22:05 <DIR> d-------- c:\program files\trend micro
2008-11-24 17:59 . 2008-11-24 17:59 0 --a------ c:\windows\nsreg.dat
2008-11-23 23:08 . 2008-11-23 23:08 1 ---h----- c:\windows\f49f4daa.dat
2008-11-23 23:07 . 2008-11-23 23:07 23,552 ---h----- c:\windows\che6.exe
2008-11-23 23:07 . 2008-11-23 23:07 1 ---h----- c:\windows\bemark2.dat
2008-11-16 23:29 . 2008-05-02 23:46 54,988 --a------ c:\windows\system32\nvmob.chm
2008-11-16 23:28 . 2008-05-02 23:46 181,895 --a------ c:\windows\system32\nvdsp.chm
2008-11-16 23:28 . 2008-05-02 23:46 121,529 --a------ c:\windows\system32\nvcpl.chm
2008-11-16 23:28 . 2008-05-02 23:46 116,384 --a------ c:\windows\system32\nv3d.chm
2008-11-14 21:45 . 2008-11-14 21:45 57,344 --a------ c:\windows\system32\RBK5BD7.tmp
2008-11-14 20:30 . 2008-11-14 20:30 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Systweak
2008-11-14 20:29 . 2008-11-15 13:29 <DIR> d-------- c:\program files\Advanced System Optimizer
2008-11-14 20:18 . 2008-11-14 20:21 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\scripting
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\en
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\bits
2008-11-14 19:51 . 2008-11-14 21:02 <DIR> d-------- c:\windows\l2schemas
2008-11-14 19:44 . 2007-08-10 20:46 33,656 --a------ c:\windows\system32\sprecovr.exe
2008-11-14 19:38 . 2008-08-14 22:58 2,136,064 --a------ c:\windows\system32\ntoskrnl.exe
2008-11-14 19:21 . 2008-10-04 06:41 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-14 19:21 . 2007-04-17 22:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-14 19:21 . 2007-03-08 18:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-14 19:21 . 2008-08-26 20:24 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-14 19:21 . 2008-08-26 20:24 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-14 19:21 . 2008-08-26 20:24 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-14 19:21 . 2008-08-26 20:24 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-14 19:21 . 2008-08-25 21:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-14 19:20 . 2008-08-26 20:24 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-14 18:25 . 2008-11-14 18:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-14 18:24 . 2008-11-14 18:24 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-14 18:13 . 2008-11-14 18:12 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-14 17:46 . 2008-11-14 19:27 <DIR> d-------- c:\windows\system32\Adobe
2008-11-14 14:14 . 2008-04-14 13:12 7,680 --a------ c:\windows\system32\spdwnwxp.exe
2008-11-14 13:49 . 2008-11-14 21:40 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-14 00:40 . 2008-11-14 00:40 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-14 00:35 . 2008-11-14 00:35 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-14 00:13 . 2008-11-14 00:25 <DIR> d-------- c:\program files\Shareaza
2008-11-14 00:13 . 2008-11-14 00:25 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Shareaza
2008-11-13 21:09 . 2008-11-13 21:09 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\IMVUClient
2008-11-13 20:40 . 2008-11-13 20:40 <DIR> d-------- c:\program files\Microsoft Silverlight
2008-11-13 20:18 . 2006-03-21 16:23 23,040 --------- c:\windows\kb913800.exe
2008-11-13 20:09 . 2008-07-18 22:07 270,880 --a------ c:\windows\system32\mucltui.dll
2008-11-13 20:09 . 2008-07-18 22:07 210,976 --a------ c:\windows\system32\muweb.dll
2008-11-13 20:09 . 2008-07-18 22:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-07 07:56 . 2008-11-13 22:24 43,520 --a------ c:\windows\system32\CmdLineExt03.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-27 05:09 5,644,320 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-11-27 04:29 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\LimeWire
2008-11-27 00:31 65,372 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-11-26 05:21 1,702,400 ----a-w c:\windows\Internet Logs\xDBA.tmp
2008-11-25 21:57 --------- d-----w c:\program files\Oberon Media
2008-11-24 22:40 1,591,808 ----a-w c:\windows\Internet Logs\xDB9.tmp
2008-11-24 09:30 1,584,640 ----a-w c:\windows\Internet Logs\xDB8.tmp
2008-11-23 10:24 --------- d-----w c:\program files\PolderbitS
2008-11-22 19:48 1,546,240 ----a-w c:\windows\Internet Logs\xDB7.tmp
2008-11-21 07:05 1,544,192 ----a-w c:\windows\Internet Logs\xDB6.tmp
2008-11-16 11:06 1,541,632 ----a-w c:\windows\Internet Logs\xDB5.tmp
2008-11-16 09:46 --------- d-----w c:\program files\LimeWire
2008-11-16 09:31 1,530,880 ----a-w c:\windows\Internet Logs\xDB4.tmp
2008-11-16 00:19 1,530,368 ----a-w c:\windows\Internet Logs\xDB3.tmp
2008-11-15 23:14 1,530,368 ----a-w c:\windows\Internet Logs\xDB2.tmp
2008-11-15 03:25 1,529,856 ----a-w c:\windows\Internet Logs\xDB1.tmp
2008-11-14 23:42 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-14 08:14 61,440 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-11-14 08:14 45,056 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-11-14 08:14 44,032 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-11-14 08:14 40,960 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-11-14 08:14 341,048 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-11-14 08:14 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-11-14 08:14 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-11-14 08:14 217,088 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-11-14 08:14 163,840 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-11-14 05:25 --------- d-----w c:\program files\Lavasoft
2008-11-14 05:25 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Lavasoft
2008-11-14 05:12 --------- d-----w c:\program files\Java
2008-11-14 05:10 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-14 00:51 20,606,279 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2008_11_14_10_46_25_full.dmp.zip
2008-11-13 08:26 --------- d-----w c:\program files\Common Files\Adobe
2008-11-13 08:10 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\IMVU
2008-11-13 08:09 --------- d-----w c:\program files\IMVU
2008-10-28 09:56 23,310,053 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-10-26 21:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-26 21:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-26 21:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-26 21:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-16 01:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 01:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 01:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 01:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 01:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 01:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 01:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 01:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 01:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 01:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 01:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 01:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 01:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 01:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 01:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-15 16:57 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-09 15:52 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
2008-10-09 15:52 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
2008-10-09 15:52 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
2008-10-06 06:54 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-09-30 03:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\dllcache\win32k.sys
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
2008-08-27 00:54 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-03-19 02:55 75,304 ----a-w c:\documents and settings\HP_Administrator\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-05 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"mRouterConfig "= "c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" [2006-03-02 290816]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IMJPMIG8.1 "= "c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002 "= "c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync "= "c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A "= "c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"DMAScheduler "= "c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard "= "c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp "= "c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"avast! "= "c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-19 81000]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HP Software Update "= "c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"PC Suite for Smartphones "= "c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2008-11-14 136600]
"ZoneAlarm Client "= "c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"NvMediaCenter "= "c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"ftutil2 "= "ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"RTHDCPL "= "RTHDCPL.EXE" [2006-06-14 c:\windows\RTHDCPL.EXE]
"AlwaysReady Power Message APP "= "ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"nwiz "= "nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector "= "c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-06-01 27136]
PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-06-01 27136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-08-07 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Updates From HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2006-06-01 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe "=
"c:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-05-21 110160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-05-21 20560]
R3 zebrbus;Sony Ericsson Composite Device driver;c:\windows\system32\DRIVERS\zebrbus.sys [2007-12-02 83080]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM);c:\windows\system32\DRIVERS\zebrceb.sys [2007-12-02 62984]
S2 COM+ Event System (EventSystem) ;COM+ Event System (EventSystem) ;c:\program files\tinyproxy\tinyproxy.exe []
S3 Diag69xp;Diag69xp;c:\windows\system32\Drivers\Diag69xp.sys [2008-11-26 11648]
S3 gkmixern;gkmixern;\??\c:\docume~1\HP_ADM~1\LOCALS~1\Temp\gkmixern.sys []
S3 M1000Srv;Trek 320R Driver;c:\windows\system32\Drivers\M1000KNT.sys [2008-05-15 276926]
S3 zebrmdfl;Sony Ericsson Modem Filter;c:\windows\system32\DRIVERS\zebrmdfl.sys [2007-12-02 15112]
S3 zebrmdm;Sony Ericsson Port (WDM);c:\windows\system32\DRIVERS\zebrmdm.sys [2007-12-02 108296]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM);c:\windows\system32\DRIVERS\zebrmdmc.sys [2007-12-02 108424]
S3 zebrsce;Sony Ericsson PC-Connect Port;c:\windows\system32\DRIVERS\zebrsce.sys [2007-12-02 90888]

*Newly Created Service* - PROCEXP90
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
HKLM-Run-PCDrProfiler - (no file)
HKLM-Run-M1000Mnt - M1000Rmv.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\vm2j5d7r.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.co.nz/
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-27 18:09:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-27 18:10:49
ComboFix-quarantined-files.txt 2008-11-27 05:10:46

Pre-Run: 152,903,532,544 bytes free
Post-Run: 153,969,897,472 bytes free

253 --- E O F --- 2008-11-21 21:20:57

Aslan9 · 2008/11/27

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP_Administrator at 2008-11-27 22:34:23
Microsoft Windows XP Professional Service Pack 3
System drive C: has 147 GB (80%) free of 182 GB
Total RAM: 1023 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:25 p.m., on 27/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\HP_Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_NZ&c=64&bd=PAVILION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://signupcd.ihug.co.nz/acnts/signup.pl?version=8&base=5:1&pop=Anywhere+in+New+Zealand
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9090
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe "
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COM+ Event System (EventSystem) - Unknown owner - C:\Program Files\tinyproxy\tinyproxy.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11238 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-20 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-16 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-20 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray "=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ftutil2 "=C:\WINDOWS\system32\ftutil2.dll [2004-06-07 106496]
"IMJPMIG8.1 "=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002 "=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync "=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A "=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"RTHDCPL "=C:\WINDOWS\RTHDCPL.EXE [2006-06-14 16239616]
"AlwaysReady Power Message APP "=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"nwiz "=nwiz.exe /install []
"DMAScheduler "=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-23 237568]
"HPBootOp "=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-16 249856]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-19 81000]
"NeroFilterCheck "=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update "=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"PC Suite for Smartphones "=C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-05-28 528384]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-14 136600]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-05 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"mRouterConfig "=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe "= "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP "
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe "= "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner "
"C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe "= "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe "= "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

======List of files/folders created in the last 3 months======

2008-11-27 18:14:35 ----SHD---- C:\RECYCLER
2008-11-27 18:10:50 ----A---- C:\ComboFix.txt
2008-11-27 18:03:30 ----A---- C:\WINDOWS\zip.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\VFIND.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\SWSC.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\SWREG.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\sed.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\grep.exe
2008-11-27 18:03:30 ----A---- C:\WINDOWS\fdsv.exe
2008-11-27 18:03:23 ----D---- C:\WINDOWS\ERDNT
2008-11-27 18:03:23 ----AD---- C:\Qoobox
2008-11-27 17:57:28 ----RASHD---- C:\autorun.inf
2008-11-26 11:28:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-11-26 11:28:48 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-11-26 11:28:48 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-11-26 11:28:47 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-11-26 11:28:47 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-11-26 11:28:46 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-11-26 11:28:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-11-26 11:28:45 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-26 11:28:45 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-26 11:28:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-26 11:28:44 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-26 11:28:44 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-26 11:28:43 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-26 11:28:42 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-26 11:28:42 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-26 11:28:42 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-26 11:28:41 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-26 11:28:41 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-26 11:28:41 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-26 11:28:40 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-26 11:28:39 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-11-26 11:28:39 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-11-26 11:28:38 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-26 11:28:37 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-11-26 11:28:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-11-26 11:28:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-26 11:28:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-11-26 11:28:35 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-11-26 11:28:35 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-11-26 11:28:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-11-26 11:28:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-11-26 11:28:33 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-11-26 11:28:33 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-11-26 11:28:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-11-26 11:28:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-11-26 11:28:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-11-26 11:28:31 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-11-26 11:28:31 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-11-26 11:28:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-11-26 11:28:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-11-26 11:28:28 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-11-26 11:28:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-11-26 11:28:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-11-26 11:28:23 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-26 11:28:22 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-11-26 11:28:22 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-11-26 11:28:21 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-11-26 11:28:21 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-11-26 11:28:21 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-26 11:28:20 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-11-26 11:28:20 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-11-26 11:28:20 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-11-26 11:28:19 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-26 11:28:19 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-11-26 11:28:18 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-11-26 11:28:14 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-11-26 11:28:14 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-11-26 11:28:14 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-26 11:28:13 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-26 11:28:13 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-26 11:28:12 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-26 11:28:11 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-26 11:28:09 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-26 11:25:49 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-26 11:25:39 ----D---- C:\WINDOWS\Logs
2008-11-24 22:05:10 ----D---- C:\Program Files\trend micro
2008-11-24 22:05:09 ----D---- C:\rsit
2008-11-24 17:59:37 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2008-11-23 23:07:43 ----H---- C:\WINDOWS\che6.exe
2008-11-15 13:15:53 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-14 21:45:47 ----AH---- C:\WINDOWS\system32\RBK5C04.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BFF.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BFC.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BF7.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BF4.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BEF.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BEC.tmp.LOG
2008-11-14 21:45:46 ----AH---- C:\WINDOWS\system32\RBK5BE7.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BE4.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BDF.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BDC.tmp.LOG
2008-11-14 21:45:44 ----AH---- C:\WINDOWS\system32\RBK5BD7.tmp.LOG
2008-11-14 21:45:41 ----A---- C:\WINDOWS\system32\RBK5BD7.tmp
2008-11-14 21:27:19 ----D---- C:\WINDOWS\Prefetch
2008-11-14 20:30:50 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Systweak
2008-11-14 20:29:48 ----D---- C:\Program Files\Advanced System Optimizer
2008-11-14 20:18:41 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-14 19:51:54 ----D---- C:\WINDOWS\system32\scripting
2008-11-14 19:51:53 ----D---- C:\WINDOWS\l2schemas
2008-11-14 19:51:52 ----D---- C:\WINDOWS\system32\en
2008-11-14 19:51:52 ----D---- C:\WINDOWS\system32\bits
2008-11-14 19:44:16 ----A---- C:\WINDOWS\system32\sprecovr.exe
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-11-14 19:40:50 ----A---- C:\WINDOWS\system32\bthci.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\verclsid.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-11-14 19:40:49 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-11-14 19:40:48 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-11-14 19:40:48 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-11-14 19:40:38 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-11-14 19:40:37 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-11-14 19:40:36 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\secedit.exe
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-11-14 19:40:34 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-11-14 19:40:33 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-14 19:40:32 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-11-14 19:40:31 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\mssap.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-11-14 19:40:30 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\twext.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-11-14 19:40:29 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\encapi.dll
2008-11-14 19:40:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\p2p.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-11-14 19:40:27 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-11-14 19:40:26 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\cipher.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-11-14 19:40:25 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\gptext.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\getmac.exe
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-11-14 19:40:24 ----A---- C:\WINDOWS\system32\fde.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqise.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\mqad.dll
2008-11-14 19:40:23 ----A---- C:\WINDOWS\system32\logman.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-11-14 19:40:22 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-11-14 19:40:21 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-11-14 19:40:20 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-11-14 19:39:51 ----A---- C:\WINDOWS\winhlp32.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\twain_32.dll
2008-11-14 19:39:51 ----A---- C:\WINDOWS\regedit.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\hh.exe
2008-11-14 19:39:51 ----A---- C:\WINDOWS\explorer.exe
2008-11-14 19:39:50 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\alg.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\ahui.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\activeds.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\aclui.dll
2008-11-14 19:39:49 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\authz.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\attrib.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\atl.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\at.exe
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-11-14 19:39:48 ----A---- C:\WINDOWS\system32\amstream.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\camocx.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\cabview.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browseui.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browser.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\browselc.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-11-14 19:39:47 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cic.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\certcli.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-11-14 19:39:46 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\compatui.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clusapi.dll

Aslan9 · 2008/11/27

2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-11-14 19:39:45 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\credui.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\corpol.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\conime.exe
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comres.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-14 19:39:44 ----A---- C:\WINDOWS\system32\compstui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\csrss.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscript.exe
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-11-14 19:39:43 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\defrag.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\datime.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-11-14 19:39:42 ----A---- C:\WINDOWS\system32\danim.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-11-14 19:39:41 ----A---- C:\WINDOWS\system32\devenum.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmime.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmband.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dispex.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\dinput.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\digest.dll
2008-11-14 19:39:40 ----A---- C:\WINDOWS\system32\diantz.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-11-14 19:39:39 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dswave.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dssec.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsound.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\drprov.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-11-14 19:39:38 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\els.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\duser.dll
2008-11-14 19:39:37 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\findstr.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\feclient.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\exts.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\esent.dll
2008-11-14 19:39:36 ----A---- C:\WINDOWS\system32\es.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsres.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsperf.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsmon.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsext32.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsevent.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsdrv.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscover.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscomex.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxscom.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsclnt.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fxsapi.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontview.exe
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fontext.dll
2008-11-14 19:39:35 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\glu32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsxp32.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxswzrd.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsui.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxstiff.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxst30.dll
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxssvc.exe
2008-11-14 19:39:34 ----A---- C:\WINDOWS\system32\fxsst.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icmp.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icm32.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\htui.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hlink.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hid.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-11-14 19:39:33 ----A---- C:\WINDOWS\system32\help.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imm32.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\imapi.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-11-14 19:39:32 ----A---- C:\WINDOWS\system32\idq.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\input.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\initpki.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-11-14 19:39:31 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\jgpl400.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\jgdw400.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\itss.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\itircl.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-11-14 19:39:30 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\licdll.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-11-14 19:39:29 ----A---- C:\WINDOWS\system32\jscript.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\makecab.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\magnify.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lsass.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\lpk.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\logonui.exe
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\localui.dll
2008-11-14 19:39:28 ----A---- C:\WINDOWS\system32\localsec.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mmc.exe
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mlang.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\midimap.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc42u.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-11-14 19:39:27 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mpr.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\moricons.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\more.com
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\modemui.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-11-14 19:39:26 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msdart.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msctf.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mscms.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msafd.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-11-14 19:39:25 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msgina.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-14 19:39:24 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msidle.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msident.dll
2008-11-14 19:39:23 ----A---- C:\WINDOWS\system32\msi.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjter40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msisip.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimsg.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-11-14 19:39:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-14 19:39:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msutb.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-14 19:39:20 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxml.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswstr10.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\mswdat10.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-11-14 19:39:19 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\net1.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\net.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\narrator.exe
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-14 19:39:18 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\newdev.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netui1.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netui0.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netstat.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netshell.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netsh.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netrap.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netman.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netid.dll
2008-11-14 19:39:17 ----A---- C:\WINDOWS\system32\netdde.exe
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\npptools.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\notepad.exe
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-11-14 19:39:16 ----A---- C:\WINDOWS\notepad.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\objsel.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\oakley.dll
2008-11-14 19:39:15 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\packager.exe
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\osk.exe
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\ole32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-11-14 19:39:14 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\psbase.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\psapi.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\proquota.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\progman.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\profmap.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\polstore.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\ping.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pid.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfos.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pdh.dll
2008-11-14 19:39:13 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\raschap.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\query.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\quartz.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qedit.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qdv.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\qcap.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-11-14 19:39:12 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\regapi.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\reg.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcp.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rastls.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-11-14 19:39:11 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsh.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\riched20.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\rexec.exe
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\resutils.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-14 19:39:10 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scecli.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\runonce.exe
2008-11-14 19:39:09 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sfc.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\setup.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sethc.exe
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sens.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\security.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\secur32.dll
2008-11-14 19:39:08 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-11-14 19:39:07 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shgina.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shell32.dll
2008-11-14 19:39:06 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\skeys.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-11-14 19:39:05 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\sort.exe
2008-11-14 19:39:04 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-14 19:39:03 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stobject.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stimon.exe
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\sti.dll
2008-11-14 19:39:02 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\syncui.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\synceng.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\sxs.dll
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\svchost.exe
2008-11-14 19:39:01 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\txflog.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tree.com
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tracert.exe
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\themeui.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-11-14 19:39:00 ----A---- C:\WINDOWS\system32\telnet.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\utilman.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usp10.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\userenv.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\user32.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\ups.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\upnp.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-11-14 19:38:59 ----A---- C:\WINDOWS\system32\uniime.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\w32time.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\version.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\verifier.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-11-14 19:38:58 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\wextract.exe
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\webvw.dll
2008-11-14 19:38:57 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winver.exe
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winsta.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winscard.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winmm.dll
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-11-14 19:38:56 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wow32.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wmi.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-11-14 19:38:55 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wship6.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshext.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-11-14 19:38:54 ----A---- C:\WINDOWS\system32\wscript.exe
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-14 19:38:53 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\ftp.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\format.com
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\cmd.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\cacls.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\autochk.exe
2008-11-14 19:38:52 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\locator.exe
2008-11-14 19:38:51 ----A---- C:\WINDOWS\system32\localspl.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\samlib.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasman.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\printui.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-11-14 19:38:50 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\smss.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\services.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\schannel.dll
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\savedump.exe
2008-11-14 19:38:49 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\userinit.exe
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\untfs.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\ulib.dll
2008-11-14 19:38:48 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-11-14 19:38:40 ----A---- C:\WINDOWS\system32\hal.dll
2008-11-14 19:21:19 ----D---- C:\WINDOWS\ie7updates
2008-11-14 19:19:16 ----HDC---- C:\WINDOWS\ie7
2008-11-14 19:15:46 ----D---- C:\WINDOWS\network diagnostic
2008-11-14 19:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-14 19:15:30 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-14 19:10:53 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-14 18:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-14 18:24:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\java.exe
2008-11-14 18:13:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-14 17:46:27 ----D---- C:\WINDOWS\system32\Adobe
2008-11-14 14:14:06 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-11-14 13:49:23 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-11-14 00:42:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-14 00:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-14 00:42:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-14 00:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-14 00:41:57 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2008-11-14 00:41:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2008-11-14 00:41:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-14 00:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-14 00:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-14 00:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-14 00:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-14 00:40:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-14 00:40:53 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-11-14 00:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2008-11-14 00:39:00 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-14 00:38:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-14 00:38:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-14 00:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-14 00:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-14 00:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-11-14 00:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-14 00:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2008-11-14 00:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2008-11-14 00:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2008-11-14 00:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-14 00:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-14 00:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-14 00:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-14 00:35:39 ----D---- C:\Program Files\MSXML 4.0
2008-11-14 00:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-11-14 00:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-11-14 00:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-14 00:13:13 ----D---- C:\Program Files\Shareaza
2008-11-14 00:13:13 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Shareaza
2008-11-13 21:09:17 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\IMVUClient
2008-11-13 20:40:29 ----D---- C:\Program Files\Microsoft Silverlight
2008-11-13 20:18:36 ----N---- C:\WINDOWS\kb913800.exe
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\muweb.dll
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-13 20:09:22 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-07 07:56:46 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll

======List of files/folders modified in the last 3 months======

2008-11-27 22:33:01 ----D---- C:\WINDOWS\Internet Logs
2008-11-27 22:29:34 ----D---- C:\WINDOWS\Temp
2008-11-27 19:20:28 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2008-11-27 18:26:04 ----D---- C:\WINDOWS\Registration
2008-11-27 18:25:56 ----D---- C:\WINDOWS\system32
2008-11-27 18:25:55 ----AD---- C:\WINDOWS
2008-11-27 18:24:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-27 18:23:58 ----HD---- C:\WINDOWS\inf
2008-11-27 18:23:47 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-27 18:23:47 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-27 18:09:51 ----A---- C:\WINDOWS\system.ini
2008-11-27 18:06:14 ----D---- C:\WINDOWS\system32\drivers
2008-11-27 18:06:13 ----D---- C:\Program Files\Common Files
2008-11-27 18:06:12 ----D---- C:\WINDOWS\AppPatch
2008-11-27 18:04:43 ----RD---- C:\Program Files
2008-11-27 16:45:15 ----D---- C:\WINDOWS\system32\FxsTmp
2008-11-27 15:58:22 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-26 11:30:39 ----D---- C:\WINDOWS\system32\Macromed
2008-11-26 11:28:51 ----D---- C:\WINDOWS\system32\DirectX
2008-11-26 11:28:05 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-26 11:24:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-26 10:57:16 ----D---- C:\Program Files\Oberon Media
2008-11-26 10:05:24 ----A---- C:\WINDOWS\ModemLog_D-Link DFM-562IS HSFi PCI Modem.txt
2008-11-25 12:53:06 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-25 08:45:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-23 23:24:46 ----D---- C:\Program Files\PolderbitS
2008-11-22 10:20:57 ----SHD---- C:\WINDOWS\Installer
2008-11-22 10:20:57 ----HD---- C:\Config.Msi
2008-11-22 10:18:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-21 17:46:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-19 06:41:38 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-17 00:07:32 ----D---- C:\WINDOWS\nview
2008-11-16 23:29:18 ----D---- C:\WINDOWS\nvidia icons
2008-11-16 23:28:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-16 23:28:54 ----D---- C:\WINDOWS\Help
2008-11-16 22:46:11 ----D---- C:\Program Files\LimeWire
2008-11-15 13:19:45 ----D---- C:\WINDOWS\security
2008-11-15 12:42:02 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

Aslan9 · 2008/11/27

2008-11-14 21:48:28 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BFF.bak
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BF7.bak
2008-11-14 21:46:28 ----AH---- C:\WINDOWS\system32\RBK5BEF.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BEC.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BE7.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BE4.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BDF.bak
2008-11-14 21:46:28 ----A---- C:\WINDOWS\system32\RBK5BDC.bak
2008-11-14 21:46:01 ----AH---- C:\WINDOWS\system32\RBK5C04.bak
2008-11-14 21:45:46 ----D---- C:\WINDOWS\system32\config
2008-11-14 21:26:17 ----D---- C:\WINDOWS\system32\wbem
2008-11-14 21:26:11 ----RSD---- C:\WINDOWS\Fonts
2008-11-14 21:21:07 ----D---- C:\WINDOWS\WinSxS
2008-11-14 21:20:41 ----D---- C:\Program Files\Messenger
2008-11-14 21:20:35 ----D---- C:\WINDOWS\system32\usmt
2008-11-14 21:20:33 ----D---- C:\WINDOWS\system32\Setup
2008-11-14 21:20:31 ----D---- C:\WINDOWS\system32\Restore
2008-11-14 21:20:31 ----D---- C:\WINDOWS\system32\oobe
2008-11-14 21:20:30 ----D---- C:\WINDOWS\system32\npp
2008-11-14 21:18:13 ----D---- C:\WINDOWS\system32\Com
2008-11-14 21:16:15 ----D---- C:\WINDOWS\system
2008-11-14 21:16:14 ----D---- C:\WINDOWS\srchasst
2008-11-14 21:16:14 ----D---- C:\WINDOWS\PeerNet
2008-11-14 21:16:12 ----D---- C:\WINDOWS\mui
2008-11-14 21:16:10 ----D---- C:\WINDOWS\msagent
2008-11-14 21:15:53 ----D---- C:\WINDOWS\ime
2008-11-14 21:15:45 ----D---- C:\Program Files\Windows NT
2008-11-14 21:15:44 ----D---- C:\Program Files\Outlook Express
2008-11-14 21:15:43 ----D---- C:\Program Files\NetMeeting
2008-11-14 21:15:41 ----D---- C:\Program Files\Movie Maker
2008-11-14 21:15:32 ----D---- C:\Program Files\Common Files\System
2008-11-14 21:10:50 ----SD---- C:\WINDOWS\Tasks
2008-11-14 21:03:43 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-14 21:03:43 ----D---- C:\WINDOWS\system32\en-US
2008-11-14 20:51:08 ----D---- C:\WINDOWS\Minidump
2008-11-14 20:51:07 ----D---- C:\WINDOWS\twain_32
2008-11-14 20:33:07 ----D---- C:\WINDOWS\repair
2008-11-14 19:38:16 ----AD---- C:\WINDOWS\ehome
2008-11-14 19:23:23 ----D---- C:\Program Files\Internet Explorer
2008-11-14 19:21:43 ----A---- C:\WINDOWS\imsins.BAK
2008-11-14 19:21:15 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-14 19:20:32 ----D---- C:\WINDOWS\WBEM
2008-11-14 19:20:23 ----D---- C:\WINDOWS\Media
2008-11-14 19:10:55 ----D---- C:\WINDOWS\Debug
2008-11-14 18:25:38 ----D---- C:\Program Files\Lavasoft
2008-11-14 18:25:36 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Lavasoft
2008-11-14 18:12:45 ----D---- C:\Program Files\Java
2008-11-14 18:10:12 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-14 17:47:26 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-11-13 22:13:42 ----D---- C:\Valve
2008-11-13 21:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-13 21:26:54 ----D---- C:\Program Files\Common Files\Adobe
2008-11-13 21:26:53 ----D---- C:\Program Files\Adobe
2008-11-13 21:10:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\IMVU
2008-11-13 21:09:28 ----D---- C:\Program Files\IMVU
2008-11-13 19:29:32 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-06 19:54:26 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-10-04 06:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-05 05:42:02 ----A---- C:\WINDOWS\system32\msxml3.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-19 110160]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-19 50864]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-19 94032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2005-08-03 22784]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2005-08-03 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2005-08-03 4992]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-11 60800]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2005-08-03 10112]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-19 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-08 138752]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-29 1036928]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-09-29 219136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-15 4299264]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-11 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-13 19072]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-28 81408]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-03-31 27008]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-29 702592]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2007-04-13 62984]
S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2005-08-03 19200]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-05-11 11648]
S3 gkmixern;gkmixern; \??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\gkmixern.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-02-01 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-02-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-02-01 21568]
S3 M1000Srv;Trek 320R Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-01 276926]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2008-01-11 11136]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-10 20480]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2007-04-13 83080]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2007-04-13 15112]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2007-04-13 108296]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2007-04-13 108424]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2007-04-13 90888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2005-08-03 58880]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-19 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-19 155160]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-14 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-19 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-19 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 COM+ Event System (EventSystem) ;COM+ Event System (EventSystem) ; C:\Program Files\tinyproxy\tinyproxy.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-11-22 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 267776]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-05 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

Aslan9 · 2008/11/27

It said it deleted something like tinyproxy, so Im confused because I dont ever remember installing that. And I couldnt view webpages no matter what I did after the PC restarted. It would connect to Messenger though...but I rung my ISP and they sorted it out. It had something to do with internet proxy...Thanks for your guys help

noahdfear · 2008/11/30

Sorry for the late reply .... I was away for the holiday.

Once again, please disable any realtime protection applications. Highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as;

Filename: CFScript.txt
Save As Type: All Files (*.*)
Code:
http://www.windowsbbs.com/malware-virus-removal/78960-active-bolivar27-exe-i-think-its-virus-i-cant-seem-remove.html

Collect::
c:\windows\f49f4daa.dat
c:\windows\che6.exe
c:\windows\bemark2.dat
Driver::
COM+ Event System (EventSystem) 
gkmixern
Close all other windows and programs. Now drag the CFScript.txt onto ComboFix.exe and drop it, using the left mouse button. Combofix should run and may reboot the computer when it's done. A log will open when it's complete. Post the contents of that log here.

Please do not click on the ComboFix window while it is running a scan. This can cause it to stall.

Please note that I have instructed CFScript to collect some files. This means that when ComboFix finishes, you will be prompted to allow ComboFix to upload a zip file that was created. The zip contains the aforementioned files. Please copy the path shown in the prompt and paste it into the box, then click Send. This will assist the author in adding the files for removal in future updates. Thanks!

Aslan9 · 2008/12/01

ComboFix 08-11-30.01 - HP_Administrator 2008-12-01 20:09:19.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.561 [GMT 13:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\bemark2.dat
c:\windows\che6.exe
c:\windows\f49f4daa.dat
c:\windows\system32\mfc45.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GKMIXERN
-------\Service_gkmixern

((((((((((((((((((((((((( Files Created from 2008-11-01 to 2008-12-01 )))))))))))))))))))))))))))))))
.

2008-12-01 15:01 . 2004-08-04 00:56 21,504 --a------ c:\windows\system32\hidserv.dll
2008-12-01 15:01 . 2004-08-04 00:56 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll
2008-12-01 15:01 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-12-01 15:01 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\dllcache\mouhid.sys
2008-12-01 15:01 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2008-12-01 15:01 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\dllcache\hidusb.sys
2008-12-01 12:13 . 2008-12-01 12:13 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Apple Computer
2008-12-01 12:11 . 2008-12-01 12:12 <DIR> d-------- c:\program files\QuickTime
2008-12-01 12:11 . 2008-12-01 12:11 <DIR> d-------- c:\program files\Common Files\Apple
2008-12-01 12:11 . 2008-12-01 12:11 <DIR> d-------- c:\program files\Apple Software Update
2008-12-01 12:11 . 2008-12-01 12:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-01 12:11 . 2008-12-01 12:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-11-30 18:23 . 2008-11-30 18:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\15DA
2008-11-30 18:13 . 2008-11-30 18:39 <DIR> d-------- c:\program files\Shareaza Applications
2008-11-30 18:13 . 2008-09-26 02:20 483,328 --a------ c:\windows\system32\actskn45.ocx
2008-11-30 17:50 . 2008-11-30 17:50 <DIR> d-------- c:\program files\ReflexiveArcade
2008-11-28 19:23 . 2008-11-28 19:23 <DIR> d-------- c:\program files\VS Revo Group
2008-11-28 16:59 . 2008-11-28 16:59 <DIR> d-------- c:\documents and settings\LocalService\Application Data\iolo
2008-11-28 16:29 . 2008-11-28 19:35 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-27 17:57 . 2008-11-27 17:57 <DIR> d--hs---- c:\documents and settings\HP_Administrator\UserData
2008-11-26 22:11 . 2008-11-26 22:11 5,632 --ahs---- c:\windows\Thumbs.db
2008-11-26 11:25 . 2008-11-26 11:27 <DIR> d--h----- c:\windows\msdownld.tmp
2008-11-26 11:25 . 2008-11-28 17:27 <DIR> d-------- c:\windows\Logs
2008-11-26 10:03 . 2006-05-11 18:36 11,648 --a------ c:\windows\system32\drivers\diag69xp.sys
2008-11-25 08:44 . 2008-01-11 12:29 27,264 -ra------ c:\windows\system32\drivers\rndismpk.sys
2008-11-25 08:44 . 2008-01-11 12:29 11,136 -ra------ c:\windows\system32\drivers\usb8023k.sys
2008-11-24 22:05 . 2008-11-24 22:06 <DIR> d-------- C:\rsit
2008-11-24 22:05 . 2008-11-27 22:34 <DIR> d-------- c:\program files\trend micro
2008-11-24 17:59 . 2008-11-24 17:59 0 --a------ c:\windows\nsreg.dat
2008-11-16 23:29 . 2008-05-02 23:46 54,988 --a------ c:\windows\system32\nvmob.chm
2008-11-16 23:28 . 2008-05-02 23:46 181,895 --a------ c:\windows\system32\nvdsp.chm
2008-11-16 23:28 . 2008-05-02 23:46 121,529 --a------ c:\windows\system32\nvcpl.chm
2008-11-16 23:28 . 2008-05-02 23:46 116,384 --a------ c:\windows\system32\nv3d.chm
2008-11-14 20:30 . 2008-11-14 20:30 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Systweak
2008-11-14 20:29 . 2008-11-15 13:29 <DIR> d-------- c:\program files\Advanced System Optimizer
2008-11-14 20:18 . 2008-11-14 20:21 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\scripting
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\en
2008-11-14 19:51 . 2008-11-14 21:03 <DIR> d-------- c:\windows\system32\bits
2008-11-14 19:51 . 2008-11-14 21:02 <DIR> d-------- c:\windows\l2schemas
2008-11-14 19:44 . 2007-08-10 20:46 33,656 --a------ c:\windows\system32\sprecovr.exe
2008-11-14 19:38 . 2008-08-14 22:58 2,136,064 --a------ c:\windows\system32\ntoskrnl.exe
2008-11-14 19:21 . 2008-10-04 06:41 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-14 19:21 . 2007-04-17 22:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-14 19:21 . 2007-03-08 18:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-14 19:21 . 2008-08-26 20:24 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-14 19:21 . 2008-08-26 20:24 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-14 19:21 . 2008-08-26 20:24 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-14 19:21 . 2008-08-26 20:24 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-14 19:21 . 2008-08-25 21:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-14 19:20 . 2008-08-26 20:24 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-14 18:25 . 2008-11-14 18:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-14 18:24 . 2008-11-14 18:24 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-14 18:13 . 2008-11-14 18:12 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-14 17:46 . 2008-11-14 19:27 <DIR> d-------- c:\windows\system32\Adobe
2008-11-14 14:14 . 2008-04-14 13:12 7,680 --a------ c:\windows\system32\spdwnwxp.exe
2008-11-14 13:49 . 2008-11-14 21:40 <DIR> d-------- c:\windows\system32\CatRoot_bak
2008-11-14 00:40 . 2008-11-14 00:40 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-14 00:35 . 2008-11-14 00:35 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-14 00:13 . 2008-11-30 18:37 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Shareaza
2008-11-13 21:09 . 2008-11-13 21:09 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\IMVUClient
2008-11-13 20:40 . 2008-11-13 20:40 <DIR> d-------- c:\program files\Microsoft Silverlight
2008-11-13 20:18 . 2006-03-21 16:23 23,040 --------- c:\windows\kb913800.exe
2008-11-13 20:09 . 2008-07-18 22:07 270,880 --a------ c:\windows\system32\mucltui.dll
2008-11-13 20:09 . 2008-07-18 22:07 210,976 --a------ c:\windows\system32\muweb.dll
2008-11-13 20:09 . 2008-07-18 22:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-07 07:56 . 2008-12-01 15:49 43,520 --a------ c:\windows\system32\CmdLineExt03.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 07:13 84,764 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-01 07:13 7,276,576 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-01 06:59 1,770,496 ----a-w c:\windows\Internet Logs\xDB5.tmp
2008-12-01 04:05 1,768,448 ----a-w c:\windows\Internet Logs\xDB4.tmp
2008-12-01 01:33 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\LimeWire
2008-12-01 00:49 1,765,888 ----a-w c:\windows\Internet Logs\xDB3.tmp
2008-11-30 22:40 1,750,528 ----a-w c:\windows\Internet Logs\xDB2.tmp
2008-11-30 10:26 1,769,472 ----a-w c:\windows\Internet Logs\xDB1.tmp
2008-11-28 06:27 --------- d-----w c:\program files\Sonic
2008-11-28 06:04 25,515,913 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-11-28 04:07 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\iolo
2008-11-28 03:59 --------- d-----w c:\documents and settings\All Users\Application Data\iolo
2008-11-25 21:57 --------- d-----w c:\program files\Oberon Media
2008-11-23 10:24 --------- d-----w c:\program files\PolderbitS
2008-11-16 09:46 --------- d-----w c:\program files\LimeWire
2008-11-14 23:42 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-14 08:14 61,440 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-11-14 08:14 45,056 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-11-14 08:14 44,032 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-11-14 08:14 40,960 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-11-14 08:14 341,048 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-11-14 08:14 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-11-14 08:14 32,768 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-11-14 08:14 217,088 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-11-14 08:14 163,840 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-11-14 05:25 --------- d-----w c:\program files\Lavasoft
2008-11-14 05:25 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Lavasoft
2008-11-14 05:12 --------- d-----w c:\program files\Java
2008-11-14 05:10 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-14 00:51 20,606,279 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2008_11_14_10_46_25_full.dmp.zip
2008-11-13 08:26 --------- d-----w c:\program files\Common Files\Adobe
2008-11-13 08:10 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\IMVU
2008-11-13 08:09 --------- d-----w c:\program files\IMVU
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-03-19 02:55 75,304 ----a-w c:\documents and settings\HP_Administrator\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot@2008-11-27_18.10.20.87 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 07:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2008-12-01 00:58:02 65,536 ----a-r c:\windows\Installer\{49FC50FC-F965-40D9-89B4-CBFF80941033}\ARPPRODUCTICON.exe
+ 2008-11-30 23:11:17 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2002-12-20 00:06:00 3,366,912 ----a-w c:\windows\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\moviemk.exe
+ 2008-11-28 04:07:36 1,731 ----a-w c:\windows\system32\config\Before Compact\restore.bat
+ 2008-11-28 04:07:36 1,731 ----a-w c:\windows\system32\config\SM Registry Backup\11-28-2008 17.05.52\restore.bat
- 2004-08-10 04:00:00 3,555,328 ----a-w c:\windows\system32\dllcache\moviemk.exe
+ 2002-12-20 00:06:00 3,366,912 ----a-w c:\windows\system32\dllcache\moviemk.exe
- 2004-08-10 04:00:00 1,392,671 ----a-w c:\windows\system32\msvbvm60.dll
+ 2004-02-23 08:42:40 1,386,496 ----a-w c:\windows\system32\msvbvm60.dll
+ 1996-01-12 05:00:00 24,576 ----a-w c:\windows\system32\STKIT432.DLL
+ 2008-12-01 07:14:40 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_520.dat
+ 2008-12-01 07:14:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_688.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-05 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"mRouterConfig "= "c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" [2006-03-02 290816]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"DMAScheduler "= "c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard "= "c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp "= "c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"avast! "= "c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-19 81000]
"NeroFilterCheck "= "c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"PC Suite for Smartphones "= "c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-05-28 528384]
"ZoneAlarm Client "= "c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"ftutil2 "= "ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"RTHDCPL "= "RTHDCPL.EXE" [2006-06-14 c:\windows\RTHDCPL.EXE]
"AlwaysReady Power Message APP "= "ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"nwiz "= "nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector "= "c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-06-01 27136]
PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-06-01 27136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-08-07 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Updates From HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2006-06-01 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe "=
"c:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe "=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-05-21 110160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-05-21 20560]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM);c:\windows\system32\DRIVERS\zebrceb.sys [2007-12-02 62984]
S2 COM+ Event System (EventSystem) ;COM+ Event System (EventSystem) ;c:\program files\tinyproxy\tinyproxy.exe []
S3 Diag69xp;Diag69xp;c:\windows\system32\Drivers\Diag69xp.sys [2008-11-26 11648]
S3 M1000Srv;Trek 320R Driver;c:\windows\system32\Drivers\M1000KNT.sys [2008-05-15 276926]
S3 zebrbus;Sony Ericsson Composite Device driver;c:\windows\system32\DRIVERS\zebrbus.sys [2007-12-02 83080]
S3 zebrmdfl;Sony Ericsson Modem Filter;c:\windows\system32\DRIVERS\zebrmdfl.sys [2007-12-02 15112]
S3 zebrmdm;Sony Ericsson Port (WDM);c:\windows\system32\DRIVERS\zebrmdm.sys [2007-12-02 108296]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM);c:\windows\system32\DRIVERS\zebrmdmc.sys [2007-12-02 108424]
S3 zebrsce;Sony Ericsson PC-Connect Port;c:\windows\system32\DRIVERS\zebrsce.sys [2007-12-02 90888]
.
Contents of the 'Scheduled Tasks' folder

2008-11-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -

BHO-{CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
Toolbar-{196C3A46-4758-433D-A600-802C804AF39C} - c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 20:14:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\arservice.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\rundll32.exe
c:\program files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
.
**************************************************************************
.
Completion time: 2008-12-01 20:18:47 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-01 07:18:41
ComboFix2.txt 2008-11-27 05:10:50

Pre-Run: 153,319,563,264 bytes free
Post-Run: 153,540,554,752 bytes free

264 --- E O F --- 2008-11-21 21:20:57

Aslan9 · 2008/12/01

Done, but no such box came up mentioning the zip file. Im a bit lost but what was this last step for? Did I still have some viruses on my PC? Thanks

Log in or Sign up

Inactive [InActive] bolivar27.exe ..I think it's a virus, I cant seem to remove it.

Aslan9 Inactive Thread Starter

Admin. Administrator Administrator Staff

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Share This Page

Log in or Sign up

Inactive [InActive] bolivar27.exe ..I think it's a virus, I cant seem to remove it.

Aslan9 Inactive Thread Starter

Admin. Administrator Administrator Staff

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

noahdfear Inactive

Aslan9 Inactive Thread Starter

Aslan9 Inactive Thread Starter

Share This Page

Useful Searches