Solved Win32:adware-gen[Adw] need help

SlipofMind · 2008/10/17

[Resolved] Win32:adware-gen[Adw] need help

My AV picked this up last night "Win32:adware-gen[Adw]" and I could use some help getting rid of it.

follows is my RSIT log file for the last 3 months.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-17 06:39:19
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
System drive C: has 138 GB (79%) free of 175 GB
Total RAM: 3069 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:39:20, on 10/17/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\WTMKM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\UltraTV\UltraTV.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [snueqsigbtp] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\ufzqrjroipzxhxhym.dll "
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4803 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender "=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
"snueqsigbtp "=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\sqkktefrst.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:11 ----A---- C:\rapport.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swxcacls.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swsc.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swreg.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 09:29:20 ----A---- C:\Windows\system32\ufzqrjroipzxhxhym.dll
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\â€”zÅ½Ã‹â€šµâ€šÃŒâ€™â€ â€šÃŒÆ’Å Æ’AÆ’â€¹
2008-10-04 20:19:56 ----A---- C:\Windows\jestertb.dll
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus
2008-09-19 22:37:52 ----A---- C:\Windows\ntbtlog.txt
2008-09-17 22:44:47 ----A---- C:\Windows\system32\wups2.dll
2008-09-17 22:44:47 ----A---- C:\Windows\system32\wuauclt.exe
2008-09-17 22:44:46 ----A---- C:\Windows\system32\wucltux.dll
2008-09-17 22:44:46 ----A---- C:\Windows\system32\wuaueng.dll
2008-09-17 22:44:34 ----A---- C:\Windows\system32\wups.dll
2008-09-17 22:44:34 ----A---- C:\Windows\system32\wudriver.dll
2008-09-17 22:44:34 ----A---- C:\Windows\system32\wuapi.dll
2008-09-17 22:44:30 ----A---- C:\Windows\system32\wuwebv.dll
2008-09-17 22:44:30 ----A---- C:\Windows\system32\wuapp.exe
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwss.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvsvc.exe
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvvitvs.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvudisp.exe
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvsr.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvs.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvsvc.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvoglv32.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmobls.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmctray.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccss.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccsrs.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvmccs.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvgames.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvdisps.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvd3dum.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcuda.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcpl.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcolor.exe
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodhins.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcodh.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod134.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvcod.dll
2008-09-17 09:55:00 ----A---- C:\Windows\system32\nvapi.dll
2008-09-14 21:26:00 ----D---- C:\Users\Slips\AppData\Roaming\DivX
2008-09-14 21:25:55 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-09-14 21:25:50 ----D---- C:\Program Files\DivX
2008-09-14 19:11:00 ----D---- C:\Users\Slips\AppData\Roaming\Turbine
2008-09-14 18:58:43 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-09-14 18:58:43 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-09-14 18:58:43 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-09-14 18:58:42 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-09-14 18:58:42 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-09-14 18:56:52 ----D---- C:\Windows\system32\URTTEMP
2008-09-10 19:38:44 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-10 19:38:41 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-10 19:38:40 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-10 19:38:40 ----A---- C:\Windows\system32\emdmgmt.dll
2008-09-10 19:38:39 ----A---- C:\Windows\system32\dataclen.dll
2008-09-10 19:38:39 ----A---- C:\Windows\system32\cdd.dll
2008-09-07 10:44:47 ----A---- C:\Windows\system32\msshooks.dll
2008-09-07 10:44:47 ----A---- C:\Windows\system32\msscb.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-09-07 10:44:45 ----A---- C:\Windows\system32\propsys.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\propdefs.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\msstrc.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\mssprxy.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\mssitlb.dll
2008-09-07 10:44:45 ----A---- C:\Windows\system32\msshsq.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\xmlfilter.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\wsepno.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\thawbrkr.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\srchadmin.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-09-07 10:44:44 ----A---- C:\Windows\system32\rtffilt.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\offfilt.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\nlhtml.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\msscntrs.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\mimefilt.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\korwbrkr.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\chtbrkr.dll
2008-09-07 10:44:44 ----A---- C:\Windows\system32\chsbrkr.dll
2008-09-07 10:44:43 ----A---- C:\Windows\system32\tquery.dll
2008-09-07 10:44:43 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-09-07 10:44:43 ----A---- C:\Windows\system32\mssvp.dll
2008-09-07 10:44:43 ----A---- C:\Windows\system32\mssrch.dll
2008-09-07 10:44:43 ----A---- C:\Windows\system32\mssphtb.dll
2008-09-07 10:44:43 ----A---- C:\Windows\system32\mssph.dll
2008-09-07 10:44:26 ----A---- C:\Windows\system32\rpcrt4.dll
2008-09-07 10:44:25 ----A---- C:\Windows\system32\pacerprf.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\wshext.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\wscript.exe
2008-09-07 10:44:24 ----A---- C:\Windows\system32\vbscript.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\scrrun.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\scrobj.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\jscript.dll
2008-09-07 10:44:24 ----A---- C:\Windows\system32\cscript.exe
2008-09-06 15:34:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-09-06 15:33:40 ----D---- C:\ProgramData\Adobe
2008-09-06 15:33:35 ----D---- C:\Program Files\Common Files\Adobe
2008-09-06 15:33:35 ----D---- C:\Program Files\Adobe
2008-09-06 13:29:39 ----D---- C:\PerfLogs
2008-09-06 13:15:55 ----A---- C:\Windows\system32\SLsvc.exe
2008-09-06 13:15:55 ----A---- C:\Windows\system32\onex.dll
2008-09-06 13:15:49 ----A---- C:\Windows\system32\PSHED.DLL
2008-09-06 13:15:48 ----A---- C:\Windows\system32\imagesp1.dll
2008-09-06 13:15:46 ----A---- C:\Windows\system32\dfsr.exe
2008-09-06 13:15:45 ----A---- C:\Windows\system32\sstpsvc.dll
2008-09-06 13:15:45 ----A---- C:\Windows\system32\pidgenx.dll
2008-09-06 13:15:44 ----A---- C:\Windows\system32\WsmSvc.dll
2008-09-06 13:15:44 ----A---- C:\Windows\system32\winrscmd.dll
2008-09-06 13:15:44 ----A---- C:\Windows\system32\mstscax.dll
2008-09-06 13:15:43 ----A---- C:\Windows\system32\VSSVC.exe
2008-09-06 13:15:43 ----A---- C:\Windows\system32\vssapi.dll
2008-09-06 13:15:43 ----A---- C:\Windows\system32\sysmain.dll
2008-09-06 13:15:43 ----A---- C:\Windows\system32\RMActivate.exe
2008-09-06 13:15:42 ----A---- C:\Windows\system32\secproc.dll
2008-09-06 13:15:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2008-09-06 13:15:42 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2008-09-06 13:15:42 ----A---- C:\Windows\system32\iesetup.dll
2008-09-06 13:15:39 ----A---- C:\Windows\system32\secproc_isv.dll
2008-09-06 13:15:36 ----A---- C:\Windows\system32\drmv2clt.dll
2008-09-06 13:15:35 ----A---- C:\Windows\system32\xpssvcs.dll
2008-09-06 13:15:35 ----A---- C:\Windows\system32\icardres.dll
2008-09-06 13:15:35 ----A---- C:\Windows\system32\icardagt.exe
2008-09-06 13:15:35 ----A---- C:\Windows\system32\blackbox.dll
2008-09-06 13:15:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2008-09-06 13:15:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2008-09-06 13:15:34 ----A---- C:\Windows\system32\RacEngn.dll
2008-09-06 13:15:34 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2008-09-06 13:15:33 ----A---- C:\Windows\system32\spwizimg.dll
2008-09-06 13:15:33 ----A---- C:\Windows\system32\rdpencom.dll
2008-09-06 13:15:33 ----A---- C:\Windows\system32\msxml6.dll
2008-09-06 13:15:33 ----A---- C:\Windows\system32\msxml3.dll
2008-09-06 13:15:33 ----A---- C:\Windows\system32\lpremove.exe
2008-09-06 13:15:33 ----A---- C:\Windows\bfsvc.exe
2008-09-06 13:15:32 ----A---- C:\Windows\system32\qmgr.dll
2008-09-06 13:15:32 ----A---- C:\Windows\system32\ntdll.dll
2008-09-06 13:15:32 ----A---- C:\Windows\system32\msjet40.dll
2008-09-06 13:15:32 ----A---- C:\Windows\system32\lsasrv.dll
2008-09-06 13:15:32 ----A---- C:\Windows\system32\localspl.dll
2008-09-06 13:15:31 ----A---- C:\Windows\system32\wevtsvc.dll
2008-09-06 13:15:31 ----A---- C:\Windows\system32\wcncsvc.dll
2008-09-06 13:15:31 ----A---- C:\Windows\system32\TsWpfWrp.exe
2008-09-06 13:15:31 ----A---- C:\Windows\system32\recdisc.exe
2008-09-06 13:15:31 ----A---- C:\Windows\system32\mscoree.dll
2008-09-06 13:15:31 ----A---- C:\Windows\system32\kernel32.dll
2008-09-06 13:15:31 ----A---- C:\Windows\system32\IKEEXT.DLL
2008-09-06 13:15:30 ----A---- C:\Windows\system32\wmp.dll
2008-09-06 13:15:30 ----A---- C:\Windows\system32\vds.exe
2008-09-06 13:15:30 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2008-09-06 13:15:29 ----A---- C:\Windows\system32\wcnwiz.dll
2008-09-06 13:15:29 ----A---- C:\Windows\system32\SMBHelperClass.dll
2008-09-06 13:15:29 ----A---- C:\Windows\system32\msvbvm60.dll
2008-09-06 13:15:29 ----A---- C:\Windows\system32\mstsc.exe
2008-09-06 13:15:29 ----A---- C:\Windows\system32\mf.dll
2008-09-06 13:15:28 ----A---- C:\Windows\system32\termsrv.dll
2008-09-06 13:15:28 ----A---- C:\Windows\system32\msdtctm.dll
2008-09-06 13:15:28 ----A---- C:\Windows\system32\mmcndmgr.dll
2008-09-06 13:15:28 ----A---- C:\Windows\system32\kerberos.dll
2008-09-06 13:15:28 ----A---- C:\Windows\system32\IMJP10K.DLL
2008-09-06 13:15:28 ----A---- C:\Windows\system32\advapi32.dll
2008-09-06 13:15:27 ----A---- C:\Windows\system32\xolehlp.dll
2008-09-06 13:15:27 ----A---- C:\Windows\system32\Query.dll
2008-09-06 13:15:27 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2008-09-06 13:15:27 ----A---- C:\Windows\system32\msdtcprx.dll
2008-09-06 13:15:27 ----A---- C:\Windows\system32\MPSSVC.dll
2008-09-06 13:15:27 ----A---- C:\Windows\system32\CertEnroll.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\SSShim.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\ole32.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\nlmgp.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\netlogon.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\msvcrt.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2008-09-06 13:15:26 ----A---- C:\Windows\system32\DfsShlEx.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\wer.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\vdsdyn.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\user32.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\shlwapi.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\sdclt.exe
2008-09-06 13:15:25 ----A---- C:\Windows\system32\schedsvc.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2008-09-06 13:15:25 ----A---- C:\Windows\system32\milcore.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\IasMigPlugin.dll
2008-09-06 13:15:25 ----A---- C:\Windows\system32\clusapi.dll
2008-09-06 13:15:24 ----A---- C:\Windows\system32\WSDApi.dll
2008-09-06 13:15:24 ----A---- C:\Windows\system32\winrsmgr.dll
2008-09-06 13:15:24 ----A---- C:\Windows\system32\QAGENTRT.DLL
2008-09-06 13:15:24 ----A---- C:\Windows\system32\mtxclu.dll
2008-09-06 13:15:24 ----A---- C:\Windows\system32\mmc.exe
2008-09-06 13:15:24 ----A---- C:\Windows\system32\diagperf.dll
2008-09-06 13:15:24 ----A---- C:\Windows\system32\d3d9.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\vdsbas.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\swprv.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\SLC.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\MSVidCtl.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\msi.dll
2008-09-06 13:15:23 ----A---- C:\Windows\system32\comctl32.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\XPSSHHDR.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\wecutil.exe
2008-09-06 13:15:22 ----A---- C:\Windows\system32\sdengin2.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\sbe.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\samsrv.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\msdtckrm.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\mfc42u.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\gpsvc.dll
2008-09-06 13:15:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2008-09-06 13:15:22 ----A---- C:\Windows\system32\esent.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\usp10.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\mfc42.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\gacinstall.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\crypt32.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\comsvcs.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\cmipnpinstall.dll
2008-09-06 13:15:21 ----A---- C:\Windows\system32\cmicryptinstall.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\wmdrmsdk.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\sqlceqp30.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\setupapi.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\oleaut32.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\mswsock.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\lsm.exe
2008-09-06 13:15:20 ----A---- C:\Windows\system32\FirewallAPI.dll
2008-09-06 13:15:20 ----A---- C:\Windows\system32\certutil.exe
2008-09-06 13:15:20 ----A---- C:\Windows\system32\bcrypt.dll
2008-09-06 13:15:20 ----A---- C:\Windows\explorer.exe
2008-09-06 13:15:19 ----A---- C:\Windows\system32\wmpmde.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\wecsvc.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\thumbcache.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\sdohlp.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\schannel.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\riched20.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\p2psvc.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\netapi32.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\msv1_0.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\mcmde.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\eapp3hst.dll
2008-09-06 13:15:19 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\WinSAT.exe
2008-09-06 13:15:18 ----A---- C:\Windows\system32\wevtapi.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\vdsutil.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\imapi2fs.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\dmvdsitf.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\d3d10_1core.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\d3d10_1.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\comuid.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\comdlg32.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\browseui.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\autofmt.exe
2008-09-06 13:15:18 ----A---- C:\Windows\system32\autoconv.exe
2008-09-06 13:15:18 ----A---- C:\Windows\system32\autochk.exe
2008-09-06 13:15:18 ----A---- C:\Windows\system32\authui.dll
2008-09-06 13:15:18 ----A---- C:\Windows\system32\authfwcfg.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\WSDMon.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\wevtfwd.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\untfs.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\uexfat.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\sqlcese30.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\rasmans.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\pcaui.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\mscories.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\iassam.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\eapphost.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\eappcfg.dll
2008-09-06 13:15:17 ----A---- C:\Windows\system32\DfrgNtfs.exe
2008-09-06 13:15:16 ----A---- C:\Windows\system32\wlansvc.dll
2008-09-06 13:15:16 ----A---- C:\Windows\system32\whealogr.dll
2008-09-06 13:15:16 ----A---- C:\Windows\system32\dot3svc.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\zipfldr.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\WsmAuto.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\winhttp.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\rpcss.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\rdpwsx.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\rasppp.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\nlasvc.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\mssha.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\msdrm.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\evr.dll
2008-09-06 13:15:15 ----A---- C:\Windows\system32\dfrgui.exe
2008-09-06 13:15:15 ----A---- C:\Windows\system32\BFE.DLL
2008-09-06 13:15:14 ----A---- C:\Windows\system32\WsmWmiPl.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-09-06 13:15:14 ----A---- C:\Windows\system32\wmdrmdev.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\win32spl.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\WebClnt.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\rastls.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\printui.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\ncrypt.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\msrepl40.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\ddraw.dll
2008-09-06 13:15:14 ----A---- C:\Windows\system32\audiosrv.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\wmdrmnet.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\WerFaultSecure.exe
2008-09-06 13:15:13 ----A---- C:\Windows\system32\w32time.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\themecpl.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\sqlsrv32.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\QAGENT.DLL
2008-09-06 13:15:13 ----A---- C:\Windows\system32\PresentationHost.exe
2008-09-06 13:15:13 ----A---- C:\Windows\system32\objsel.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\ncryptui.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\icm32.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\iasnap.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\dbghelp.dll
2008-09-06 13:15:13 ----A---- C:\Windows\system32\azroles.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\wlangpui.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\winsrv.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\taskschd.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\spoolss.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\scksp.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\mstlsapi.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\msctf.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\iprtrmgr.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\infocardapi.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\bcdedit.exe
2008-09-06 13:15:12 ----A---- C:\Windows\system32\basecsp.dll
2008-09-06 13:15:12 ----A---- C:\Windows\system32\AudioEng.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\winsta.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\winlogon.exe
2008-09-06 13:15:11 ----A---- C:\Windows\system32\taskcomp.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\rsaenh.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\netprofm.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\netcfgx.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\lpksetup.exe
2008-09-06 13:15:11 ----A---- C:\Windows\system32\dbgeng.dll
2008-09-06 13:15:11 ----A---- C:\Windows\system32\cdosys.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\wlansec.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\wercon.exe
2008-09-06 13:15:10 ----A---- C:\Windows\system32\tsgqec.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\sqmapi.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\msdtcuiu.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\mprddm.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\iasrad.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\eapsvc.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\dfshim.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\certcli.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\AUDIOKSE.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\apds.dll
2008-09-06 13:15:10 ----A---- C:\Windows\system32\aaclient.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\Wldap32.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\uDWM.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\shdocvw.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\msidcrl30.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\dnsapi.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\certmgr.dll
2008-09-06 13:15:09 ----A---- C:\Windows\system32\bcdsrv.dll
2008-09-06 13:15:08 ----A---- C:\Windows\system32\WMVDECOD.DLL
2008-09-06 13:15:08 ----A---- C:\Windows\system32\wmicmiplugin.dll
2008-09-06 13:15:08 ----A---- C:\Windows\system32\pla.dll
2008-09-06 13:15:08 ----A---- C:\Windows\system32\netshell.dll
2008-09-06 13:15:08 ----A---- C:\Windows\system32\dxgi.dll
2008-09-06 13:15:08 ----A---- C:\Windows\system32\dot3gpui.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\wscsvc.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\winmm.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\synceng.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\shsvcs.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\services.exe
2008-09-06 13:15:07 ----A---- C:\Windows\system32\pnidui.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\ntprint.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\MMDevAPI.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\cryptnet.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\comsnap.dll
2008-09-06 13:15:07 ----A---- C:\Windows\system32\cmifw.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\wscisvif.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\WMVSDECD.DLL
2008-09-06 13:15:06 ----A---- C:\Windows\system32\wersvc.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\uxtheme.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\tdh.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\taskeng.exe
2008-09-06 13:15:06 ----A---- C:\Windows\system32\SessEnv.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\rasapi32.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\msjtes40.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\msconfig.exe
2008-09-06 13:15:06 ----A---- C:\Windows\system32\imapi2.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\iassdo.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\dot3api.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\dmdskmgr.dll
2008-09-06 13:15:06 ----A---- C:\Windows\system32\cipher.exe
2008-09-06 13:15:05 ----A---- C:\Windows\system32\wkssvc.dll
2008-09-06 13:15:05 ----A---- C:\Windows\system32\wevtutil.exe
2008-09-06 13:15:05 ----A---- C:\Windows\system32\srvsvc.dll
2008-09-06 13:15:05 ----A---- C:\Windows\system32\qdvd.dll
2008-09-06 13:15:05 ----A---- C:\Windows\system32\msscp.dll
2008-09-06 13:15:05 ----A---- C:\Windows\system32\cmd.exe
2008-09-06 13:15:05 ----A---- C:\Windows\system32\cbsra.exe
2008-09-06 13:15:05 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\WUDFx.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\wlanmsm.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\wlancfg.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\wlanapi.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\WinSATAPI.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\rpchttp.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\rdpdd.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\mshtmled.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\localsec.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\loadperf.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\hnetcfg.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\fontext.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\dsound.dll
2008-09-06 13:15:04 ----A---- C:\Windows\system32\diskpart.exe
2008-09-06 13:15:04 ----A---- C:\Windows\system32\comres.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\wsqmcons.exe
2008-09-06 13:15:03 ----A---- C:\Windows\system32\wsecedit.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\WMADMOD.DLL
2008-09-06 13:15:03 ----A---- C:\Windows\system32\wlanpref.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\tracerpt.exe
2008-09-06 13:15:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\SLCommDlg.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\RDPENCDD.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\profprov.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\NAPMONTR.DLL
2008-09-06 13:15:03 ----A---- C:\Windows\system32\MuiUnattend.exe
2008-09-06 13:15:03 ----A---- C:\Windows\system32\filemgmt.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\dhcpcsvc.dll
2008-09-06 13:15:03 ----A---- C:\Windows\system32\avifil32.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2008-09-06 13:15:02 ----A---- C:\Windows\system32\wininit.exe
2008-09-06 13:15:02 ----A---- C:\Windows\system32\spp.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\rasdlg.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\QSHVHOST.DLL
2008-09-06 13:15:02 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\P2PGraph.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\mscorier.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\mcbuilder.exe
2008-09-06 13:15:02 ----A---- C:\Windows\system32\iassvcs.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\iashost.exe
2008-09-06 13:15:02 ----A---- C:\Windows\system32\gpresult.exe
2008-09-06 13:15:02 ----A---- C:\Windows\system32\dwmredir.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\dwm.exe
2008-09-06 13:15:02 ----A---- C:\Windows\system32\azroleui.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2008-09-06 13:15:02 ----A---- C:\Windows\system32\apphelp.dll
2008-09-06 13:15:02 ----A---- C:\Windows\HelpPane.exe
2008-09-06 13:15:01 ----A---- C:\Windows\system32\wecapi.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\unbcl.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\tcpmon.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\srrstr.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\spwizeng.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\SLUI.exe
2008-09-06 13:15:01 ----A---- C:\Windows\system32\shrink.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\rasmontr.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\msra.exe
2008-09-06 13:15:01 ----A---- C:\Windows\system32\lltdsvc.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2008-09-06 13:15:01 ----A---- C:\Windows\system32\gpedit.dll
2008-09-06 13:15:01 ----A---- C:\Windows\system32\brcpl.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\WMPEncEn.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\regsvc.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\raschap.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\oleacc.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\ntvdm.exe
2008-09-06 13:15:00 ----A---- C:\Windows\system32\msdri.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\iashlpr.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\framedynos.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\fdWSD.dll
2008-09-06 13:15:00 ----A---- C:\Windows\system32\advpack.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\wpdshext.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\wdc.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\vsstrace.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\ntlanman.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\ipsmsnap.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\iedkcs32.dll
2008-09-06 13:14:59 ----A---- C:\Windows\system32\Faultrep.dll
2008-09-06 13:14:58 ----A---- C:\Windows\system32\Storprop.dll
2008-09-06 13:14:58 ----A---- C:\Windows\system32\NetProjW.dll
2008-09-06 13:14:58 ----A---- C:\Windows\system32\l2nacp.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\WsmProv.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\WlanMM.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\wlanhlp.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\WLanConn.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\sxs.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\profsvc.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\netman.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\KMSVC.DLL
2008-09-06 13:14:56 ----A---- C:\Windows\system32\IPBusEnum.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\ieapfltr.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\framedyn.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\dssenh.dll
2008-09-06 13:14:56 ----A---- C:\Windows\system32\certreq.exe
2008-09-06 13:14:56 ----A---- C:\Windows\system32\adsnt.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\wusa.exe
2008-09-06 13:14:55 ----A---- C:\Windows\system32\WUDFHost.exe
2008-09-06 13:14:55 ----A---- C:\Windows\system32\WerFault.exe
2008-09-06 13:14:55 ----A---- C:\Windows\system32\VAN.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\userenv.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\umb.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\puiobj.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\netid.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\ncsi.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\ie4uinit.exe
2008-09-06 13:14:55 ----A---- C:\Windows\system32\fundisc.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\cryptui.dll
2008-09-06 13:14:55 ----A---- C:\Windows\system32\catsrvut.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\ws2_32.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\WinSCard.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\spbcd.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\photowiz.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\netcenter.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\msinfo32.exe
2008-09-06 13:14:54 ----A---- C:\Windows\system32\MdSched.exe
2008-09-06 13:14:54 ----A---- C:\Windows\system32\ipsecsnp.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\InkEd.dll
2008-09-06 13:14:54 ----A---- C:\Windows\system32\dps.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\winrs.exe
2008-09-06 13:14:53 ----A---- C:\Windows\system32\secur32.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\schtasks.exe
2008-09-06 13:14:53 ----A---- C:\Windows\system32\RelMon.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\prnntfy.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\odbcjt32.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\ntdsapi.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\NAPSTAT.EXE
2008-09-06 13:14:53 ----A---- C:\Windows\system32\msfeeds.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\mblctr.exe
2008-09-06 13:14:53 ----A---- C:\Windows\system32\iasacct.dll
2008-09-06 13:14:53 ----A---- C:\Windows\system32\cryptsvc.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\wvc.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\winrm.vbs
2008-09-06 13:14:52 ----A---- C:\Windows\system32\TSpkg.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\qwave.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\pdh.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\netdiagfx.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2008-09-06 13:14:52 ----A---- C:\Windows\system32\fdWCN.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\dot3msm.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\dmdlgs.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\dhcpsapi.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\dfrgfat.exe
2008-09-06 13:14:52 ----A---- C:\Windows\system32\catsrv.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\AudioSes.dll
2008-09-06 13:14:52 ----A---- C:\Windows\system32\activeds.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\wow32.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\shsetup.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\rastapi.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\ntshrui.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\netcorehc.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\NAPHLPR.DLL
2008-09-06 13:14:51 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2008-09-06 13:14:51 ----A---- C:\Windows\system32\msacm32.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\ifmon.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\els.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\dot3cfg.dll
2008-09-06 13:14:51 ----A---- C:\Windows\system32\adsldp.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\wscntfy.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\wlanui.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\stobject.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\sdrsvc.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\QUTIL.DLL
2008-09-06 13:14:50 ----A---- C:\Windows\system32\net1.exe
2008-09-06 13:14:50 ----A---- C:\Windows\system32\msdt.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\ipnathlp.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\iasrecst.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\iasdatastore.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\fdSSDP.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\dsprop.dll
2008-09-06 13:14:50 ----A---- C:\Windows\system32\clbcatq.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\wlgpclnt.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\upnphost.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\systemcpl.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\smss.exe
2008-09-06 13:14:49 ----A---- C:\Windows\system32\rasman.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\rascfg.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32

SlipofMind · 2008/10/17

2008-09-06 13:14:49 ----A---- C:\Windows\system32\rascfg.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\PresentationSettings.exe
2008-09-06 13:14:49 ----A---- C:\Windows\system32\P2P.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\nci.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\msftedit.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2008-09-06 13:14:49 ----A---- C:\Windows\system32\mprmsg.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\loghours.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\fde.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\Defrag.exe
2008-09-06 13:14:49 ----A---- C:\Windows\system32\CompatUI.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\adsldpc.dll
2008-09-06 13:14:49 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\Wpc.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\wdigest.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\t2embed.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\setupcl.exe
2008-09-06 13:14:48 ----A---- C:\Windows\system32\oleprn.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\msutb.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\mprdim.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\MigAutoPlay.exe
2008-09-06 13:14:48 ----A---- C:\Windows\system32\L2SecHC.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\gpapi.dll
2008-09-06 13:14:48 ----A---- C:\Windows\system32\dxdiag.exe
2008-09-06 13:14:48 ----A---- C:\Windows\system32\DFDWiz.exe
2008-09-06 13:14:48 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\wiaservc.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\scansetting.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\rtm.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2008-09-06 13:14:47 ----A---- C:\Windows\system32\msihnd.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\devmgr.dll
2008-09-06 13:14:47 ----A---- C:\Windows\system32\CertEnrollUI.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\wscapi.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\wlandlg.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\WinFXDocObj.exe
2008-09-06 13:14:46 ----A---- C:\Windows\system32\wdi.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\vssadmin.exe
2008-09-06 13:14:46 ----A---- C:\Windows\system32\uudf.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\usbmon.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\SyncCenter.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\spoolsv.exe
2008-09-06 13:14:46 ----A---- C:\Windows\system32\regapi.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\mycomput.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\mswmdm.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\msls31.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\kdusb.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\imagehlp.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\ifsutil.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\dimsroam.dll
2008-09-06 13:14:46 ----A---- C:\Windows\system32\BOOTVID.DLL
2008-09-06 13:14:46 ----A---- C:\Windows\system32\audiodg.exe
2008-09-06 13:14:46 ----A---- C:\Windows\system32\actxprxy.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\sud.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\scecli.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\SCardSvr.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\samlib.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\puiapi.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\newdev.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\mstask.dll
2008-09-06 13:14:45 ----A---- C:\Windows\system32\mspaint.exe
2008-09-06 13:14:45 ----A---- C:\Windows\system32\kdcom.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\wisptis.exe
2008-09-06 13:14:44 ----A---- C:\Windows\system32\termmgr.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\tapisrv.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\ssdpsrv.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\SLUINotify.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\Robocopy.exe
2008-09-06 13:14:44 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\mtxoci.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\input.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\inetpp.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\iasads.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\duser.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\cscapi.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\cic.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\AzSqlExt.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\authz.dll
2008-09-06 13:14:44 ----A---- C:\Windows\system32\adtschema.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\WUDFPlatform.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\wpcsvc.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\webcheck.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\verifier.exe
2008-09-06 13:14:43 ----A---- C:\Windows\system32\themeui.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\slcinst.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\sdshext.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\netiohlp.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\msdtclog.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\msdt.exe
2008-09-06 13:14:43 ----A---- C:\Windows\system32\d3d8.dll
2008-09-06 13:14:43 ----A---- C:\Windows\system32\cmdial32.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\wpd_ci.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\wpccpl.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\WMPhoto.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\wintrust.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\vdsldr.exe
2008-09-06 13:14:42 ----A---- C:\Windows\system32\SnippingTool.exe
2008-09-06 13:14:42 ----A---- C:\Windows\system32\SndVol.exe
2008-09-06 13:14:42 ----A---- C:\Windows\system32\rasqec.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\rasgcw.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\pnpsetup.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\oledlg.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\ntmarta.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\nslookup.exe
2008-09-06 13:14:42 ----A---- C:\Windows\system32\ncobjapi.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\msrd3x40.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\msaatext.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\mpr.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\mmcbase.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\mlang.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\icfupgd.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\icardie.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\dxtmsft.dll
2008-09-06 13:14:42 ----A---- C:\Windows\system32\diskraid.exe
2008-09-06 13:14:42 ----A---- C:\Windows\system32\clfsw32.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\wtsapi32.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\Utilman.exe
2008-09-06 13:14:41 ----A---- C:\Windows\system32\unlodctr.exe
2008-09-06 13:14:41 ----A---- C:\Windows\system32\ulib.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\trkwks.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\syssetup.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\slmgr.vbs
2008-09-06 13:14:41 ----A---- C:\Windows\system32\sethc.exe
2008-09-06 13:14:41 ----A---- C:\Windows\system32\pnpui.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\oobefldr.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\mscms.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\Mcx2Svc.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\lodctr.exe
2008-09-06 13:14:41 ----A---- C:\Windows\system32\iaspolcy.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\fontsub.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\extmgr.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\dxdiagn.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\cabinet.dll
2008-09-06 13:14:41 ----A---- C:\Windows\system32\accessibilitycpl.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2008-09-06 13:14:40 ----A---- C:\Windows\system32\wpcao.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\wermgr.exe
2008-09-06 13:14:40 ----A---- C:\Windows\system32\unattend.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\scesrv.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\ogldrv.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\occache.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\msnetobj.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\lnkstub.exe
2008-09-06 13:14:40 ----A---- C:\Windows\system32\iepeers.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\eappgnui.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\dfdts.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\cabview.dll
2008-09-06 13:14:40 ----A---- C:\Windows\system32\bthci.dll
2008-09-06 13:14:39 ----A---- C:\Windows\system32\p2pcollab.dll
2008-09-06 13:14:39 ----A---- C:\Windows\system32\mmcss.dll
2008-09-06 13:14:39 ----A---- C:\Windows\system32\ieaksie.dll
2008-09-06 13:14:39 ----A---- C:\Windows\system32\dsquery.dll
2008-09-06 13:14:39 ----A---- C:\Windows\system32\drvinst.exe
2008-09-06 13:14:39 ----A---- C:\Windows\system32\dispdiag.exe
2008-09-06 13:14:39 ----A---- C:\Windows\system32\DHCPQEC.DLL
2008-09-06 13:14:39 ----A---- C:\Windows\system32\basesrv.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\WPDSp.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\WMVENCOD.DLL
2008-09-06 13:14:38 ----A---- C:\Windows\system32\wercplsupport.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\verifier.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\secproc_ssp.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\RstrtMgr.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\qedit.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\mprapi.dll
2008-09-06 13:14:38 ----A---- C:\Windows\system32\efsadu.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\xwizards.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\xactsrv.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\wiascanprofiles.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\wiaaut.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\usercpl.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\systeminfo.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\setupugc.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\resutils.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2008-09-06 13:14:37 ----A---- C:\Windows\system32\pnrpnsp.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\PNPXAssoc.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\pngfilt.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\pcadm.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\p2pnetsh.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\networkmap.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\netcfg.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\msrdc.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\msrating.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\msoeacct.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\msdmo.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\mfplat.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\lsass.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\lpk.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\iscsiexe.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\icacls.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\findstr.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\eappprxy.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\DWWIN.EXE
2008-09-06 13:14:37 ----A---- C:\Windows\system32\dssec.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\drmmgrtn.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\dpapimig.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\dot3ui.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\dfrgifc.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\d3d10core.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\consent.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\conime.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\cmdl32.exe
2008-09-06 13:14:37 ----A---- C:\Windows\system32\autoplay.dll
2008-09-06 13:14:37 ----A---- C:\Windows\system32\alg.exe
2008-09-06 13:14:36 ----A---- C:\Windows\system32\txflog.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\tbssvc.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\taskkill.exe
2008-09-06 13:14:36 ----A---- C:\Windows\system32\RASMM.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\powercpl.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\odbc32.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\nshhttp.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\netprof.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\msieftp.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2008-09-06 13:14:36 ----A---- C:\Windows\system32\imm32.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\iexpress.exe
2008-09-06 13:14:36 ----A---- C:\Windows\system32\feclient.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\dxva2.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\dwmapi.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\dbnetlib.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\d3d10.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\btpanui.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\bcdprov.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\apircl.dll
2008-09-06 13:14:36 ----A---- C:\Windows\system32\ActionQueue.dll
2008-09-06 13:14:36 ----A---- C:\Windows\regedit.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\xcopy.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\WMASF.DLL
2008-09-06 13:14:35 ----A---- C:\Windows\system32\uxsms.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\taskmgr.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\syncui.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\svchost.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\slwmi.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\SLCExt.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\slcc.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\shwebsvc.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\raserver.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\provthrd.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\PnPUnattend.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\olepro32.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\networkexplorer.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\ias.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\EAPQEC.DLL
2008-09-06 13:14:35 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-09-06 13:14:35 ----A---- C:\Windows\system32\dmocx.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\connect.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\brcplsdw.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\audiodev.dll
2008-09-06 13:14:35 ----A---- C:\Windows\system32\aclui.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\WUDFSvc.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\WMVXENCD.DLL
2008-09-06 13:14:34 ----A---- C:\Windows\system32\wmpsrcwp.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\wmpdxm.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\wlanext.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\upnp.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\UIHub.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\SysFxUI.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\SoundRecorder.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\SecEdit.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\rekeywiz.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\reg.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\QCLIPROV.DLL
2008-09-06 13:14:34 ----A---- C:\Windows\system32\qcap.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\qasf.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\PING.EXE
2008-09-06 13:14:34 ----A---- C:\Windows\system32\perfts.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\netplwiz.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\NapiNSP.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\mtstocom.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\msoert2.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\msjetoledb40.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\mscandui.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\mountvol.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\mmcshext.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\inetmib1.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\ieakeng.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\icsfiltr.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\httpapi.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\dsuiext.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\dskquoui.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\dmusic.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\cmstp.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\cewmdm.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\certprop.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\browser.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\bitsadmin.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\auditpol.exe
2008-09-06 13:14:34 ----A---- C:\Windows\system32\atl.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\appinfo.dll
2008-09-06 13:14:34 ----A---- C:\Windows\system32\adsmsext.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\xwtpw32.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\wzcdlg.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\wscmisetup.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\wpdwcn.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\WMVSENCD.DLL
2008-09-06 13:14:33 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2008-09-06 13:14:33 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\winrshost.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\wiashext.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\wiadefui.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\userinit.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\tasklist.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\sxstrace.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\sppnp.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\shimgvw.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\shacct.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\Sens.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\seclogon.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\sbeio.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\rrinstaller.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\prntvpt.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\printcom.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\perfmon.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\p2phost.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\notepad.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\ndfapi.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\napipsec.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\msorcl32.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\msdadiag.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\MP4SDECD.DLL
2008-09-06 13:14:33 ----A---- C:\Windows\system32\makecab.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\lsmproxy.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\ktmutil.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\keymgr.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\ftp.exe
2008-09-06 13:14:33 ----A---- C:\Windows\system32\fmifs.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\dxtrans.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\dot3gpclnt.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\d3dim700.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\csrsrv.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\colorui.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\batt.dll
2008-09-06 13:14:33 ----A---- C:\Windows\system32\apss.dll
2008-09-06 13:14:33 ----A---- C:\Windows\notepad.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\wscproxystub.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\wpdbusenum.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\wmiprop.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\WMADMOE.DLL
2008-09-06 13:14:32 ----A---- C:\Windows\system32\WLanHC.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\winethc.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\wiaacmgr.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\wextract.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\version.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\UIAutomationCore.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\txfw32.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\TMM.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\takeown.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\shrpubw.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\shgina.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\sfc_os.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\sendmail.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\runonce.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\rshx32.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\RpcPing.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2008-09-06 13:14:32 ----A---- C:\Windows\system32\rasplap.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\powrprof.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\pots.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\PnPutil.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\perfnet.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\pcasvc.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\olecli32.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\nsisvc.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\nshipsec.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\netiougc.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\msimtf.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\msiexec.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\mfps.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\mfpmp.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\luainstall.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\logagent.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\ktmw32.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\inseng.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\imapi.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\fsutil.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\findnetprinters.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\fdPHost.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\driverquery.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\dnshc.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\d3dim.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\cryptdll.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\compstui.dll
2008-09-06 13:14:32 ----A---- C:\Windows\system32\cmmon32.exe
2008-09-06 13:14:32 ----A---- C:\Windows\system32\capisp.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\wmpshell.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\w32tm.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\unregmp2.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\UI0Detect.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\tscupgrd.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\sfc.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\sdchange.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\pnpts.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\net.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\msvfw32.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\MPG4DECD.DLL
2008-09-06 13:14:31 ----A---- C:\Windows\system32\MP43DECD.DLL
2008-09-06 13:14:31 ----A---- C:\Windows\system32\migisol.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\mdminst.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\ipconfig.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\imgutil.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\getmac.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\fdeploy.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\dsauth.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\dispci.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\dinput8.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\dimsjob.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\diantz.exe
2008-09-06 13:14:31 ----A---- C:\Windows\system32\credui.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\comrepl.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\cmutil.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\cmlua.dll
2008-09-06 13:14:31 ----A---- C:\Windows\system32\ACW.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\wsnmp32.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\wmvdspa.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\wmidx.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\vds_ps.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\vdmredir.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\utildll.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\TSTheme.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\TpmInit.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\sti_ci.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\softkbd.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\remotepg.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\rdrleakdiag.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\pdhui.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\nlaapi.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\modemui.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\McxDriv.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\iernonce.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\hlink.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\fwcfg.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\ExplorerFrame.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\expand.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\esentutl.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\EncDump.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\colbact.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\cmcfg32.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\cfgbkend.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\bridgeunattend.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\bootcfg.exe
2008-09-06 13:14:29 ----A---- C:\Windows\system32\amstream.dll
2008-09-06 13:14:29 ----A---- C:\Windows\system32\admparse.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\xmlprovi.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\WsmCl.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\wpnpinst.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\wmpcm.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\wfapigp.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\werdiagcontroller.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\wavemsp.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\waitfor.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\ufat.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\ucsvc.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\tabcal.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\sxproxy.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\SLLUA.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\shutdown.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\rgb9rast.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\RegCtrl.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\rasauto.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\qdv.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\prevhost.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\osblprov.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\olethk32.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\olesvr32.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\odbctrac.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\odbccp32.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\networkitemfactory.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\mstext40.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\mshta.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\msdtc.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\msctfui.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\mobsync.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\mfvdsp.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\logman.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\licmgr10.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\itss.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\iscsiwmi.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\iscsium.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\dpnet.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\DpiScaling.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\dmsynth.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\csrstub.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\convert.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\COLORCNV.DLL
2008-09-06 13:14:28 ----A---- C:\Windows\system32\cacls.exe
2008-09-06 13:14:28 ----A---- C:\Windows\system32\bitsigd.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\AuthFWGP.dll
2008-09-06 13:14:28 ----A---- C:\Windows\system32\at.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\wsock32.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\wpclsp.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\WINSRPC.DLL
2008-09-06 13:14:27 ----A---- C:\Windows\system32\winnsi.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\wiarpc.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\WavDest.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\vss_ps.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\VIDRESZR.DLL
2008-09-06 13:14:27 ----A---- C:\Windows\system32\vfwwdm32.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\usbui.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\upnpcont.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\unattendedjoin.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\tbs.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\syskey.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\srwmi.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\setupcln.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\ROUTE.EXE
2008-09-06 13:14:27 ----A---- C:\Windows\system32\regini.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\rasphone.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\rasdiag.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\RacAgent.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\procinst.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\odbccu32.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\odbccr32.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\odbcbcp.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\ocsetup.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\nsi.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\netevent.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\netbtugc.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\ndfetw.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\nbtstat.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\napdsnap.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\mydocs.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\mtxlegih.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\mtxdm.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\msident.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\msexcl40.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\msdart.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\MP3DMOD.DLL
2008-09-06 13:14:27 ----A---- C:\Windows\system32\mfcsubs.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\l2gpstore.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\iscsied.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\GuidedHelp.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\graftabl.com
2008-09-06 13:14:27 ----A---- C:\Windows\system32\gpupdate.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\fphc.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\extrac32.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\eventcls.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\dskquota.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\dsdmo.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\dot3dlg.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\dmime.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\devenum.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\d3dxof.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\csrss.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\cscdll.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\cmstplua.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\cmpbk32.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\avrt.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\atmfd.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\AtBroker.exe
2008-09-06 13:14:27 ----A---- C:\Windows\system32\apilogen.dll
2008-09-06 13:14:27 ----A---- C:\Windows\system32\amxread.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\WsmRes.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2008-09-06 13:14:26 ----A---- C:\Windows\system32\wship6.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\wshcon.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\WlanMmHC.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\wiadss.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\usbperf.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\tcpmon.ini
2008-09-06 13:14:26 ----A---- C:\Windows\system32\TabbtnEx.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\Tabbtn.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\sxsstore.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\spopk.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\slwga.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\setupSNK.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\serialui.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\sbunattend.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\psbase.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\PlaySndSrv.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\OptionalFeatures.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\Netplwiz.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\NcdProp.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\msxbde40.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\msvidc32.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\mspbde40.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\msltus40.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\localui.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\lltdapi.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\inetppui.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\icsunattend.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\icaapi.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\dmutil.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\dmscript.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\dmloader.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\credssp.dll
2008-09-06 13:14:26 ----A---- C:\Windows\system32\ComputerDefaults.exe
2008-09-06 13:14:26 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2008-09-06 13:14:26 ----A---- C:\Windows\fveupdate.exe
2008-09-06 13:14:25 ----A---- C:\Windows\system32\vdmdbg.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\url.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\sdspres.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\rasctrs.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\osbaseln.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\odbcconf.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\nlsbres.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\msobjs.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\msmmsp.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\msisip.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\msfeedssync.exe
2008-09-06 13:14:25 ----A---- C:\Windows\system32\midimap.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\LogonUI.exe
2008-09-06 13:14:25 ----A---- C:\Windows\system32\iprtprio.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2008-09-06 13:14:25 ----A---- C:\Windows\system32\ieencode.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\hnetmon.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\hbaapi.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\esentprf.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\corpol.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\cofiredm.dll
2008-09-06 13:14:25 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\wmploc.DLL
2008-09-06 13:14:24 ----A---- C:\Windows\system32\winusb.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\vga256.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\tsddd.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\spwmp.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\riched32.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\rdpcfgex.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\Nlsdl.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\msidle.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\KBDKOR.DLL
2008-09-06 13:14:24 ----A---- C:\Windows\system32\KBDJPN.DLL
2008-09-06 13:14:24 ----A---- C:\Windows\system32\iscsilog.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\idndl.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\framebuf.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\dxmasf.dll
2008-09-06 13:14:24 ----A---- C:\Windows\system32\dispex.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\vga64k.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\vga.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\spwizres.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2008-09-06 13:14:23 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2008-09-06 13:14:23 ----A---- C:\Windows\system32\fsmgmt.msc
2008-09-06 13:14:23 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\dmdskres2.dll
2008-09-06 13:14:23 ----A---- C:\Windows\system32\bootstr.dll
2008-09-06 13:14:22 ----A---- C:\Windows\system32\vsp1cln.exe
2008-09-06 13:14:22 ----A---- C:\Windows\system32\perfmon.msc
2008-09-06 13:14:05 ----A---- C:\Windows\system32\xmllite.dll
2008-09-06 13:14:05 ----A---- C:\Windows\system32\wbemcomn.dll
2008-09-06 13:14:02 ----A---- C:\Windows\system32\SmiInstaller.dll
2008-09-06 13:14:02 ----A---- C:\Windows\system32\SmiEngine.dll
2008-09-06 13:13:59 ----A---- C:\Windows\system32\wdscore.dll
2008-09-06 13:13:59 ----A---- C:\Windows\system32\PkgMgr.exe
2008-09-06 13:13:49 ----A---- C:\Windows\system32\mspatcha.dll
2008-09-06 13:13:49 ----A---- C:\Windows\system32\msdelta.dll
2008-09-06 13:13:49 ----A---- C:\Windows\system32\drvstore.dll
2008-09-06 13:13:49 ----A---- C:\Windows\system32\dpx.dll
2008-09-05 17:45:47 ----D---- C:\Windows\Panther
2008-09-05 17:45:32 ----RAS---- C:\BOOTSECT.BAK
2008-09-05 17:45:31 ----SHD---- C:\Boot
2008-09-05 17:45:11 ----D---- C:\Windows\system32\OEM
2008-09-05 16:56:49 ----D---- C:\Program Files\Common Files\TV
2008-09-05 16:56:43 ----D---- C:\Program Files\UltraTV
2008-09-05 16:56:43 ----D---- C:\Program Files\InterVideo
2008-09-05 16:47:55 ----D---- C:\Windows\SoftwareDistribution
2008-09-05 16:47:06 ----D---- C:\Windows\Debug
2008-09-05 16:46:17 ----D---- C:\Windows\Prefetch
2008-09-05 16:46:12 ----SHD---- C:\System Volume Information
2008-09-05 16:29:21 ----D---- C:\Users\Slips\AppData\Roaming\WinRAR
2008-09-05 16:29:10 ----D---- C:\Program Files\WinRAR
2008-09-05 16:16:50 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-05 16:16:24 ----A---- C:\Windows\RomeTW.ini
2008-09-05 15:36:03 ----D---- C:\Program Files\Common Files\xing shared
2008-09-05 15:35:58 ----A---- C:\Windows\system32\rmoc3260.dll
2008-09-05 15:35:56 ----A---- C:\Windows\system32\pndx5032.dll
2008-09-05 15:35:56 ----A---- C:\Windows\system32\pndx5016.dll
2008-09-05 15:35:56 ----A---- C:\Windows\system32\pncrt.dll
2008-09-05 15:35:55 ----D---- C:\Users\Slips\AppData\Roaming\Real
2008-09-05 15:35:55 ----D---- C:\Program Files\Real
2008-09-05 15:35:55 ----D---- C:\Program Files\Common Files\Real
2008-09-05 15:34:02 ----A---- C:\Windows\unvise32.exe
2008-09-05 15:17:18 ----A---- C:\Windows\system32\msonpmon.dll
2008-09-05 15:17:05 ----D---- C:\Program Files\Microsoft Works
2008-09-05 15:16:58 ----D---- C:\Program Files\Common Files\DESIGNER
2008-09-05 15:16:50 ----D---- C:\Windows\PCHEALTH
2008-09-05 15:16:50 ----D---- C:\Program Files\Microsoft.NET
2008-09-05 15:15:28 ----D---- C:\ProgramData\Microsoft Help
2008-09-05 15:15:28 ----D---- C:\Program Files\Microsoft Office
2008-09-05 15:15:26 ----SHD---- C:\Windows\Installer
2008-09-05 15:15:10 ----RHD---- C:\MSOCache
2008-09-05 15:08:51 ----A---- C:\Windows\system32\es.dll
2008-09-05 14:58:45 ----A---- C:\Windows\system32\winipsec.dll
2008-09-05 14:58:45 ----A---- C:\Windows\system32\polstore.dll
2008-09-05 14:58:45 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-09-05 14:58:45 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-09-05 14:54:56 ----A---- C:\Windows\system32\shell32.dll
2008-09-05 14:53:21 ----A---- C:\Windows\system32\tzres.dll
2008-09-05 14:49:19 ----A---- C:\Windows\system32\hcrstco.dll
2008-09-05 14:49:19 ----A---- C:\Windows\system32\hccoin.dll
2008-09-05 14:47:45 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-09-05 14:47:45 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-09-05 14:47:44 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-09-05 14:47:44 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-09-05 14:47:44 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-09-05 14:47:44 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-09-05 14:47:44 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-09-05 14:47:43 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-09-05 14:47:43 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-09-05 14:47:43 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-09-05 14:47:42 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-09-05 14:47:42 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-09-05 14:47:42 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-09-05 14:47:42 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-09-05 14:47:41 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-09-05 14:47:41 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-09-05 14:47:41 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-09-05 14:47:41 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-09-05 14:47:40 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-09-05 14:47:40 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-09-05 14:47:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-09-05 14:47:40 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-09-05 14:47:40 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-09-05 14:47:39 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-09-05 14:47:39 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-09-05 14:47:39 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-09-05 14:47:39 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-09-05 14:47:38 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-09-05 14:47:38 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-09-05 14:47:38 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-09-05 14:47:37 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-09-05 14:47:37 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-09-05 14:47:37 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-09-05 14:47:37 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-09-05 14:47:36 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-09-05 14:47:36 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-09-05 14:47:36 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-09-05 14:47:36 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-09-05 14:47:35 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-09-05 14:47:35 ----A---- C:\Windows\system32\NlsData0049.dll
2008-09-05 14:47:35 ----A---- C:\Windows\system32\NlsData0047.dll
2008-09-05 14:47:35 ----A---- C:\Windows\system32\NlsData0046.dll
2008-09-05 14:47:35 ----A---- C:\Windows\system32\NlsData0045.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0039.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0026.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0024.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0022.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0021.dll
2008-09-05 14:47:34 ----A---- C:\Windows\system32\NlsData0020.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0027.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0018.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0013.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0011.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0010.dll
2008-09-05 14:47:33 ----A---- C:\Windows\system32\NlsData0000.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0019.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0009.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0007.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0003.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0002.dll
2008-09-05 14:47:32 ----A---- C:\Windows\system32\NlsData0001.dll
2008-09-05 14:47:31 ----A---- C:\Windows\system32\NlsData004e.dll
2008-09-05 14:47:31 ----A---- C:\Windows\system32\NlsData004c.dll
2008-09-05 14:47:31 ----A---- C:\Windows\system32\NlsData004b.dll
2008-09-05 14:47:31 ----A---- C:\Windows\system32\NlsData004a.dll
2008-09-05 14:47:30 ----A---- C:\Windows\system32\NlsData003e.dll
2008-09-05 14:47:30 ----A---- C:\Windows\system32\NlsData002a.dll
2008-09-05 14:47:30 ----A---- C:\Windows\system32\NlsData001d.dll
2008-09-05 14:47:30 ----A---- C:\Windows\system32\NlsData001b.dll
2008-09-05 14:47:30 ----A---- C:\Windows\system32\NlsData001a.dll
2008-09-05 14:47:29 ----A---- C:\Windows\system32\NlsData0414.dll
2008-09-05 14:47:29 ----A---- C:\Windows\system32\NlsData000f.dll
2008-09-05 14:47:29 ----A---- C:\Windows\system32\NlsData000d.dll
2008-09-05 14:47:29 ----A---- C:\Windows\system32\NlsData000c.dll
2008-09-05 14:47:29 ----A---- C:\Windows\system32\NlsData000a.dll
2008-09-05 14:47:28 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-09-05 14:47:28 ----A---- C:\Windows\system32\NlsData081a.dll
2008-09-05 14:47:28 ----A---- C:\Windows\system32\NlsData0816.dll
2008-09-05 14:47:28 ----A---- C:\Windows\system32\NlsData0416.dll
2008-09-05 14:47:28 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-09-05 14:47:27 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-09-05 14:46:23 ----A---- C:\Windows\system32\ieui.dll
2008-09-05 14:45:24 ----A---- C:\Windows\system32\kbd106n.dll
2008-09-05 14:45:22 ----A---- C:\Windows\system32\winresume.exe
2008-09-05 14:45:22 ----A---- C:\Windows\system32\winload.exe
2008-09-05 14:45:22 ----A---- C:\Windows\system32\srdelayed.exe
2008-09-05 14:45:22 ----A---- C:\Windows\system32\srcore.dll
2008-09-05 14:45:22 ----A---- C:\Windows\system32\srclient.dll
2008-09-05 14:45:22 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-09-05 14:45:22 ----A---- C:\Windows\system32\rstrui.exe
2008-09-05 14:45:22 ----A---- C:\Windows\system32\kd1394.dll
2008-09-05 14:45:21 ----A---- C:\Windows\system32\ci.dll
2008-09-05 14:44:05 ----A---- C:\Windows\system32\gdi32.dll
2008-09-05 14:42:41 ----A---- C:\Windows\system32\wshrm.dll
2008-09-05 14:42:13 ----A---- C:\Windows\system32\gameux.dll
2008-09-05 14:41:50 ----A---- C:\Windows\system32\INETRES.dll
2008-09-05 14:41:50 ----A---- C:\Windows\system32\inetcomm.dll
2008-09-05 14:41:41 ----A---- C:\Windows\system32\quartz.dll
2008-09-05 14:38:36 ----D---- C:\Windows\Minidump
2008-09-05 14:10:18 ----A---- C:\Windows\system32\msvcr71.dll
2008-09-05 14:10:18 ----A---- C:\Windows\system32\msvcp71.dll
2008-09-05 14:10:18 ----A---- C:\Windows\system32\mfc71.dll
2008-09-05 14:10:18 ----A---- C:\Windows\system32\aswBoot.exe
2008-09-05 14:10:16 ----D---- C:\Program Files\Alwil Software
2008-09-05 14:06:29 ----D---- C:\Users\Slips\AppData\Roaming\Mozilla
2008-09-05 14:06:22 ----D---- C:\Program Files\Mozilla Firefox
2008-09-05 14:03:58 ----D---- C:\ProgramData\NVIDIA
2008-09-05 14:02:16 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-05 14:02:14 ----D---- C:\NVIDIA
2008-09-05 14:01:02 ----D---- C:\Users\Slips\AppData\Roaming\Macromedia
2008-09-05 14:01:02 ----D---- C:\Users\Slips\AppData\Roaming\Adobe
2008-09-05 14:01:01 ----D---- C:\Windows\system32\Macromed
2008-09-05 14:00:42 ----D---- C:\Program Files\SystemRequirementsLab
2008-09-05 13:57:20 ----D---- C:\Users\Slips\AppData\Roaming\Identities
2008-09-05 13:57:16 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-09-05 13:57:16 ----D---- C:\Users\Slips\AppData\Roaming\Media Center Programs
2008-09-04 09:31:16 ----A---- C:\Windows\system32\PhysXCplUI.exe
2008-08-29 08:57:16 ----A---- C:\Windows\system32\PhysXLoader.dll
2008-08-05 18:02:16 ----A---- C:\Windows\system32\DivXsm.exe
2008-08-05 18:02:12 ----A---- C:\Windows\system32\qt-dx331.dll
2008-08-05 18:00:00 ----A---- C:\Windows\system32\ssldivx.dll
2008-08-05 18:00:00 ----A---- C:\Windows\system32\libdivx.dll
2008-08-05 17:59:04 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-08-05 17:59:04 ----A---- C:\Windows\system32\dtu100.dll
2008-08-05 17:59:04 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-08-05 17:59:04 ----A---- C:\Windows\system32\dpl100.dll
2008-08-05 17:59:02 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-08-05 17:59:00 ----A---- C:\Windows\system32\dpv11.dll
2008-08-05 17:59:00 ----A---- C:\Windows\system32\dpus11.dll
2008-08-05 17:59:00 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-08-05 17:59:00 ----A---- C:\Windows\system32\dpu11.dll
2008-08-05 17:59:00 ----A---- C:\Windows\system32\dpu10.dll
2008-08-05 17:58:58 ----A---- C:\Windows\system32\divx_xx11.dll
2008-08-05 17:58:58 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-08-05 17:58:58 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-08-05 17:58:58 ----A---- C:\Windows\system32\divx_xx07.dll
2008-08-05 17:58:56 ----A---- C:\Windows\system32\DivX.dll
2008-08-05 17:58:32 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-08-05 17:58:14 ----A---- C:\Windows\system32\DivXWMPExtType.dll

SlipofMind · 2008/10/17

=====List of files/folders modified in the last 3 months======

2008-10-17 06:39:15 ----D---- C:\Windows\Temp
2008-10-17 06:36:28 ----D---- C:\Windows\System32
2008-10-17 06:36:00 ----D---- C:\Windows
2008-10-17 06:35:24 ----RD---- C:\Program Files
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 04:24:50 ----D---- C:\Windows\inf
2008-10-17 04:24:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:17:09 ----HD---- C:\ProgramData
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:52:33 ----D---- C:\Windows\system32\drivers
2008-10-16 02:43:05 ----D---- C:\Windows\system32\config
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs
2008-09-18 15:25:33 ----D---- C:\Windows\system32\en-US
2008-09-14 18:58:12 ----D---- C:\Windows\Registration
2008-09-14 18:57:54 ----D---- C:\Program Files\Internet Explorer
2008-09-10 19:40:13 ----D---- C:\Windows\AppPatch
2008-09-08 11:58:18 ----D---- C:\Windows\system32\NDF
2008-09-07 10:45:32 ----D---- C:\Windows\PolicyDefinitions
2008-09-06 13:34:22 ----ASH---- C:\Program Files\desktop.ini
2008-09-06 13:30:08 ----D---- C:\Program Files\Windows Calendar
2008-09-06 13:30:07 ----D---- C:\Windows\servicing
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Sidebar
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Photo Gallery
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Media Player
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Journal
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Defender
2008-09-06 13:30:07 ----D---- C:\Program Files\Windows Collaboration
2008-09-06 13:30:07 ----D---- C:\Program Files\Movie Maker
2008-09-06 13:30:07 ----D---- C:\Program Files\Common Files\System
2008-09-06 13:30:04 ----D---- C:\Windows\MSAgent
2008-09-06 13:30:04 ----D---- C:\Windows\IME
2008-09-06 13:30:04 ----D---- C:\Windows\DigitalLocker
2008-09-06 13:30:03 ----D---- C:\Windows\system32\XPSViewer
2008-09-06 13:30:03 ----D---- C:\Windows\system32\ko-KR
2008-09-06 13:30:03 ----D---- C:\Windows\system32\da-DK
2008-09-06 13:30:03 ----D---- C:\Windows\system32\com
2008-09-06 13:30:03 ----D---- C:\Windows\L2Schemas
2008-09-06 13:30:02 ----D---- C:\Windows\system32\sysprep
2008-09-06 13:30:02 ----D---- C:\Windows\system32\oobe
2008-09-06 13:30:02 ----D---- C:\Windows\system32\it-IT
2008-09-06 13:30:02 ----D---- C:\Windows\system32\el-GR
2008-09-06 13:30:02 ----D---- C:\Windows\system32\de-DE
2008-09-06 13:30:01 ----D---- C:\Windows\system32\sv-SE
2008-09-06 13:30:01 ----D---- C:\Windows\system32\SLUI
2008-09-06 13:30:01 ----D---- C:\Windows\system32\setup
2008-09-06 13:30:01 ----D---- C:\Windows\system32\ru-RU
2008-09-06 13:30:01 ----D---- C:\Windows\system32\pt-PT
2008-09-06 13:30:01 ----D---- C:\Windows\system32\ias
2008-09-06 13:30:01 ----D---- C:\Windows\system32\hu-HU
2008-09-06 13:30:01 ----D---- C:\Windows\system32\he-IL
2008-09-06 13:30:01 ----D---- C:\Windows\system32\fr-FR
2008-09-06 13:30:01 ----D---- C:\Windows\system32\fi-FI
2008-09-06 13:30:01 ----D---- C:\Windows\system32\cs-CZ
2008-09-06 13:30:01 ----D---- C:\Windows\system32\AdvancedInstallers
2008-09-06 13:29:59 ----D---- C:\Windows\system32\zh-TW
2008-09-06 13:29:59 ----D---- C:\Windows\system32\zh-CN
2008-09-06 13:29:59 ----D---- C:\Windows\system32\tr-TR
2008-09-06 13:29:59 ----D---- C:\Windows\system32\ro-RO
2008-09-06 13:29:59 ----D---- C:\Windows\system32\pl-PL
2008-09-06 13:29:59 ----D---- C:\Windows\system32\manifeststore
2008-09-06 13:29:59 ----D---- C:\Windows\system32\ja-JP
2008-09-06 13:29:59 ----D---- C:\Windows\system32\es-ES
2008-09-06 13:29:59 ----D---- C:\Windows\system32\en
2008-09-06 13:29:58 ----D---- C:\Windows\system32\wbem
2008-09-06 13:29:58 ----D---- C:\Windows\system32\nl-NL
2008-09-06 13:29:58 ----D---- C:\Windows\system32\nb-NO
2008-09-06 13:29:58 ----D---- C:\Windows\system32\ar-SA
2008-09-06 13:29:57 ----D---- C:\Windows\system32\pt-BR
2008-09-06 13:29:57 ----D---- C:\Windows\system32\migwiz
2008-09-06 13:29:39 ----D---- C:\Windows\system32\Boot
2008-09-06 13:29:39 ----D---- C:\Windows\Boot
2008-09-06 13:21:20 ----A---- C:\Windows\system32\ifxcardm.dll
2008-09-06 13:21:19 ----A---- C:\Windows\system32\axaltocm.dll
2008-09-05 15:15:52 ----D---- C:\Windows\ShellNew
2008-09-05 15:01:46 ----D---- C:\Windows\system32\ras
2008-09-05 15:01:46 ----D---- C:\Windows\system32\icsxml
2008-09-05 14:02:37 ----D---- C:\Windows\Help
2008-09-05 14:02:25 ----D---- C:\Windows\system32\restore
2008-09-05 13:57:29 ----SHD---- C:\$Recycle.Bin
2008-09-05 13:57:16 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 awj2ymy9;awj2ymy9; C:\Windows\system32\drivers\awj2ymy9.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Geri · 2008/10/18

Hi SlipofMind
Welcome to WindowsBBS

Lets see if Malwarebytes AntiMalware will get rid of this for you.

Download Malwarebytes' Anti-Malware (MBAM) from here or here and save the file to your desktop.

Double click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select 'Perform Quick Scan', then click Scan.

The scan may take some time to finish,so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note below)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Post the entire report in your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Please post the MBAM log and a new log.txt from RSIT.

Thanks
Geri

SlipofMind · 2008/10/18

Thank you...

I would like to thank this web site and its moderators (Geri) for their quick responds to my problem. I have followed instructions above, and I am now posting the log files you requested. Now I did a Full scan instead of a quick one (force of habit), after the full scan was done and I removed (4) bad files I did a second quick scan. Both log files posted followed by a new RSIT log. I am now running a 3rd scan, but things are looking good. Again thank you for your help.

Malwarebytes' Anti-Malware 1.29
Database version: 1286
Windows 6.0.6001 Service Pack 1

10/18/2008 14:45:11
mbam-log-2008-10-18 (14-44-59).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 205808
Time elapsed: 58 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.29
Database version: 1286
Windows 6.0.6001 Service Pack 1

10/18/2008 15:02:56
mbam-log-2008-10-18 (15-02-56).txt

Scan type: Quick Scan
Objects scanned: 41545
Time elapsed: 1 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

SlipofMind · 2008/10/18

Here is the new RSIT log, I only did the last month instead of three to help with the size. If you need the full 3 months, just let me know and I will post it.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-18 15:06:22
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 117 GB (67%) free of 175 GB
Total RAM: 3069 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:24, on 10/18/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\taskeng.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [snueqsigbtp] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\ufzqrjroipzxhxhym.dll "
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4828 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender "=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
"snueqsigbtp "=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-18 13:46:06 ----D---- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\ProgramData\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\sqkktefrst.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:11 ----A---- C:\rapport.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swxcacls.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swsc.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\swreg.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 09:29:20 ----A---- C:\Windows\system32\ufzqrjroipzxhxhym.dll
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹
2008-10-04 20:19:56 ----A---- C:\Windows\jestertb.dll
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus
2008-09-19 22:37:52 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 months======

2008-10-18 15:06:24 ----D---- C:\Windows\Temp
2008-10-18 14:59:28 ----D---- C:\Windows\Prefetch
2008-10-18 14:54:29 ----D---- C:\Windows\System32
2008-10-18 14:54:29 ----D---- C:\Windows\inf
2008-10-18 14:54:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-18 13:46:05 ----D---- C:\Windows\system32\drivers
2008-10-18 13:46:02 ----RD---- C:\Program Files
2008-10-18 13:46:02 ----HD---- C:\ProgramData
2008-10-18 08:50:59 ----SHD---- C:\System Volume Information
2008-10-17 06:36:00 ----D---- C:\Windows
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:59:03 ----D---- C:\Program Files\Mozilla Firefox
2008-10-16 15:20:44 ----SHD---- C:\Windows\Installer
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:43:05 ----D---- C:\Windows\system32\config
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 19:01:51 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 18:13:56 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 08:42:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 04:27:51 ----D---- C:\Windows\Minidump
2008-09-29 12:30:55 ----D---- C:\ProgramData\NVIDIA
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 aw5elf9u;aw5elf9u; C:\Windows\system32\drivers\aw5elf9u.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

SlipofMind · 2008/10/18

A quick question while I have this case open... I run the default windows firewall. Is there a better (free) firewall I should be running?

Geri · 2008/10/18

Hi
OK still seeing some bad files. Please do this.

Download ComboFix by sUBs from here, saving the file to your desktop.

Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

Close all open programs and windows

Double click combofix.exe and follow the prompts.

It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log and a new HijackThis log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Thanks
Geri

SlipofMind · 2008/10/19

Ok Geri ran that program as you asked. I ran it twice and then did a restart, after the restart my AV found this "Sign of "Win32:Adload-LN [Trj]" has been found in "C:\Windows\System32\ufzqrjroipzxhxhym.dll" file ". So I ran the program a third time and did a restart. No AV alert after restart. Following are the three log files from that program (in order they were ran).

SlipofMind · 2008/10/19

Geri I tried to post the log files and I am getting this error.

SlipofMind · 2008/10/19

Geri tried to post the log files and I get this message

You have included 28 images in your message. You are limited to using 8 images so please go back and correct the problem and then continue again.

Images include use of smilies, the BB code tag and HTML <img> tags. The use of these is all subject to them being enabled by the administrator.

is there any way to attach my log files to my post?

or do you just want another RSIT log file?

SlipofMind · 2008/10/19

RSIT log File...

Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-19 11:08:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 122 GB (70%) free of 175 GB
Total RAM: 3069 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:22, on 10/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\calc.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4427 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-19 09:20:19 ----D---- C:\Windows\temp
2008-10-19 09:20:19 ----A---- C:\ComboFix.txt
2008-10-19 09:15:05 ----D---- C:\ComboFix
2008-10-19 08:57:09 ----A---- C:\Windows\zip.exe
2008-10-19 08:57:09 ----A---- C:\Windows\VFIND.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWXCACLS.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWSC.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWREG.exe
2008-10-19 08:57:09 ----A---- C:\Windows\sed.exe
2008-10-19 08:57:09 ----A---- C:\Windows\NIRCMD.exe
2008-10-19 08:57:09 ----A---- C:\Windows\grep.exe
2008-10-19 08:57:09 ----A---- C:\Windows\fdsv.exe
2008-10-19 08:57:06 ----D---- C:\Windows\ERDNT
2008-10-19 08:57:06 ----D---- C:\Qoobox
2008-10-18 13:46:06 ----D---- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\ProgramData\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\sqkktefrst.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:11 ----A---- C:\rapport.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus

======List of files/folders modified in the last 1 months======

2008-10-19 11:08:22 ----D---- C:\Windows\Prefetch
2008-10-19 09:26:13 ----D---- C:\Windows\System32
2008-10-19 09:26:13 ----D---- C:\Windows\inf
2008-10-19 09:26:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-19 09:20:19 ----D---- C:\Windows
2008-10-19 09:19:13 ----A---- C:\Windows\system.ini
2008-10-19 09:16:19 ----D---- C:\Windows\system32\drivers
2008-10-19 09:16:19 ----D---- C:\Windows\AppPatch
2008-10-19 09:16:19 ----D---- C:\Program Files\Common Files
2008-10-19 09:15:04 ----D---- C:\Windows\system32\en-US
2008-10-19 08:57:26 ----SHD---- C:\System Volume Information
2008-10-18 13:46:02 ----RD---- C:\Program Files
2008-10-18 13:46:02 ----HD---- C:\ProgramData
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:37:24 ----A---- C:\Windows\ntbtlog.txt
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:59:03 ----D---- C:\Program Files\Mozilla Firefox
2008-10-16 15:20:44 ----SHD---- C:\Windows\Installer
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:43:05 ----D---- C:\Windows\system32\config
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 19:01:51 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 18:13:56 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 08:42:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 04:27:51 ----D---- C:\Windows\Minidump
2008-09-29 12:30:55 ----D---- C:\ProgramData\NVIDIA
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 a3eemjfu;a3eemjfu; C:\Windows\system32\drivers\a3eemjfu.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Geri · 2008/10/19

Hi
Could you post just the first run log from combofix that you received,

I run the default windows firewall. Is there a better (free) firewall I should be running?
Click to expand...

Yes. I will give you some recommendations a little later.

Thanks

SlipofMind · 2008/10/19

I tried to Geri when I copy and paste it I get this message:

You have included 28 images in your message. You are limited to using 8 images so please go back and correct the problem and then continue again.

Images include use of smilies, the BB code tag and HTML <img> tags. The use of these is all subject to them being enabled by the administrator.

is there a way to attach the file to the post?

SlipofMind · 2008/10/19

ComboFix 08-10-18.03 - Slips 2008-10-19 8:57:42.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1711 [GMT -4:00]
Running from: C:\Users\Slips\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\jestertb.dll

.
((((((((((((((((((((((((( Files Created from 2008-09-19 to 2008-10-19 )))))))))))))))))))))))))))))))
.

2010-10-25 17:02 . 2008-09-05 16:56 3,881 --a------ C:\Windows\AVerTV.ini
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-10-18 13:46 . 2008-10-18 14:45 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-18 13:46 . 2008-10-16 20:25 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-18 13:46 . 2008-10-16 20:25 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-17 06:36 . 2008-10-17 06:36 74 --a------ C:\Windows\Wininit.INI
2008-10-17 06:31 . 2008-10-17 06:31 <DIR> d-------- C:\rsit
2008-10-17 06:20 . 2008-10-18 15:06 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-17 04:07 . 2008-10-17 04:08 <DIR> d-------- C:\Users\Slips\.housecall6.6
2008-10-17 02:11 . 2008-10-17 02:11 690,969 --a------ C:\Windows\unins000.exe
2008-10-17 02:11 . 2008-10-17 02:11 5,233 --a------ C:\Windows\unins000.dat
2008-10-17 01:59 . 2008-10-17 01:59 102,190 --a------ C:\Windows\System32\cont_adzgalore-remove.exe
2008-10-17 01:59 . 2008-10-17 01:59 79,083 --a------ C:\Windows\System32\sqkktefrst.exe
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\Users\All Users\Math Mechanixs
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\ProgramData\Math Mechanixs
2008-10-17 01:16 . 2008-10-17 01:16 <DIR> d-------- C:\Program Files\Math Mechanixs
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14 . 2008-10-16 15:14 <DIR> d-------- C:\Program Files\Comodo
2008-10-16 15:14 . 2008-07-14 05:09 212,728 --a------ C:\Windows\CMDLIC.DLL
2008-10-16 15:14 . 2008-07-14 05:09 205,560 --a------ C:\Windows\UNBOC.EXE
2008-10-16 15:14 . 2008-01-19 03:37 15,360 --a------ C:\Windows\System32\wsock32.dlb
2008-10-16 09:29 . 2008-10-16 09:29 171,520 --a------ C:\Windows\System32\ufzqrjroipzxhxhym.dll
2008-10-16 03:18 . 2008-10-16 03:18 <DIR> d-------- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18 . 2008-10-16 03:18 <DIR> d-------- C:\Program Files\VideoLAN
2008-10-16 02:52 . 2008-10-16 02:52 2,015 -r-h----- C:\Windows\System32\drivers\hosts
2008-10-16 02:45 . 2008-10-16 02:50 <DIR> d-a------ C:\Users\All Users\TEMP
2008-10-16 02:45 . 2008-10-16 02:50 <DIR> d-a------ C:\ProgramData\TEMP
2008-10-16 02:08 . 2008-10-16 02:08 355,584 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-10-16 02:08 . 2008-05-29 09:28 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-10-16 02:08 . 2008-05-29 09:28 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-10-16 02:07 . 2008-10-16 02:07 <DIR> d-------- C:\Users\All Users\TuneUp Software
2008-10-16 02:07 . 2008-10-16 02:07 <DIR> d-------- C:\ProgramData\TuneUp Software
2008-10-16 02:07 . 2008-10-16 02:08 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31 . 2008-10-16 01:31 <DIR> d-------- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48 . 2008-10-14 18:48 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 09:12 . 2008-10-14 09:12 <DIR> d-------- C:\Users\All Users\AppData
2008-10-14 09:12 . 2008-10-14 09:12 <DIR> d-------- C:\ProgramData\AppData
2008-10-14 08:45 . 2008-10-14 08:45 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42 . 2008-10-14 08:42 <DIR> d-------- C:\Users\All Users\InstallShield
2008-10-14 08:42 . 2008-10-14 08:42 <DIR> d-------- C:\ProgramData\InstallShield
2008-10-14 08:40 . 2008-10-14 08:41 <DIR> d-------- C:\Users\All Users\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:41 <DIR> d-------- C:\ProgramData\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:40 <DIR> d-------- C:\Program Files\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:40 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40 . 1999-10-15 12:50 1,056,768 --------- C:\Windows\System32\ROBOEX32.DLL
2008-10-14 08:40 . 2006-07-22 19:37 49,152 --------- C:\Windows\System32\INETWH32.dll
2008-10-14 08:37 . 2008-10-17 15:35 <DIR> d-------- C:\Users\All Users\Tablet
2008-10-14 08:37 . 2008-10-17 15:35 <DIR> d-------- C:\ProgramData\Tablet
2008-10-14 08:32 . 2008-10-14 08:32 <DIR> d-------- C:\Program Files\Autodesk
2008-10-14 08:31 . 2008-10-14 08:45 <DIR> d-------- C:\Users\All Users\Autodesk
2008-10-14 08:31 . 2008-10-14 08:45 <DIR> d-------- C:\ProgramData\Autodesk
2008-10-14 08:31 . 2008-10-14 08:32 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21 . 2008-10-14 07:56 <DIR> d-------- C:\Users\All Users\SITEguard
2008-10-14 07:21 . 2008-10-14 07:56 <DIR> d-------- C:\ProgramData\SITEguard
2008-10-14 07:20 . 2008-10-14 08:06 <DIR> d-------- C:\Users\All Users\STOPzilla!
2008-10-14 07:20 . 2008-10-14 08:06 <DIR> d-------- C:\ProgramData\STOPzilla!
2008-10-14 07:20 . 2008-10-14 07:20 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-10-11 23:22 . 2008-10-11 23:22 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07 . 2008-10-10 16:07 <DIR> d-------- C:\Users\All Users\WLInstaller
2008-10-10 16:07 . 2008-10-10 16:07 <DIR> d-------- C:\ProgramData\WLInstaller
2008-10-10 16:07 . 2008-10-10 16:08 <DIR> d-------- C:\Program Files\Windows Live
2008-10-10 16:07 . 2008-10-10 16:08 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 15:07 . 2008-10-10 15:07 <DIR> d-------- C:\Users\All Users\GRAW2
2008-10-10 15:07 . 2008-10-10 15:07 <DIR> d-------- C:\ProgramData\GRAW2
2008-10-10 15:05 . 2008-10-10 15:05 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-10-10 15:05 . 2008-10-10 15:05 <DIR> d-------- C:\ProgramData\Media Center Programs
2008-10-10 01:45 . 2008-10-15 09:04 183,128 --a------ C:\Windows\System32\PnkBstrB.exe
2008-10-10 01:45 . 2008-10-15 09:04 138,464 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-10-10 01:45 . 2008-10-10 01:45 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-10-09 22:37 . 2008-10-09 22:37 <DIR> d-------- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37 . 2008-10-09 22:37 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:37 . 2008-10-09 22:37 34,064 --a------ C:\Windows\System32\lhacm.acm
2008-10-09 22:30 . 2008-10-09 22:30 <DIR> d-------- C:\Users\All Users\America's Army Deploy Client
2008-10-09 22:30 . 2008-10-09 22:30 <DIR> d-------- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30 . 2008-10-13 10:30 <DIR> d-------- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23 . 2008-10-18 08:11 <DIR> d-------- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22 . 2008-10-09 08:22 <DIR> d-------- C:\Program Files\Java
2008-10-09 08:22 . 2008-10-09 08:22 <DIR> d-------- C:\Program Files\Common Files\Java
2008-10-09 08:19 . 2008-10-09 08:20 <DIR> d-------- C:\Program Files\LimeWire
2008-10-04 20:21 . 2008-10-04 20:22 <DIR> d-------- C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹
2008-09-29 12:29 . 2008-09-29 12:29 <DIR> d-------- C:\Windows\System32\AGEIA
2008-09-29 12:29 . 2008-10-16 15:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29 . 2008-09-29 12:29 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-09-29 12:29 . 2008-09-17 09:55 797,216 --a------ C:\Windows\System32\nvcplui.exe
2008-09-29 12:29 . 2008-09-17 09:55 420,384 --a------ C:\Windows\System32\nvcpl.cpl
2008-09-29 12:28 . 2008-09-16 21:27 453,152 --a------ C:\Windows\System32\NVUNINST.EXE
2008-09-24 22:41 . 2008-09-24 22:41 <DIR> d-------- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 12:10 . 2008-09-21 12:40 <DIR> d-------- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42 . 2008-09-21 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39 . 2008-09-21 11:39 <DIR> d-------- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:39 . 2008-09-21 11:39 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-09-21 11:34 . 2008-09-21 11:34 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01 . 2008-10-19 09:01 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Azureus
2008-09-21 11:01 . 2008-09-21 11:01 <DIR> d-------- C:\Users\All Users\Azureus
2008-09-21 11:01 . 2008-09-21 11:01 <DIR> d-------- C:\ProgramData\Azureus

SlipofMind · 2008/10/19

((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-16 19:02 2,868 ----a-w C:\Windows\System32\tmp.reg
2008-10-14 22:15 --------- d-----w C:\Program Files\Windows Mail
2008-10-14 22:13 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-14 12:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-14 12:40 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-10-10 12:58 82,944 ----a-w C:\Windows\System32\o4Patch.exe
2008-10-10 12:58 82,944 ----a-w C:\Windows\System32\IEDFix.C.exe
2008-10-02 03:49 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-10-01 19:51 87,552 ----a-w C:\Windows\System32\VACFix.exe
2008-09-29 16:30 --------- d-----w C:\ProgramData\NVIDIA
2008-09-18 05:09 3,601,464 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w C:\Windows\System32\win32k.sys
2008-09-15 01:26 --------- d-----w C:\Users\Slips\AppData\Roaming\DivX
2008-09-15 01:25 --------- d-----w C:\Program Files\DivX
2008-09-15 01:25 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-09-14 23:11 --------- d-----w C:\Users\Slips\AppData\Roaming\Turbine
2008-09-09 03:38 88,576 ----a-w C:\Windows\System32\AntiXPVSTFix.exe
2008-09-06 19:34 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-06 19:33 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-06 17:34 174 --sha-w C:\Program Files\desktop.ini
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Journal
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Defender
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Calendar
2008-09-06 17:21 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-09-06 17:21 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-09-05 20:56 --------- d-----w C:\Program Files\UltraTV
2008-09-05 20:56 --------- d-----w C:\Program Files\InterVideo
2008-09-05 20:56 --------- d-----w C:\Program Files\Common Files\TV
2008-09-05 19:36 --------- d-----w C:\Program Files\Common Files\xing shared
2008-09-05 19:36 --------- d-----w C:\Program Files\Common Files\Real
2008-09-05 19:35 --------- d-----w C:\Program Files\Real
2008-09-05 19:17 --------- d-----w C:\Program Files\Microsoft Works
2008-09-05 19:16 --------- d-----w C:\Program Files\Microsoft.NET
2008-09-05 19:08 269,312 ----a-w C:\Windows\System32\es.dll
2008-09-05 18:58 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-09-05 18:58 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-09-05 18:58 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-09-05 18:58 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-09-05 18:53 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-09-05 18:45 988,216 ----a-w C:\Windows\System32\winload.exe
2008-09-05 18:45 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-09-05 18:45 615,992 ----a-w C:\Windows\System32\ci.dll
2008-09-05 18:45 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-09-05 18:45 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-09-05 18:45 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-09-05 18:45 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-09-05 18:45 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-09-05 18:45 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-09-05 18:45 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-09-05 18:44 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-09-05 18:43 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-09-05 18:43 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-09-05 18:42 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-09-05 18:42 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-09-05 18:42 1,695,744 ----a-w C:\Windows\System32\gameux.dll
2008-09-05 18:41 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-09-05 18:41 738,304 ----a-w C:\Windows\System32\inetcomm.dll
2008-09-05 18:41 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-09-05 18:10 --------- d-----w C:\Program Files\Alwil Software
2008-09-05 18:00 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-09-04 13:31 288,024 ----a-w C:\Windows\System32\PhysXCplUI.exe
2008-08-29 12:57 70,936 ----a-w C:\Windows\System32\PhysXLoader.dll
2008-08-27 01:06 288,768 ----a-w C:\Windows\system32\drivers\srv.sys
2008-08-18 16:19 82,432 ----a-w C:\Windows\System32\404Fix.exe
2008-08-05 22:02 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-08-05 22:02 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-08-05 22:00 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-08-05 22:00 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-08-05 21:59 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-08-05 21:59 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-08-05 21:59 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-08-05 21:59 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-08-05 21:59 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-08-05 21:59 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-08-05 21:59 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-08-05 21:59 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-08-05 21:58 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-08-05 21:58 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-08-05 21:58 815,104 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-08-05 21:58 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-08-05 21:58 683,520 ----a-w C:\Windows\System32\DivX.dll
2008-08-05 21:58 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-08-05 21:58 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-08-05 09:49 428,544 ----a-w C:\Windows\System32\EncDec.dll
2008-08-05 09:49 293,376 ----a-w C:\Windows\System32\psisdecd.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-07-31 14:41 68,616 ----a-w C:\Windows\System32\XAPOFX1_1.dll
2008-07-31 14:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll
2008-07-31 14:40 509,448 ----a-w C:\Windows\System32\XAudio2_2.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 01:13 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-19 05:10 53,448 ----a-w C:\Windows\System32\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\Windows\System32\wups2.dll
.

SlipofMind · 2008/10/19

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "= "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
"WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast! "= "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvCplDaemon "= "C:\Windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter "= "C:\Windows\system32\NvMcTray.dll" [2008-09-17 92704]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Ulead AutoDetector v2 "= "C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"snueqsigbtp "= "C:\Windows\system32\ufzqrjroipzxhxhym.dll" [2008-10-16 171520]
"atwtusb "= "atwtusb.exe" [2007-05-29 C:\Windows\System32\atwtusb.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2EBA7D3A-33F9-4F9B-9263-8016900D0658} "= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E0C75707-1501-4FD9-9EBF-CEA796B06BEC} "= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{0A4F9E4C-E27F-47D7-9B4C-5BA5EB94FDCA}C:\\users\\slips\\documents\\vuze\\azureus.exe "= UDP:C:\users\slips\documents\vuze\azureus.exe:azureus.exe
"UDP Query User{202CE82C-F24C-4234-AEE4-A453BB46F144}C:\\users\\slips\\documents\\vuze\\azureus.exe "= TCP:C:\users\slips\documents\vuze\azureus.exe:azureus.exe
"{B732BD03-2B52-48C2-BF08-7741D40689A6} "= UDP:\Civ4\Civilization4.exe:Sid Meier's Civilization 4
"{5D624A1B-9761-4360-A280-93B17A69A550} "= TCP:\Civ4\Civilization4.exe:Sid Meier's Civilization 4
"{A34AFA70-7605-4495-9424-C5146B82DF98} "= UDP:\Civ4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{963C2F22-AE47-4252-A905-5D7D0CCAF6D2} "= TCP:\Civ4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{79004BC1-DA75-4655-B13D-4A0EEA495626} "= UDP:\Civ4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{F6A127A9-ED2D-4E89-B4D6-AE6E2C500CC4} "= TCP:\Civ4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{5B5A4650-3DBB-4E6C-ABB4-3394324C5497} "= UDP:\civ4 Colonizaion\Colonization.exe:Sid Meier's Civilization IV Colonization
"{DD821F69-2064-4E54-8238-9E305D27AC40} "= TCP:\civ4 Colonizaion\Colonization.exe:Sid Meier's Civilization IV Colonization
"{4F8E4AC4-3F97-46BB-A701-0B4DDFF0E907} "= UDP:\Civ4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{4553490D-F12A-480B-A7CA-1CC25F4771AA} "= TCP:\Civ4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{2CFC83A6-FB84-481D-89A8-E77ED32BA64D} "= UDP:\Civ4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{6A7CEC57-48DE-47BD-9C8F-0410E7CD9535} "= TCP:\Civ4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"TCP Query User{E6696709-FAB0-4D07-98C0-EF72A23EEAA5}C:\\program files\\real\\realone player\\realplay.exe "= UDP:C:\program files\real\realone player\realplay.exe:RealOne Player
"UDP Query User{59545863-6BCB-4F67-A6F2-B5955F56B06A}C:\\program files\\real\\realone player\\realplay.exe "= TCP:C:\program files\real\realone player\realplay.exe:RealOne Player
"TCP Query User{0FFF207B-611C-46FA-8021-0E12E5E11FB6}C:\\program files\\limewire\\limewire.exe "= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{45C6C336-967D-4137-BCFF-68C9ECC5480B}C:\\program files\\limewire\\limewire.exe "= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{A0842219-2C43-434B-8F10-C7C1A9985F32}C:\\program files\\america's army deploy client\\aadeployclient.exe "= UDP:C:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{656B403B-4CE4-4CB6-98AA-45301FC9112A}C:\\program files\\america's army deploy client\\aadeployclient.exe "= TCP:C:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"TCP Query User{05B720DE-BBDB-4B92-AB26-7804CA74814C}D:\\america's army\\system\\armyops.exe "= UDP:\america's army\system\armyops.exe:ArmyOps
"UDP Query User{EEB9B37F-321F-4A3D-827C-49897E091F26}D:\\america's army\\system\\armyops.exe "= TCP:\america's army\system\armyops.exe:ArmyOps
"{0834D61A-FDF0-4A7C-8520-B5F274D95187} "= UDP:\BF2\BF2.exe:Battlefield 2
"{8E4CC42C-9DDC-486E-A153-017475C3811E} "= TCP:\BF2\BF2.exe:Battlefield 2
"{1E9A70F4-84F9-4A33-8796-981F1841FB41} "= UDP:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{6EE532FF-9D64-4082-BBE9-FD9DEDE63440} "= TCP:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{3D262F17-CD65-4C4B-96CB-AE3093AA4064} "= UDP:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{1926179E-6D30-4B46-A5F0-E1AD9AD718B4} "= TCP:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{1AC5CA49-61A3-4AB6-B5C5-D26AD10F521A} "= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7718E758-7353-4404-804E-8F1C1A67D0D1} "= UDP:\Backburner\monitor.exe:backburner 2.3 monitor
"{6534B38D-9A40-41E0-97B5-685668ABB87D} "= TCP:\Backburner\monitor.exe:backburner 2.3 monitor
"{F4A6DE09-4A27-4767-BF7C-558E09E84102} "= UDP:\Backburner\manager.exe:backburner 2.3 manager
"{DA16CD31-E06A-4B99-857C-E94437899CA2} "= TCP:\Backburner\manager.exe:backburner 2.3 manager
"{383914E2-9AF4-471B-9CF4-C526645CDB05} "= UDP:\Backburner\server.exe:backburner 2.3 server
"{68A9ACEF-F4EB-4AB5-8C1F-D38F3D3D3113} "= TCP:\Backburner\server.exe:backburner 2.3 server
"{F3136BC9-1ECD-4608-A3B3-A691993DA717} "= UDP:\Auto Desk 3DS Max 2009\3dsmax.exe:Autodesk 3ds Max 2009 32-bit
"{31B351F7-AD71-4835-815D-2E3D4ADFCEE3} "= TCP:\Auto Desk 3DS Max 2009\3dsmax.exe:Autodesk 3ds Max 2009 32-bit

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878);C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 VST_DPV;VST_DPV;C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2;C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-10-19 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Slips\AppData\Roaming\Mozilla\Firefox\Profiles\1unv6xeq.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.yahoo.com/
FF -: plugin - C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll
FF -: plugin - C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll
FF -: plugin - C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll
FF -: plugin - C:\Users\Slips\AppData\Roaming\Mozilla\Firefox\Profiles\1unv6xeq.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-19 09:08:10
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-19 9:09:15
ComboFix-quarantined-files.txt 2008-10-19 13:09:13
ComboFix2.txt 2008-10-19 13:02:48

Pre-Run: 128,935,346,176 bytes free
Post-Run: 128,896,892,928 bytes free

323 --- E O F --- 2008-10-17 08:22:42

Geri · 2008/10/19

Hi
EDIT- ( OK great, I'll go over it more, please do the following instructions)
OK, not much we can do with the smilie thing, they sometimes show up in the registry entries with CF.

Please do this and post as much of the log as you can and a new RSIT log..

Thanks.

Highlight and copy the contents of the code box below and paste it into a blank Notepad, then save it to your desktop as;

Filename: CFScript.txt
Save As Type: All Files (*.*)

Close all other windows and programs. Now drag the CFScript.txt onto ComboFix.exe and drop it, using the left mouse button.
Click here to see how to use CFScript.txt
Combofix should run and may reboot the computer when it's done. A log will open when it's complete. Post the contents of that log.

Please do not click on the ComboFix window while it is running a scan. This can cause it to stall.
Code:
File::
C:\Windows\system32\sqkktefrst.exe
C:\Windows\system32\drivers\a3eemjfu.

Driver::
a3eemjfu

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "snueqsigbtp "=-

DirLook::
C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹ 
I really need to see the "Look" part of the CF log So please make sure that is posted along with as much else as you can.

Thanks

SlipofMind · 2008/10/19

Ok Geri I added the above script to and ran CF. here is the log... now before CF was done my CP did a restart and when it came back on my AV did not start...

follows CF and RSIT log.

ComboFix 08-10-18.03 - Slips 2008-10-19 14:35:34.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2078 [GMT -4:00]
Running from: C:\Users\Slips\Downloads\ComboFix.exe
Command switches used :: C:\Users\Slips\Desktop\CFScript.txt.txt
* Created a new restore point

FILE ::
C:\Windows\system32\drivers\a3eemjfu.
C:\Windows\system32\sqkktefrst.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\sqkktefrst.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_a3eemjfu

((((((((((((((((((((((((( Files Created from 2008-09-19 to 2008-10-19 )))))))))))))))))))))))))))))))
.

2010-10-25 17:02 . 2008-09-05 16:56 3,881 --a------ C:\Windows\AVerTV.ini
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-10-18 13:46 . 2008-10-18 13:46 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-10-18 13:46 . 2008-10-18 14:45 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-18 13:46 . 2008-10-16 20:25 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-18 13:46 . 2008-10-16 20:25 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-17 06:36 . 2008-10-17 06:36 74 --a------ C:\Windows\Wininit.INI
2008-10-17 06:31 . 2008-10-17 06:31 <DIR> d-------- C:\rsit
2008-10-17 06:20 . 2008-10-19 11:08 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-17 04:07 . 2008-10-17 04:08 <DIR> d-------- C:\Users\Slips\.housecall6.6
2008-10-17 02:11 . 2008-10-17 02:11 690,969 --a------ C:\Windows\unins000.exe
2008-10-17 02:11 . 2008-10-17 02:11 5,233 --a------ C:\Windows\unins000.dat
2008-10-17 01:59 . 2008-10-17 01:59 102,190 --a------ C:\Windows\System32\cont_adzgalore-remove.exe
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\Users\All Users\Math Mechanixs
2008-10-17 01:17 . 2008-10-17 01:17 <DIR> d-------- C:\ProgramData\Math Mechanixs
2008-10-17 01:16 . 2008-10-17 01:16 <DIR> d-------- C:\Program Files\Math Mechanixs
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20 . 2008-10-16 15:20 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14 . 2008-10-16 15:14 <DIR> d-------- C:\Program Files\Comodo
2008-10-16 15:14 . 2008-07-14 05:09 212,728 --a------ C:\Windows\CMDLIC.DLL
2008-10-16 15:14 . 2008-07-14 05:09 205,560 --a------ C:\Windows\UNBOC.EXE
2008-10-16 15:14 . 2008-01-19 03:37 15,360 --a------ C:\Windows\System32\wsock32.dlb
2008-10-16 03:18 . 2008-10-16 03:18 <DIR> d-------- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18 . 2008-10-16 03:18 <DIR> d-------- C:\Program Files\VideoLAN
2008-10-16 02:52 . 2008-10-16 02:52 2,015 -r-h----- C:\Windows\System32\drivers\hosts
2008-10-16 02:45 . 2008-10-16 02:50 <DIR> d-a------ C:\Users\All Users\TEMP
2008-10-16 02:45 . 2008-10-16 02:50 <DIR> d-a------ C:\ProgramData\TEMP
2008-10-16 02:08 . 2008-10-16 02:08 355,584 --a------ C:\Windows\System32\TuneUpDefragService.exe
2008-10-16 02:08 . 2008-05-29 09:28 28,416 --a------ C:\Windows\System32\uxtuneup.dll
2008-10-16 02:08 . 2008-05-29 09:28 16,640 --a------ C:\Windows\System32\authuitu.dll
2008-10-16 02:07 . 2008-10-16 02:07 <DIR> d-------- C:\Users\All Users\TuneUp Software
2008-10-16 02:07 . 2008-10-16 02:07 <DIR> d-------- C:\ProgramData\TuneUp Software
2008-10-16 02:07 . 2008-10-16 02:08 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31 . 2008-10-16 01:31 <DIR> d-------- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48 . 2008-10-14 18:48 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 09:12 . 2008-10-14 09:12 <DIR> d-------- C:\Users\All Users\AppData
2008-10-14 09:12 . 2008-10-14 09:12 <DIR> d-------- C:\ProgramData\AppData
2008-10-14 08:45 . 2008-10-14 08:45 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42 . 2008-10-14 08:42 <DIR> d-------- C:\Users\All Users\InstallShield
2008-10-14 08:42 . 2008-10-14 08:42 <DIR> d-------- C:\ProgramData\InstallShield
2008-10-14 08:40 . 2008-10-14 08:41 <DIR> d-------- C:\Users\All Users\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:41 <DIR> d-------- C:\ProgramData\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:40 <DIR> d-------- C:\Program Files\Ulead Systems
2008-10-14 08:40 . 2008-10-14 08:40 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40 . 1999-10-15 12:50 1,056,768 --------- C:\Windows\System32\ROBOEX32.DLL
2008-10-14 08:40 . 2006-07-22 19:37 49,152 --------- C:\Windows\System32\INETWH32.dll
2008-10-14 08:37 . 2008-10-17 15:35 <DIR> d-------- C:\Users\All Users\Tablet
2008-10-14 08:37 . 2008-10-17 15:35 <DIR> d-------- C:\ProgramData\Tablet
2008-10-14 08:32 . 2008-10-14 08:32 <DIR> d-------- C:\Program Files\Autodesk
2008-10-14 08:31 . 2008-10-14 08:45 <DIR> d-------- C:\Users\All Users\Autodesk
2008-10-14 08:31 . 2008-10-14 08:45 <DIR> d-------- C:\ProgramData\Autodesk
2008-10-14 08:31 . 2008-10-14 08:32 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21 . 2008-10-14 07:56 <DIR> d-------- C:\Users\All Users\SITEguard
2008-10-14 07:21 . 2008-10-14 07:56 <DIR> d-------- C:\ProgramData\SITEguard
2008-10-14 07:20 . 2008-10-14 08:06 <DIR> d-------- C:\Users\All Users\STOPzilla!
2008-10-14 07:20 . 2008-10-14 08:06 <DIR> d-------- C:\ProgramData\STOPzilla!
2008-10-14 07:20 . 2008-10-14 07:20 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-10-11 23:22 . 2008-10-11 23:22 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07 . 2008-10-10 16:07 <DIR> d-------- C:\Users\All Users\WLInstaller
2008-10-10 16:07 . 2008-10-10 16:07 <DIR> d-------- C:\ProgramData\WLInstaller
2008-10-10 16:07 . 2008-10-10 16:08 <DIR> d-------- C:\Program Files\Windows Live
2008-10-10 16:07 . 2008-10-10 16:08 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 15:07 . 2008-10-10 15:07 <DIR> d-------- C:\Users\All Users\GRAW2
2008-10-10 15:07 . 2008-10-10 15:07 <DIR> d-------- C:\ProgramData\GRAW2
2008-10-10 15:05 . 2008-10-10 15:05 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-10-10 15:05 . 2008-10-10 15:05 <DIR> d-------- C:\ProgramData\Media Center Programs
2008-10-10 01:45 . 2008-10-15 09:04 183,128 --a------ C:\Windows\System32\PnkBstrB.exe
2008-10-10 01:45 . 2008-10-15 09:04 138,464 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-10-10 01:45 . 2008-10-10 01:45 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-10-09 22:37 . 2008-10-09 22:37 <DIR> d-------- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37 . 2008-10-09 22:37 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:37 . 2008-10-09 22:37 34,064 --a------ C:\Windows\System32\lhacm.acm
2008-10-09 22:30 . 2008-10-09 22:30 <DIR> d-------- C:\Users\All Users\America's Army Deploy Client
2008-10-09 22:30 . 2008-10-09 22:30 <DIR> d-------- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30 . 2008-10-13 10:30 <DIR> d-------- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23 . 2008-10-19 14:34 <DIR> d-------- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22 . 2008-10-09 08:22 <DIR> d-------- C:\Program Files\Java
2008-10-09 08:22 . 2008-10-09 08:22 <DIR> d-------- C:\Program Files\Common Files\Java
2008-10-09 08:19 . 2008-10-09 08:20 <DIR> d-------- C:\Program Files\LimeWire
2008-10-04 20:21 . 2008-10-04 20:22 <DIR> d-------- C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹
2008-09-29 12:29 . 2008-09-29 12:29 <DIR> d-------- C:\Windows\System32\AGEIA
2008-09-29 12:29 . 2008-10-16 15:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29 . 2008-09-29 12:29 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-09-29 12:29 . 2008-09-17 09:55 797,216 --a------ C:\Windows\System32\nvcplui.exe
2008-09-29 12:29 . 2008-09-17 09:55 420,384 --a------ C:\Windows\System32\nvcpl.cpl
2008-09-29 12:28 . 2008-09-16 21:27 453,152 --a------ C:\Windows\System32\NVUNINST.EXE
2008-09-24 22:41 . 2008-09-24 22:41 <DIR> d-------- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 12:10 . 2008-09-21 12:40 <DIR> d-------- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42 . 2008-09-21 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39 . 2008-09-21 11:39 <DIR> d-------- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:39 . 2008-09-21 11:39 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-09-21 11:34 . 2008-09-21 11:34 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01 . 2008-10-19 14:34 <DIR> d-------- C:\Users\Slips\AppData\Roaming\Azureus
2008-09-21 11:01 . 2008-09-21 11:01 <DIR> d-------- C:\Users\All Users\Azureus
2008-09-21 11:01 . 2008-09-21 11:01 <DIR> d-------- C:\ProgramData\Azureus

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-14 22:15 --------- d-----w C:\Program Files\Windows Mail
2008-10-14 22:13 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-14 12:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-14 12:40 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-29 16:30 --------- d-----w C:\ProgramData\NVIDIA
2008-09-17 13:55 7,379,872 ----a-w C:\Windows\system32\drivers\nvlddmkm.sys
2008-09-15 01:26 --------- d-----w C:\Users\Slips\AppData\Roaming\DivX
2008-09-15 01:25 --------- d-----w C:\Program Files\DivX
2008-09-15 01:25 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-09-14 23:11 --------- d-----w C:\Users\Slips\AppData\Roaming\Turbine
2008-09-06 19:34 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-06 19:33 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-06 17:34 174 --sha-w C:\Program Files\desktop.ini
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Journal
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Defender
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-06 17:30 --------- d-----w C:\Program Files\Windows Calendar
2008-09-05 20:56 --------- d-----w C:\Program Files\UltraTV
2008-09-05 20:56 --------- d-----w C:\Program Files\InterVideo
2008-09-05 20:56 --------- d-----w C:\Program Files\Common Files\TV
2008-09-05 19:36 --------- d-----w C:\Program Files\Common Files\xing shared
2008-09-05 19:36 --------- d-----w C:\Program Files\Common Files\Real
2008-09-05 19:35 --------- d-----w C:\Program Files\Real
2008-09-05 19:17 --------- d-----w C:\Program Files\Microsoft Works
2008-09-05 19:16 --------- d-----w C:\Program Files\Microsoft.NET
2008-09-05 18:43 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-09-05 18:43 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-09-05 18:42 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-09-05 18:10 --------- d-----w C:\Program Files\Alwil Software
2008-09-05 18:00 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-08-27 01:06 288,768 ----a-w C:\Windows\system32\drivers\srv.sys
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹ ----

2008-10-04 20:22 998545 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\P10 Movie Player.exe
2008-10-04 20:22 9803818 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-16p1.swf
2008-10-04 20:22 9243005 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-15p.swf
2008-10-04 20:22 9051532 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\oneday-u.swf
2008-10-04 20:22 7802240 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\901.swf
2008-10-04 20:22 7454573 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\dayend.swf
2008-10-04 20:22 7449717 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\941.swf
2008-10-04 20:22 7366477 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\931.swf
2008-10-04 20:22 7129037 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-7.swf
2008-10-04 20:22 687778 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\app-2.swf
2008-10-04 20:22 6785096 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\day-3e.swf
2008-10-04 20:22 639864 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\921.swf
2008-10-04 20:22 4781831 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-13p.swf
2008-10-04 20:22 4416482 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-14p.swf
2008-10-04 20:22 4387490 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\day-3d.swf
2008-10-04 20:22 437568 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\app-3.swf
2008-10-04 20:22 4359742 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\app-1.swf
2008-10-04 20:22 423628 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\menu-s2.swf
2008-10-04 20:22 422779 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\menu-s.swf
2008-10-04 20:22 421371 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\menu.swf
2008-10-04 20:22 366256 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\app-4.swf
2008-10-04 20:22 3433873 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\oneday.swf
2008-10-04 20:22 30540070 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\day3-fe.swf
2008-10-04 20:22 29424265 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-7f.swf
2008-10-04 20:22 2799 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\_setup.log
2008-10-04 20:22 2402070 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\top.swf
2008-10-04 20:22 2376609 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\911.swf
2008-10-04 20:22 2134465 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\day-4.swf
2008-10-04 20:22 2079150 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\Movie Player Mac.hqx
2008-10-04 20:22 2062802 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\game_start.hqx
2008-10-04 20:22 177845 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie_view.swf
2008-10-04 20:22 13087380 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\oneday-s.swf
2008-10-04 20:22 12051262 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-19p.swf
2008-10-04 20:22 1174950 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\game_start.exe
2008-10-04 20:22 11029001 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-18p1.swf
2008-10-04 20:22 10790568 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-17p1.swf
2008-10-04 20:22 10021303 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\movie\m-16p2.swf
2008-10-04 20:21 9436791 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a8-up.swf
2008-10-04 20:21 9421455 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a5-u.swf
2008-10-04 20:21 8516422 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a7-u1.swf
2008-10-04 20:21 7666608 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a5-s.swf
2008-10-04 20:21 6723530 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a7-u2.swf
2008-10-04 20:21 6078267 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a7-n.swf
2008-10-04 20:21 3093450 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a7-s.swf
2008-10-04 20:21 18592991 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a3.swf
2008-10-04 20:21 15138656 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a5-n.swf
2008-10-04 20:21 14163661 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a4-n.swf
2008-10-04 20:21 14067312 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a4-s.swf
2008-10-04 20:21 13619334 --a------ C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹\data\a8-u.swf

((((((((((((((((((((((((((((( snapshot@2008-10-19_ 9.02.02.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-21 00:02:28 163,328 ----a-w C:\Windows\ERDNT\subs\ERDNT.EXE
- 2008-10-18 18:51:26 147,456 ----a-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-10-19 18:41:00 147,456 ----a-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-10-19 13:01:17 155,648 ----a-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-10-19 18:41:00 155,648 ----a-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-10-19 10:52:59 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-19 18:40:45 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-10-19 10:52:59 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-19 18:40:45 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-10-19 10:52:59 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-19 18:40:45 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-18 18:54:29 105,170 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-10-19 13:26:13 105,170 ----a-w C:\Windows\System32\perfc009.dat
- 2008-10-18 18:54:29 604,214 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-10-19 13:26:13 604,214 ----a-w C:\Windows\System32\perfh009.dat
- 2008-10-18 18:51:50 7,058 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1713268366-4097519884-3779180679-1000_UserData.bin
+ 2008-10-19 13:23:24 7,058 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1713268366-4097519884-3779180679-1000_UserData.bin
- 2008-10-18 18:51:50 53,550 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-19 13:23:24 53,916 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-10-18 18:51:49 31,198 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-10-19 13:23:23 31,238 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "= "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
"WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvCplDaemon "= "C:\Windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter "= "C:\Windows\system32\NvMcTray.dll" [2008-09-17 92704]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Ulead AutoDetector v2 "= "C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
"atwtusb "= "atwtusb.exe" [2007-05-29 C:\Windows\System32\atwtusb.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2EBA7D3A-33F9-4F9B-9263-8016900D0658} "= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E0C75707-1501-4FD9-9EBF-CEA796B06BEC} "= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{0A4F9E4C-E27F-47D7-9B4C-5BA5EB94FDCA}C:\\users\\slips\\documents\\vuze\\azureus.exe "= UDP:C:\users\slips\documents\vuze\azureus.exe:azureus.exe
"UDP Query User{202CE82C-F24C-4234-AEE4-A453BB46F144}C:\\users\\slips\\documents\\vuze\\azureus.exe "= TCP:C:\users\slips\documents\vuze\azureus.exe:azureus.exe
"{B732BD03-2B52-48C2-BF08-7741D40689A6} "= UDP: D:\Civ4\Civilization4.exe:Sid Meier's Civilization 4
"{5D624A1B-9761-4360-A280-93B17A69A550} "= TCP: D:\Civ4\Civilization4.exe:Sid Meier's Civilization 4
"{A34AFA70-7605-4495-9424-C5146B82DF98} "= UDP: D:\Civ4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{963C2F22-AE47-4252-A905-5D7D0CCAF6D2} "= TCP: D:\Civ4\Warlords\Civ4Warlords.exe:Sid Meier's Civilization 4 Warlords
"{79004BC1-DA75-4655-B13D-4A0EEA495626} "= UDP: D:\Civ4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{F6A127A9-ED2D-4E89-B4D6-AE6E2C500CC4} "= TCP: D:\Civ4\Warlords\Civ4Warlords_PitBoss.exe:Sid Meier's Civilization 4 Pitboss
"{5B5A4650-3DBB-4E6C-ABB4-3394324C5497} "= UDP:\civ4 Colonizaion\Colonization.exe:Sid Meier's Civilization IV Colonization
"{DD821F69-2064-4E54-8238-9E305D27AC40} "= TCP: D:\civ4 Colonizaion\Colonization.exe:Sid Meier's Civilization IV Colonization
"{4F8E4AC4-3F97-46BB-A701-0B4DDFF0E907} "= UDP: D:\Civ4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{4553490D-F12A-480B-A7CA-1CC25F4771AA} "= TCP: D:\Civ4\Beyond the Sword\Civ4BeyondSword.exe:Sid Meier's Civilization 4 Beyond the Sword
"{2CFC83A6-FB84-481D-89A8-E77ED32BA64D} "= UDP: D:\Civ4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"{6A7CEC57-48DE-47BD-9C8F-0410E7CD9535} "= TCP: D:\Civ4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:Sid Meier's Civilization 4 Beyond the Sword Pitboss
"TCP Query User{E6696709-FAB0-4D07-98C0-EF72A23EEAA5}C:\\program files\\real\\realone player\\realplay.exe "= UDP:C:\program files\real\realone player\realplay.exe:RealOne Player
"UDP Query User{59545863-6BCB-4F67-A6F2-B5955F56B06A}C:\\program files\\real\\realone player\\realplay.exe "= TCP:C:\program files\real\realone player\realplay.exe:RealOne Player
"TCP Query User{0FFF207B-611C-46FA-8021-0E12E5E11FB6}C:\\program files\\limewire\\limewire.exe "= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{45C6C336-967D-4137-BCFF-68C9ECC5480B}C:\\program files\\limewire\\limewire.exe "= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{A0842219-2C43-434B-8F10-C7C1A9985F32}C:\\program files\\america's army deploy client\\aadeployclient.exe "= UDP:C:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{656B403B-4CE4-4CB6-98AA-45301FC9112A}C:\\program files\\america's army deploy client\\aadeployclient.exe "= TCP:C:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"TCP Query User{05B720DE-BBDB-4B92-AB26-7804CA74814C}D:\\america's army\\system\\armyops.exe "= UDP:\america's army\system\armyops.exe:ArmyOps
"UDP Query User{EEB9B37F-321F-4A3D-827C-49897E091F26}D:\\america's army\\system\\armyops.exe "= TCP:\america's army\system\armyops.exe:ArmyOps
"{0834D61A-FDF0-4A7C-8520-B5F274D95187} "= UDP: D:\BF2\BF2.exe:Battlefield 2
"{8E4CC42C-9DDC-486E-A153-017475C3811E} "= TCP: D:\BF2\BF2.exe:Battlefield 2
"{1E9A70F4-84F9-4A33-8796-981F1841FB41} "= UDP: D:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{6EE532FF-9D64-4082-BBE9-FD9DEDE63440} "= TCP: D:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{3D262F17-CD65-4C4B-96CB-AE3093AA4064} "= UDP: D:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{1926179E-6D30-4B46-A5F0-E1AD9AD718B4} "= TCP: D:\Ghost Recon AWF2\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{1AC5CA49-61A3-4AB6-B5C5-D26AD10F521A} "= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7718E758-7353-4404-804E-8F1C1A67D0D1} "= UDP: D:\Backburner\monitor.exe:backburner 2.3 monitor
"{6534B38D-9A40-41E0-97B5-685668ABB87D} "= TCP: D:\Backburner\monitor.exe:backburner 2.3 monitor
"{F4A6DE09-4A27-4767-BF7C-558E09E84102} "= UDP: D:\Backburner\manager.exe:backburner 2.3 manager
"{DA16CD31-E06A-4B99-857C-E94437899CA2} "= TCP: D:\Backburner\manager.exe:backburner 2.3 manager
"{383914E2-9AF4-471B-9CF4-C526645CDB05} "= UDP: D:\Backburner\server.exe:backburner 2.3 server
"{68A9ACEF-F4EB-4AB5-8C1F-D38F3D3D3113} "= TCP: D:\Backburner\server.exe:backburner 2.3 server
"{F3136BC9-1ECD-4608-A3B3-A691993DA717} "= UDP: D:\Auto Desk 3DS Max 2009\3dsmax.exe:Autodesk 3ds Max 2009 32-bit
"{31B351F7-AD71-4835-815D-2E3D4ADFCEE3} "= TCP: D :\Auto Desk 3DS Max 2009\3dsmax.exe:Autodesk 3ds Max 2009 32-bit

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878);C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 VST_DPV;VST_DPV;C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2;C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-10-19 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-19 14:41:09
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\nvvsvc.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\wisptis.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\wisptis.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Windows\System32\PnkBstrA.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WTMKM.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-10-19 14:43:01 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-19 18:42:57
ComboFix2.txt 2008-10-19 13:20:19
ComboFix3.txt 2008-10-19 13:09:16
ComboFix4.txt 2008-10-19 13:02:48

Pre-Run: 127,628,521,472 bytes free
Post-Run: 127,345,246,208 bytes free

351 --- E O F --- 2008-10-17 08:22:42

SlipofMind · 2008/10/19

Logfile of random's system information tool 1.04 (written by random/random)
Run by Slips at 2008-10-19 14:49:37
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 122 GB (69%) free of 175 GB
Total RAM: 3069 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:49:39, on 10/19/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WTMKM.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Slips\Downloads\RSIT.exe
C:\Program Files\trend micro\Slips.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.devryu.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

--
End of file - 4232 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"atwtusb "=C:\Windows\system32\atwtusb.exe [2007-05-29 360096]
"Ulead AutoDetector v2 "=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]
"WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableUIADesktopToggle "=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-10-25 17:02:46 ----A---- C:\Windows\AVerTV.ini
2008-10-19 14:43:02 ----A---- C:\ComboFix.txt
2008-10-19 14:39:12 ----D---- C:\Windows\temp
2008-10-19 14:34:42 ----D---- C:\ComboFix
2008-10-19 08:57:09 ----A---- C:\Windows\zip.exe
2008-10-19 08:57:09 ----A---- C:\Windows\VFIND.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWXCACLS.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWSC.exe
2008-10-19 08:57:09 ----A---- C:\Windows\SWREG.exe
2008-10-19 08:57:09 ----A---- C:\Windows\sed.exe
2008-10-19 08:57:09 ----A---- C:\Windows\NIRCMD.exe
2008-10-19 08:57:09 ----A---- C:\Windows\grep.exe
2008-10-19 08:57:09 ----A---- C:\Windows\fdsv.exe
2008-10-19 08:57:06 ----D---- C:\Windows\ERDNT
2008-10-19 08:57:06 ----D---- C:\Qoobox
2008-10-18 13:46:06 ----D---- C:\Users\Slips\AppData\Roaming\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\ProgramData\Malwarebytes
2008-10-18 13:46:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-17 06:36:00 ----A---- C:\Windows\Wininit.INI
2008-10-17 06:31:53 ----D---- C:\rsit
2008-10-17 06:20:31 ----D---- C:\Program Files\Trend Micro
2008-10-17 02:11:34 ----A---- C:\Windows\unins000.exe
2008-10-17 01:59:03 ----A---- C:\Windows\system32\cont_adzgalore-remove.exe
2008-10-17 01:17:09 ----D---- C:\Users\Slips\AppData\Roaming\Math Mechanixs
2008-10-17 01:17:09 ----D---- C:\ProgramData\Math Mechanixs
2008-10-17 01:16:46 ----D---- C:\Program Files\Math Mechanixs
2008-10-16 15:20:49 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Users\Slips\AppData\Roaming\SUPERAntiSpyware.com
2008-10-16 15:20:42 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-16 15:14:20 ----A---- C:\Windows\UNBOC.EXE
2008-10-16 15:14:19 ----A---- C:\Windows\CMDLIC.DLL
2008-10-16 15:14:06 ----D---- C:\Program Files\Comodo
2008-10-16 15:02:12 ----A---- C:\Windows\system32\tmp.txt
2008-10-16 15:02:11 ----A---- C:\rapport.txt
2008-10-16 15:02:02 ----A---- C:\Windows\system32\WS2Fix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VCCLSID.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\VACFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\SrchSTS.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\Process.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\o4Patch.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\IEDFix.C.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\dumphive.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\AntiXPVSTFix.exe
2008-10-16 15:02:02 ----A---- C:\Windows\system32\404Fix.exe
2008-10-16 03:18:21 ----D---- C:\Users\Slips\AppData\Roaming\vlc
2008-10-16 03:18:01 ----D---- C:\Program Files\VideoLAN
2008-10-16 02:45:43 ----AD---- C:\ProgramData\TEMP
2008-10-16 02:08:31 ----A---- C:\Windows\system32\uxtuneup.dll
2008-10-16 02:08:31 ----A---- C:\Windows\system32\authuitu.dll
2008-10-16 02:08:30 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-10-16 02:07:55 ----D---- C:\ProgramData\TuneUp Software
2008-10-16 02:07:42 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-10-16 01:31:19 ----D---- C:\Users\Slips\AppData\Roaming\TuneUp Software
2008-10-14 18:48:41 ----D---- C:\Users\Slips\AppData\Roaming\Ulead Systems
2008-10-14 18:12:42 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 18:12:41 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 18:12:40 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 18:12:35 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 18:12:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 18:12:16 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 09:12:35 ----D---- C:\ProgramData\AppData
2008-10-14 08:45:05 ----D---- C:\Users\Slips\AppData\Roaming\Autodesk
2008-10-14 08:42:35 ----D---- C:\ProgramData\InstallShield
2008-10-14 08:40:49 ----N---- C:\Windows\system32\ROBOEX32.DLL
2008-10-14 08:40:49 ----N---- C:\Windows\system32\INETWH32.dll
2008-10-14 08:40:47 ----D---- C:\Program Files\Ulead Systems
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\Ulead Systems
2008-10-14 08:40:37 ----D---- C:\ProgramData\Ulead Systems
2008-10-14 08:37:37 ----D---- C:\ProgramData\Tablet
2008-10-14 08:37:29 ----D---- C:\Windows\udtablet
2008-10-14 08:37:29 ----A---- C:\Windows\system32\WINTAB32.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\UTBLFILT.DLL
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TblRes.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\TBLMOUSE.EXE
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Tblfunc.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\InstallService.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\Funckey.dll
2008-10-14 08:37:29 ----A---- C:\Windows\system32\atwtusb.exe
2008-10-14 08:37:29 ----A---- C:\Windows\system32\ATWinLog.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\WTMKM.exe
2008-10-14 08:37:28 ----A---- C:\Windows\system32\BCGCBPRO730.dll
2008-10-14 08:37:28 ----A---- C:\Windows\system32\ATWTINK.DLL
2008-10-14 08:37:28 ----A---- C:\Windows\RmTablet.exe
2008-10-14 08:37:27 ----D---- C:\Windows\calib_da
2008-10-14 08:37:27 ----A---- C:\Windows\system32\XP_2000.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Vista.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\Photoshop Elements.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\PhotoImpact XL SE.ini
2008-10-14 08:37:27 ----A---- C:\Windows\system32\MKProfile.ini
2008-10-14 08:37:27 ----A---- C:\Windows\aiptbl.ini
2008-10-14 08:32:12 ----D---- C:\Program Files\Autodesk
2008-10-14 08:31:29 ----D---- C:\ProgramData\Autodesk
2008-10-14 08:31:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2008-10-14 07:21:05 ----D---- C:\ProgramData\SITEguard
2008-10-14 07:20:39 ----D---- C:\ProgramData\STOPzilla!
2008-10-14 07:20:39 ----D---- C:\Program Files\Common Files\iS3
2008-10-11 23:22:07 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-10 16:07:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-10 16:07:20 ----D---- C:\Program Files\Windows Live
2008-10-10 16:07:06 ----D---- C:\ProgramData\WLInstaller
2008-10-10 15:07:57 ----D---- C:\ProgramData\GRAW2
2008-10-10 15:05:01 ----D---- C:\ProgramData\Media Center Programs
2008-10-10 01:45:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-10 01:45:35 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-09 22:37:19 ----D---- C:\Users\Slips\AppData\Roaming\teamspeak2
2008-10-09 22:37:09 ----D---- C:\Program Files\Teamspeak2_RC2
2008-10-09 22:30:34 ----D---- C:\ProgramData\America's Army Deploy Client
2008-10-09 22:30:26 ----D---- C:\Program Files\America's Army Deploy Client
2008-10-09 08:23:51 ----D---- C:\Users\Slips\AppData\Roaming\LimeWire
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaws.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\javaw.exe
2008-10-09 08:22:49 ----A---- C:\Windows\system32\java.exe
2008-10-09 08:22:29 ----D---- C:\Program Files\Java
2008-10-09 08:22:15 ----D---- C:\Program Files\Common Files\Java
2008-10-09 08:19:45 ----D---- C:\Program Files\LimeWire
2008-10-04 20:21:57 ----D---- C:\Program Files\—zŽÃ‹‚µ‚ÃŒ’†‚ÃŒƒŠƒAƒ‹
2008-09-29 12:29:34 ----D---- C:\Windows\system32\AGEIA
2008-09-29 12:29:34 ----D---- C:\Program Files\AGEIA Technologies
2008-09-29 12:29:29 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-29 12:29:21 ----A---- C:\Windows\system32\nvcplui.exe
2008-09-29 12:28:41 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-09-24 22:41:14 ----D---- C:\Users\Slips\AppData\Roaming\InstallShield
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAudio2_2.dll
2008-09-21 13:01:40 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\xactengine3_2.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DX9_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\d3dx10_39.dll
2008-09-21 13:01:39 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-21 13:01:38 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-21 13:01:37 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-21 13:01:36 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-21 13:01:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-21 13:01:34 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-21 13:01:33 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-21 13:01:32 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-21 13:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-09-21 13:01:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-09-21 13:01:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-09-21 13:00:40 ----D---- C:\Windows\system32\directx
2008-09-21 12:10:38 ----D---- C:\Users\Slips\AppData\Roaming\My Games
2008-09-21 11:42:01 ----D---- C:\Program Files\DAEMON Tools Lite
2008-09-21 11:39:45 ----D---- C:\Users\Slips\AppData\Roaming\DAEMON Tools
2008-09-21 11:34:50 ----D---- C:\Users\Slips\AppData\Roaming\Uniblue
2008-09-21 11:01:48 ----D---- C:\ProgramData\Azureus
2008-09-21 11:01:47 ----D---- C:\Users\Slips\AppData\Roaming\Azureus

======List of files/folders modified in the last 1 months======

2008-10-19 14:45:37 ----D---- C:\Windows\System32
2008-10-19 14:45:37 ----D---- C:\Windows\inf
2008-10-19 14:45:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-19 14:43:03 ----D---- C:\Windows\system32\drivers
2008-10-19 14:43:02 ----D---- C:\Windows
2008-10-19 14:41:05 ----A---- C:\Windows\system.ini
2008-10-19 14:39:28 ----D---- C:\Windows\system32\config
2008-10-19 14:39:27 ----D---- C:\Windows\Prefetch
2008-10-19 14:36:23 ----D---- C:\Windows\AppPatch
2008-10-19 14:36:23 ----D---- C:\Program Files\Common Files
2008-10-19 14:35:13 ----SHD---- C:\System Volume Information
2008-10-19 14:34:42 ----D---- C:\Windows\system32\en-US
2008-10-18 13:46:02 ----RD---- C:\Program Files
2008-10-18 13:46:02 ----HD---- C:\ProgramData
2008-10-17 04:41:40 ----D---- C:\Windows\system32\Tasks
2008-10-17 03:38:30 ----SD---- C:\ProgramData\Microsoft
2008-10-17 03:37:24 ----A---- C:\Windows\ntbtlog.txt
2008-10-17 03:16:30 ----D---- C:\Windows\system32\catroot2
2008-10-17 01:59:03 ----D---- C:\Program Files\Mozilla Firefox
2008-10-16 15:20:44 ----SHD---- C:\Windows\Installer
2008-10-16 05:18:10 ----D---- C:\Windows\system32\WDI
2008-10-16 02:08:33 ----D---- C:\Windows\Tasks
2008-10-14 19:01:51 ----SD---- C:\Users\Slips\AppData\Roaming\Microsoft
2008-10-14 18:31:42 ----D---- C:\Windows\Microsoft.NET
2008-10-14 18:31:39 ----RSD---- C:\Windows\assembly
2008-10-14 18:27:45 ----D---- C:\Windows\winsxs
2008-10-14 18:17:41 ----D---- C:\Windows\system32\catroot
2008-10-14 18:15:41 ----D---- C:\Windows\ehome
2008-10-14 18:15:41 ----D---- C:\Program Files\Windows Mail
2008-10-14 18:15:40 ----D---- C:\Windows\system32\migration
2008-10-14 18:13:56 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 08:42:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-14 08:40:49 ----RSD---- C:\Windows\Fonts
2008-10-14 08:40:47 ----SD---- C:\Windows\Downloaded Program Files
2008-10-14 08:40:47 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-14 08:37:37 ----A---- C:\Windows\win.ini
2008-10-11 23:40:26 ----D---- C:\Windows\rescache
2008-10-11 23:16:35 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-10 01:45:35 ----D---- C:\Windows\system32\LogFiles
2008-10-07 15:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 04:27:51 ----D---- C:\Windows\Minidump
2008-09-29 12:30:55 ----D---- C:\ProgramData\NVIDIA
2008-09-29 03:01:30 ----D---- C:\Windows\LiveKernelReports
2008-09-21 13:00:40 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-09-03 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-09-03 55024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 BT848;AVerMedia AVerTV WDM Video Capture (878); C:\Windows\system32\drivers\Bt848.sys [2004-07-06 163840]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-09-03 7408]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 avh1quj0;avh1quj0; C:\Windows\system32\drivers\avh1quj0.sys []
S3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-14 79360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Auto Desk 3DS Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-10 66872]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-10-16 355584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Log in or Sign up

Solved Win32:adware-gen[Adw] need help

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Win32:adware-gen[Adw] need help

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Geri Inactive Alumni

SlipofMind Inactive Thread Starter

SlipofMind Inactive Thread Starter

Share This Page

Useful Searches