Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help! My MS Outlook is sending spam

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: help! My MS Outlook is sending spam

Unread postby almic » December 9th, 2009, 8:42 pm

Part 2 of 2

Logfile of random's system information tool 1.06 (written by random/random)
Run by jmicl034 at 2009-12-09 19:18:34
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 13 GB (23%) free of 57 GB
Total RAM: 2813 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:04, on 2009-12-09
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Lexmark 5200 series\lxbtmon.exe
C:\Users\jmicl034\AppData\Local\Google\Chrome\Application\chrome.exe
d:\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
d:\Desktop\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\jmicl034.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.medicine.uottawa.ca/Students/MD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NtrigApplet] C:\Program Files\N-trig\N-trig Software Bundle\NtrigApplet.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxbt_device - - C:\Windows\system32\lxbtcoms.exe
O23 - Service: Dell Internal Network Card Power Management (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 8647 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4288720384-1415621487-3964185074-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4288720384-1415621487-3964185074-1003UA.job
C:\Windows\tasks\User_Feed_Synchronization-{3016D178-EC12-4A9A-BE58-74B538A1B08E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-10-11 163840]
"NtrigApplet"=C:\Program Files\N-trig\N-trig Software Bundle\NtrigApplet.exe [2008-06-04 2248704]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-28 134808]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2007-08-14 48904]
"Lexmark 5200 series"=C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe [2004-03-25 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-07 405504]
"LXBTCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16 []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-10-03 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\Windows\system32\WLTRAY.exe [2007-03-21 1548288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-22 107112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 5200 Series\ezprint.exe [2007-05-03 103344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\jmicl034\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-21 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-03-20 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-03-20 86960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-06-02 5451536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBTCATS]
rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbtmon.exe]
C:\Program Files\Lexmark 5200 Series\lxbtmon.exe [2007-05-03 230320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2007-09-17 124200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
C:\Windows\system32\WDBtnMgr.exe [2008-10-02 364544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EEPUpdater.lnk]
C:\PROGRA~1\ESSENT~1\Updater\EEPUPD~1.EXE [2008-06-02 368640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2009-07-19 66864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]
C:\PROGRA~1\Dell\QuickSet\quickset.exe [2008-02-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
C:\Windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2008-04-22 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk]
C:\PROGRA~1\Memeo\AutoSync\MEMEOL~1.EXE --silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Skyscape SmartUpdate.lnk]
C:\PROGRA~1\COMMON~1\Skyscape\SMARTU~1.EXE [2009-01-26 12496896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WD Anywhere Backup Launcher.lnk]
C:\Users\jmicl034\AppData\Roaming\Microsoft\Installer\{B9A81070-616D-4E93-BE02-CEE651343204}\NewShortcut4_3A95A0BFA90C41A28DFACEDE7630C4FB.exe --silent []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2007-08-14 89600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d28f8d6-115e-11dd-be38-001d0938b8f0}]
shell\AutoRun\command - ekugb3.bat
shell\explore\command - ekugb3.bat
shell\open\command - ekugb3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73fbdb26-bb91-11dd-93b7-00219bdabeec}]
shell\AutoRun\command - ctc.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7f70ef5-8fb3-11dd-b171-00219bdabeec}]
shell\AutoRun\command - E:\wd_windows_tools\WDEULA.exe


======List of files/folders created in the last 1 months======

2009-12-09 19:08:19 ----D---- C:\rsit
2009-12-09 18:37:56 ----D---- C:\ProgramData\Malwarebytes
2009-12-09 18:37:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-09 03:09:00 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 03:08:56 ----A---- C:\Windows\system32\httpapi.dll
2009-12-08 17:49:00 ----A---- C:\Windows\system32\wininet.dll
2009-12-08 17:48:59 ----A---- C:\Windows\system32\mshtml.dll
2009-12-08 17:48:58 ----A---- C:\Windows\system32\urlmon.dll
2009-12-08 17:48:55 ----A---- C:\Windows\system32\ieframe.dll
2009-12-08 17:48:52 ----A---- C:\Windows\system32\ieui.dll
2009-12-08 17:48:50 ----A---- C:\Windows\system32\ieencode.dll
2009-12-08 17:48:46 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-08 17:48:39 ----A---- C:\Windows\system32\winhttp.dll
2009-12-08 17:44:41 ----A---- C:\Windows\system32\rastls.dll
2009-11-25 03:02:07 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 22:20:19 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 22:20:17 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 18:02:09 ----A---- C:\Windows\system32\javaws.exe
2009-11-23 18:02:09 ----A---- C:\Windows\system32\javaw.exe
2009-11-23 18:01:53 ----A---- C:\Windows\system32\java.exe
2009-11-22 19:05:45 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-17 03:26:57 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 03:06:15 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 03:06:13 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 03:06:13 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 03:05:04 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 03:05:02 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 03:05:00 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 03:04:58 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 03:04:57 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 03:04:09 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 03:04:09 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 03:04:09 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 03:04:01 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 03:03:53 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 03:03:53 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 03:03:52 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 03:01:24 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 03:01:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 03:01:22 ----A---- C:\Windows\system32\oleacc.dll
2009-11-12 23:08:18 ----D---- C:\Windows\system32\eu-ES
2009-11-12 23:08:18 ----D---- C:\Windows\system32\ca-ES
2009-11-12 23:08:13 ----D---- C:\Windows\system32\vi-VN
2009-11-12 16:45:40 ----D---- C:\Windows\system32\EventProviders
2009-11-12 14:49:52 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-11-12 14:49:46 ----A---- C:\Windows\system32\SLsvc.exe
2009-11-12 14:49:46 ----A---- C:\Windows\system32\SLCExt.dll
2009-11-12 14:49:42 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-11-12 14:49:42 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-11-12 14:49:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-11-12 14:49:38 ----A---- C:\Windows\system32\mssrch.dll
2009-11-12 14:49:33 ----A---- C:\Windows\system32\tquery.dll
2009-11-12 14:49:30 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-11-12 14:49:29 ----A---- C:\Windows\system32\scavenge.dll
2009-11-12 14:49:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-11-12 14:49:29 ----A---- C:\Windows\system32\RMActivate.exe
2009-11-12 14:49:27 ----A---- C:\Windows\system32\msi.dll
2009-11-12 14:49:25 ----A---- C:\Windows\system32\imapi2fs.dll
2009-11-12 14:49:23 ----A---- C:\Windows\system32\secproc_isv.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\WscEapPr.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\sysmain.dll
2009-11-12 14:49:19 ----A---- C:\Windows\system32\icardagt.exe
2009-11-12 14:49:17 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-11-12 14:49:16 ----A---- C:\Windows\system32\EhStorShell.dll
2009-11-12 14:49:15 ----A---- C:\Windows\system32\spreview.exe
2009-11-12 14:49:14 ----A---- C:\Windows\system32\spinstall.exe
2009-11-12 14:49:14 ----A---- C:\Windows\system32\drmv2clt.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\spwizui.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\shell32.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\secproc.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-11-12 14:49:09 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-11-12 14:49:09 ----A---- C:\Windows\system32\p2psvc.dll
2009-11-12 14:49:08 ----A---- C:\Windows\system32\mssvp.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mssphtb.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mssph.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mscoree.dll
2009-11-12 14:49:06 ----A---- C:\Windows\system32\imapi2.dll
2009-11-12 14:49:05 ----A---- C:\Windows\system32\sdohlp.dll
2009-11-12 14:49:04 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-11-12 14:49:04 ----A---- C:\Windows\system32\esent.dll
2009-11-12 14:49:03 ----A---- C:\Windows\system32\DevicePairing.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\wevtsvc.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\sperror.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-11-12 14:49:02 ----A---- C:\Windows\system32\korwbrkr.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\SLC.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\IasMigReader.exe
2009-11-12 14:49:00 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-11-12 14:49:00 ----A---- C:\Windows\system32\msshsq.dll
2009-11-12 14:48:58 ----A---- C:\Windows\system32\pmcsnap.dll
2009-11-12 14:48:55 ----A---- C:\Windows\system32\msjet40.dll
2009-11-12 14:48:54 ----A---- C:\Windows\system32\MPSSVC.dll
2009-11-12 14:48:52 ----A---- C:\Windows\system32\Query.dll
2009-11-12 14:48:52 ----A---- C:\Windows\system32\qmgr.dll
2009-11-12 14:48:51 ----A---- C:\Windows\system32\msexch40.dll
2009-11-12 14:48:51 ----A---- C:\Windows\system32\diagperf.dll
2009-11-12 14:48:50 ----A---- C:\Windows\system32\P2PGraph.dll
2009-11-12 14:48:50 ----A---- C:\Windows\system32\ole32.dll
2009-11-12 14:48:49 ----A---- C:\Windows\system32\srchadmin.dll
2009-11-12 14:48:49 ----A---- C:\Windows\system32\ntdll.dll
2009-11-12 14:48:48 ----A---- C:\Windows\system32\winload.exe
2009-11-12 14:48:48 ----A---- C:\Windows\system32\mblctr.exe
2009-11-12 14:48:47 ----A---- C:\Windows\system32\uDWM.dll
2009-11-12 14:48:47 ----A---- C:\Windows\system32\mmc.exe
2009-11-12 14:48:47 ----A---- C:\Windows\system32\EncDec.dll
2009-11-12 14:48:46 ----A---- C:\Windows\system32\dfsr.exe
2009-11-12 14:48:45 ----A---- C:\Windows\system32\riched20.dll
2009-11-12 14:48:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-11-12 14:48:44 ----A---- C:\Windows\system32\fdBth.dll
2009-11-12 14:48:43 ----A---- C:\Windows\system32\RacEngn.dll
2009-11-12 14:48:42 ----A---- C:\Windows\system32\kernel32.dll
2009-11-12 14:48:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-11-12 14:48:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-11-12 14:48:41 ----A---- C:\Windows\system32\milcore.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\spoolss.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-12 14:48:39 ----A---- C:\Windows\system32\schedsvc.dll
2009-11-12 14:48:39 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\msvcp60.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\msjtes40.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-11-12 14:48:35 ----A---- C:\Windows\system32\infocardapi.dll
2009-11-12 14:48:35 ----A---- C:\Windows\system32\gpedit.dll
2009-11-12 14:48:34 ----A---- C:\Windows\system32\WinSAT.exe
2009-11-12 14:48:34 ----A---- C:\Windows\system32\es.dll
2009-11-12 14:48:33 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-11-12 14:48:33 ----A---- C:\Windows\system32\Magnify.exe
2009-11-12 14:48:33 ----A---- C:\Windows\system32\cscsvc.dll
2009-11-12 14:48:33 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\WebClnt.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\mstext40.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\advapi32.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\slwmi.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\msxbde40.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\msexcl40.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\comsvcs.dll
2009-11-12 14:48:30 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-11-12 14:48:29 ----A---- C:\Windows\system32\vssapi.dll
2009-11-12 14:48:28 ----A---- C:\Windows\system32\msfeeds.dll
2009-11-12 14:48:28 ----A---- C:\Windows\system32\authui.dll
2009-11-12 14:48:27 ----A---- C:\Windows\system32\NetProjW.dll
2009-11-12 14:48:26 ----A---- C:\Windows\system32\vbscript.dll
2009-11-12 14:48:26 ----A---- C:\Windows\system32\PresentationHost.exe
2009-11-12 14:48:26 ----A---- C:\Windows\system32\msrepl40.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\propsys.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\newdev.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\iasrecst.dll
2009-11-12 14:48:24 ----A---- C:\Windows\system32\gpsvc.dll
2009-11-12 14:48:24 ----A---- C:\Windows\system32\eudcedit.exe
2009-11-12 14:48:24 ----A---- C:\Windows\system32\crypt32.dll
2009-11-12 14:48:23 ----A---- C:\Windows\system32\rpcss.dll
2009-11-12 14:48:23 ----A---- C:\Windows\system32\iedkcs32.dll
2009-11-12 14:48:23 ----A---- C:\Windows\explorer.exe
2009-11-12 14:48:22 ----A---- C:\Windows\system32\setupapi.dll
2009-11-12 14:48:22 ----A---- C:\Windows\system32\mspbde40.dll
2009-11-12 14:48:22 ----A---- C:\Windows\system32\d3d9.dll
2009-11-12 14:48:21 ----A---- C:\Windows\system32\msltus40.dll
2009-11-12 14:48:21 ----A---- C:\Windows\system32\davclnt.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\shlwapi.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\msrd3x40.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\mfc42.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\wevtapi.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\photowiz.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\nlhtml.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\msdtctm.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\browseui.dll
2009-11-12 14:48:17 ----A---- C:\Windows\system32\user32.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\samsrv.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\quartz.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\ci.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\win32spl.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\oleaut32.dll
2009-11-12 14:48:14 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-11-12 14:48:13 ----A---- C:\Windows\system32\netshell.dll
2009-11-12 14:48:13 ----A---- C:\Windows\system32\compcln.exe
2009-11-12 14:48:12 ----A---- C:\Windows\system32\apds.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\xmlfilter.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\mswstr10.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\audiosrv.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\msvcrt.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\msctf.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\emdmgmt.dll
2009-11-12 14:48:09 ----A---- C:\Windows\system32\VSSVC.exe
2009-11-12 14:48:09 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-11-12 14:48:09 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-11-12 14:48:09 ----A---- C:\Windows\system32\gdi32.dll
2009-11-12 14:48:08 ----A---- C:\Windows\system32\SLUI.exe
2009-11-12 14:48:08 ----A---- C:\Windows\system32\mfc42u.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\msrd2x40.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\eapphost.dll
2009-11-12 14:48:06 ----A---- C:\Windows\system32\wbengine.exe
2009-11-12 14:48:05 ----A---- C:\Windows\system32\winresume.exe
2009-11-12 14:48:05 ----A---- C:\Windows\system32\shdocvw.dll
2009-11-12 14:48:05 ----A---- C:\Windows\system32\propdefs.dll
2009-11-12 14:48:05 ----A---- C:\Windows\system32\odbc32.dll
2009-11-12 14:48:04 ----A---- C:\Windows\system32\dbgeng.dll
2009-11-12 14:48:03 ----A---- C:\Windows\system32\wevtutil.exe
2009-11-12 14:48:03 ----A---- C:\Windows\system32\mssitlb.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\swprv.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-11-12 14:48:00 ----A---- C:\Windows\system32\usp10.dll
2009-11-12 14:47:59 ----A---- C:\Windows\system32\vds.exe
2009-11-12 14:47:59 ----A---- C:\Windows\system32\mshtmled.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\netlogon.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\msscb.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\msctfp.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\drvinst.exe
2009-11-12 14:47:58 ----A---- C:\Windows\system32\devmgr.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\BFE.DLL
2009-11-12 14:47:58 ----A---- C:\Windows\system32\adsldpc.dll
2009-11-12 14:47:57 ----A---- C:\Windows\system32\WFS.exe
2009-11-12 14:47:57 ----A---- C:\Windows\system32\evr.dll
2009-11-12 14:47:56 ----A---- C:\Windows\system32\Wldap32.dll
2009-11-12 14:47:56 ----A---- C:\Windows\system32\wcnwiz.dll
2009-11-12 14:47:55 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-11-12 14:47:54 ----A---- C:\Windows\system32\services.exe
2009-11-12 14:47:54 ----A---- C:\Windows\system32\iertutil.dll
2009-11-12 14:47:53 ----A---- C:\Windows\system32\wercon.exe
2009-11-12 14:47:52 ----A---- C:\Windows\system32\comdlg32.dll
2009-11-12 14:47:52 ----A---- C:\Windows\system32\adtschema.dll
2009-11-12 14:47:51 ----A---- C:\Windows\system32\wcncsvc.dll
2009-11-12 14:47:51 ----A---- C:\Windows\system32\mimefilt.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\taskeng.exe
2009-11-12 14:47:50 ----A---- C:\Windows\system32\reg.exe
2009-11-12 14:47:50 ----A---- C:\Windows\system32\mswdat10.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msjter40.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msdtcprx.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msdrm.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\certcli.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\rtffilt.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\dnsapi.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\certutil.exe
2009-11-12 14:47:48 ----A---- C:\Windows\system32\w32time.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\msshooks.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\msscntrs.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-11-12 14:47:48 ----A---- C:\Windows\system32\bcrypt.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\rsaenh.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\msihnd.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\bthserv.dll
2009-11-12 14:47:46 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-11-12 14:47:46 ----A---- C:\Windows\system32\msstrc.dll
2009-11-12 14:47:46 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\scrptadm.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\netapi32.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\inetcomm.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\dfshim.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\mtxclu.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\mscories.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\inetpp.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\hidserv.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\fundisc.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\cryptsvc.dll
2009-11-12 14:47:41 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-11-12 14:47:41 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-11-12 14:47:40 ----A---- C:\Windows\system32\termsrv.dll
2009-11-12 14:47:40 ----A---- C:\Windows\system32\profsvc.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\wdc.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\shsvcs.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\msiexec.exe
2009-11-12 14:47:38 ----A---- C:\Windows\system32\imapi.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\chsbrkr.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\spoolsv.exe
2009-11-12 14:47:37 ----A---- C:\Windows\system32\rasmans.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\pnidui.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\icardres.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\iassdo.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\wersvc.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\slmgr.vbs
2009-11-12 14:47:36 ----A---- C:\Windows\system32\scrrun.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\PSHED.DLL
2009-11-12 14:47:36 ----A---- C:\Windows\system32\autofmt.exe
2009-11-12 14:47:35 ----A---- C:\Windows\system32\pidgenx.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\pdh.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\azroles.dll
2009-11-12 14:47:34 ----A---- C:\Windows\system32\wmpmde.dll
2009-11-12 14:47:33 ----A---- C:\Windows\system32\winlogon.exe
2009-11-12 14:47:33 ----A---- C:\Windows\system32\SyncCenter.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\SLUINotify.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\comuid.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\sethc.exe
2009-11-12 14:47:31 ----A---- C:\Windows\system32\ncrypt.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\kd1394.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\certmgr.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\wisptis.exe
2009-11-12 14:47:30 ----A---- C:\Windows\system32\untfs.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\taskcomp.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\spp.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\scrobj.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\rtutils.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\iassam.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\dwm.exe
2009-11-12 14:47:29 ----A---- C:\Windows\system32\printui.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\iasnap.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\cscui.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\autoconv.exe
2009-11-12 14:47:29 ----A---- C:\Windows\system32\autochk.exe
2009-11-12 14:47:28 ----A---- C:\Windows\system32\winsrv.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\wow32.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\userenv.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\osk.exe
2009-11-12 14:47:27 ----A---- C:\Windows\system32\onex.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\kdcom.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\cscript.exe
2009-11-12 14:47:27 ----A---- C:\Windows\system32\basecsp.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\audiodg.exe
2009-11-12 14:47:26 ----A---- C:\Windows\system32\winmm.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\spcmsg.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\RelMon.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\mswsock.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\kdusb.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\WinSCard.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-11-12 14:47:25 ----A---- C:\Windows\system32\rdpencom.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\offfilt.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\msftedit.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\wsepno.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\WerFault.exe
2009-11-12 14:47:23 ----A---- C:\Windows\system32\Utilman.exe
2009-11-12 14:47:23 ----A---- C:\Windows\system32\stobject.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\mfplat.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\diskraid.exe
2009-11-12 14:47:22 ----A---- C:\Windows\system32\sysclass.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\SndVol.exe
2009-11-12 14:47:22 ----A---- C:\Windows\system32\prnntfy.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\msnetobj.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\mscms.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\apphelp.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\adsmsext.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\wscript.exe
2009-11-12 14:47:21 ----A---- C:\Windows\system32\wiaservc.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\ulib.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\odbccp32.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\iasdatastore.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\dsound.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\cryptui.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\wscntfy.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\rastapi.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\pnpsetup.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-11-12 14:47:20 ----A---- C:\Windows\system32\fdProxy.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\wscsvc.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-11-12 14:47:19 ----A---- C:\Windows\system32\wlangpui.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\vdsdyn.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\logman.exe
2009-11-12 14:47:19 ----A---- C:\Windows\system32\iepeers.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\iashlpr.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\gpapi.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\diskpart.exe
2009-11-12 14:47:19 ----A---- C:\Windows\system32\brcpl.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\wusa.exe
2009-11-12 14:47:18 ----A---- C:\Windows\system32\regsvc.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\rasapi32.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\ntprint.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\mscorier.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\iasrad.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\zipfldr.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\wshext.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\netcenter.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\findstr.exe
2009-11-12 14:47:16 ----A---- C:\Windows\system32\wer.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\webcheck.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\rasdlg.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\iassvcs.dll
2009-11-12 14:47:15 ----A---- C:\Windows\system32\wsnmp32.dll
2009-11-12 14:47:15 ----A---- C:\Windows\system32\themecpl.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\uxsms.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\tsbyuv.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\srvsvc.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\slcc.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\scansetting.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\ntmarta.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\msutb.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\mstlsapi.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\mssprxy.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\iasads.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\powrprof.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\networkmap.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\mstsc.exe
2009-11-12 14:47:12 ----A---- C:\Windows\system32\iasacct.dll
2009-11-12 14:47:11 ----A---- C:\Windows\system32\powercpl.dll
2009-11-12 14:47:11 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\umrdp.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\newdev.exe
2009-11-12 14:47:10 ----A---- C:\Windows\system32\connect.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\authz.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\themeui.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\systemcpl.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\sud.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\pcaui.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\dot3svc.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\usercpl.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\samlib.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\qdvd.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\mmci.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\brcplsiw.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\autoplay.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\wlanpref.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\rpchttp.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\ieaksie.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\vdsutil.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\regapi.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\msinfo32.exe
2009-11-12 14:47:06 ----A---- C:\Windows\system32\cscobj.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\tapisrv.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\scksp.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\feclient.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\wscisvif.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\scesrv.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\rekeywiz.exe
2009-11-12 14:47:04 ----A---- C:\Windows\system32\psisdecd.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\oleprn.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\mpr.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\imm32.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\iaspolcy.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\Faultrep.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\dot3msm.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\DeviceEject.exe
2009-11-12 14:47:04 ----A---- C:\Windows\system32\AudioSes.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\sdclt.exe
2009-11-12 14:47:03 ----A---- C:\Windows\system32\qedit.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\pnpui.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\perfdisk.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\ncryptui.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\dpapimig.exe
2009-11-12 14:47:03 ----A---- C:\Windows\system32\certreq.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\TSTheme.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\spwinsat.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\scecli.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\rasplap.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\rasgcw.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\hdwwiz.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-11-12 14:47:02 ----A---- C:\Windows\system32\extmgr.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\whealogr.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\tcpmon.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-11-12 14:47:01 ----A---- C:\Windows\system32\fdWSD.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\cmmon32.exe
2009-11-12 14:47:00 ----A---- C:\Windows\system32\srcore.dll
2009-11-12 14:47:00 ----A---- C:\Windows\system32\conime.exe
2009-11-12 14:47:00 ----A---- C:\Windows\system32\cmdial32.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\SnippingTool.exe
2009-11-12 14:46:59 ----A---- C:\Windows\system32\SCardSvr.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\raschap.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\fontext.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-11-12 14:46:58 ----A---- C:\Windows\system32\wlanui.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\wiaaut.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\shwebsvc.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\rasppp.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\PnPutil.exe
2009-11-12 14:46:57 ----A---- C:\Windows\system32\oobefldr.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\dsprop.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\dimsroam.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\shsetup.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\rasmontr.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\occache.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\mscandui.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\modemui.dll
2009-11-12 14:46:55 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-11-12 14:46:55 ----A---- C:\Windows\system32\chtbrkr.dll
2009-11-12 14:46:54 ----A---- C:\Windows\system32\dataclen.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\WSDMon.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\smss.exe
2009-11-12 14:46:53 ----A---- C:\Windows\system32\rdpwsx.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\netplwiz.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\CscMig.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\credui.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\blackbox.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\appmgmts.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\wmpeffects.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\networkexplorer.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\mstime.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\certprop.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\msscp.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\logagent.exe
2009-11-12 14:46:51 ----A---- C:\Windows\system32\InkEd.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\ifmon.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\cipher.exe
2009-11-12 14:46:50 ----A---- C:\Windows\system32\wscapi.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\thawbrkr.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\msrating.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\msimtf.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\gpresult.exe
2009-11-12 14:46:49 ----A---- C:\Windows\system32\softkbd.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\sendmail.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\msctfui.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\rdpclip.exe
2009-11-12 14:46:48 ----A---- C:\Windows\system32\olepro32.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\dmsynth.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\wshbth.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\version.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\SLLUA.exe
2009-11-12 14:46:47 ----A---- C:\Windows\system32\puiapi.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\msisip.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\mprapi.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\input.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\gpprnext.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\fc.exe
2009-11-12 14:46:47 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\rdpendp.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\msjint40.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\fdSSDP.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\dmusic.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\cscapi.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\wsdchngr.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\Storprop.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\rasdial.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\rasdiag.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\l2nacp.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\ftp.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\eapp3hst.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\cscdll.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\bthudtask.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\bthci.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\tscupgrd.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\slcinst.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\nslookup.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\ipconfig.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\gpscript.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\gpscript.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\fdWCN.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\eappcfg.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\dot3cfg.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\qprocess.exe
2009-11-12 14:46:43 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\ocsetup.exe
2009-11-12 14:46:43 ----A---- C:\Windows\system32\mmcico.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\hbaapi.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\fdeploy.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\eappgnui.dll
2009-11-12 14:46:42 ----A---- C:\Windows\system32\tscon.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\gpupdate.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\csrstub.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\chgusr.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\chgport.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\cbsra.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\tskill.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\shadow.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\rwinsta.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\NcdProp.dll
2009-11-12 14:46:41 ----A---- C:\Windows\system32\logoff.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\iscsilog.dll
2009-11-12 14:46:41 ----A---- C:\Windows\system32\chglogon.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\bitsigd.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\vdmdbg.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\tsdiscon.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\slwga.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\reset.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\query.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\qappsrv.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\odbcconf.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\inetppui.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\winrnr.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\midimap.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\change.exe
2009-11-12 14:46:34 ----A---- C:\Windows\system32\msimsg.dll
2009-11-12 14:46:34 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-11-12 14:46:08 ----A---- C:\Windows\system32\SmiEngine.dll
2009-11-12 14:46:00 ----A---- C:\Windows\system32\wdscore.dll
2009-11-12 14:46:00 ----A---- C:\Windows\system32\PkgMgr.exe
2009-11-12 14:45:40 ----A---- C:\Windows\system32\drvstore.dll
2009-11-10 21:45:05 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-10 19:10:37 ----D---- C:\Program Files\Microsoft

======List of files/folders modified in the last 1 months======

2009-12-09 19:16:05 ----D---- C:\Windows\Prefetch
2009-12-09 19:15:43 ----D---- C:\Program Files\Lx_cats
2009-12-09 18:40:44 ----D---- C:\Windows\system32\drivers
2009-12-09 18:37:56 ----HD---- C:\ProgramData
2009-12-09 18:37:54 ----RD---- C:\Program Files
2009-12-09 18:37:06 ----D---- C:\Windows\Temp
2009-12-09 16:42:23 ----D---- C:\Windows\System32
2009-12-09 16:42:23 ----D---- C:\Windows\inf
2009-12-09 16:42:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-09 14:01:21 ----D---- C:\Windows\pss
2009-12-09 13:59:06 ----SHD---- C:\Windows\Installer
2009-12-09 03:53:11 ----D---- C:\Windows\rescache
2009-12-09 03:48:18 ----D---- C:\Windows\winsxs
2009-12-09 03:38:02 ----D---- C:\Windows\system32\catroot
2009-12-09 03:31:03 ----D---- C:\Windows\system32\catroot2
2009-12-09 03:30:25 ----D---- C:\Windows\system32\en-US
2009-12-09 03:30:24 ----D---- C:\Program Files\Windows Mail
2009-12-09 03:12:34 ----D---- C:\ProgramData\Microsoft Help
2009-12-09 03:08:42 ----RSD---- C:\Windows\assembly
2009-12-09 03:00:50 ----SHD---- C:\System Volume Information
2009-12-08 12:31:05 ----D---- C:\Program Files\Common Files
2009-12-01 15:41:22 ----D---- C:\Windows\Minidump
2009-12-01 15:41:22 ----D---- C:\Windows
2009-12-01 15:41:08 ----SD---- C:\Windows\Downloaded Program Files
2009-12-01 15:41:08 ----D---- C:\Program Files\Vividesk
2009-12-01 15:33:43 ----D---- C:\Program Files\ATI
2009-12-01 15:06:20 ----A---- C:\Windows\system32\mrt.exe
2009-12-01 13:11:45 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2009-12-01 13:02:45 ----A---- C:\Windows\ntbtlog.txt
2009-11-23 18:00:14 ----D---- C:\Program Files\Java
2009-11-17 08:36:26 ----D---- C:\Windows\system32\Tasks
2009-11-17 03:26:57 ----D---- C:\Windows\system32\wbem
2009-11-17 03:26:53 ----D---- C:\Windows\system32\zh-TW
2009-11-17 03:26:53 ----D---- C:\Windows\system32\zh-HK
2009-11-17 03:26:53 ----D---- C:\Windows\system32\uk-UA
2009-11-17 03:26:53 ----D---- C:\Windows\system32\tr-TR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\th-TH
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sv-SE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sl-SI
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sk-SK
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pt-PT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pt-BR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pl-PL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\nl-NL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\lv-LV
2009-11-17 03:26:53 ----D---- C:\Windows\system32\lt-LT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\ko-KR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\it-IT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\hu-HU
2009-11-17 03:26:53 ----D---- C:\Windows\system32\hr-HR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\he-IL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\fr-FR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\fi-FI
2009-11-17 03:26:53 ----D---- C:\Windows\system32\et-EE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\es-ES
2009-11-17 03:26:53 ----D---- C:\Windows\system32\el-GR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\de-DE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\bg-BG
2009-11-17 03:26:52 ----D---- C:\Windows\system32\zh-CN
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ru-RU
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ro-RO
2009-11-17 03:26:52 ----D---- C:\Windows\system32\nb-NO
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ja-JP
2009-11-17 03:26:52 ----D---- C:\Windows\system32\da-DK
2009-11-17 03:26:52 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ar-SA
2009-11-13 14:55:28 ----D---- C:\Windows\Microsoft.NET
2009-11-12 23:26:49 ----SHD---- C:\Boot
2009-11-12 23:10:51 ----D---- C:\Program Files\Windows Calendar
2009-11-12 23:10:51 ----D---- C:\Program Files\Movie Maker
2009-11-12 23:10:48 ----D---- C:\Program Files\Windows Sidebar
2009-11-12 23:10:48 ----D---- C:\Program Files\Internet Explorer
2009-11-12 23:10:47 ----D---- C:\Program Files\Windows Media Player
2009-11-12 23:10:46 ----D---- C:\Program Files\Windows Journal
2009-11-12 23:10:46 ----D---- C:\Program Files\Windows Collaboration
2009-11-12 23:10:43 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-12 23:10:43 ----D---- C:\Program Files\Common Files\System
2009-11-12 23:10:39 ----D---- C:\Program Files\Windows Defender
2009-11-12 23:10:38 ----D---- C:\Windows\servicing
2009-11-12 23:10:22 ----D---- C:\Windows\IME
2009-11-12 23:10:21 ----D---- C:\Windows\system32\XPSViewer
2009-11-12 23:10:21 ----D---- C:\Windows\PolicyDefinitions
2009-11-12 23:10:08 ----D---- C:\Windows\system32\oobe
2009-11-12 23:10:07 ----D---- C:\Windows\system32\migration
2009-11-12 23:10:01 ----D---- C:\Windows\system32\setup
2009-11-12 23:10:01 ----D---- C:\Windows\system32\AdvancedInstallers
2009-11-12 23:10:00 ----D---- C:\Windows\system32\SLUI
2009-11-12 23:09:57 ----D---- C:\Windows\system32\manifeststore
2009-11-12 23:09:57 ----D---- C:\Windows\system32\en
2009-11-12 23:09:47 ----D---- C:\Windows\system32\migwiz
2009-11-12 23:08:29 ----RSD---- C:\Windows\Fonts
2009-11-12 23:08:28 ----D---- C:\Windows\AppPatch
2009-11-12 23:08:13 ----D---- C:\Windows\system32\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-10 351744]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-08-27 371248]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2007-04-03 306295]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2007-08-14 10896]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-22 163888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-27 102448]
R3 HBtnKey;DELL Tablet PC Key Buttons HID Driver; C:\Windows\system32\DRIVERS\HBtnKey.sys [2009-10-30 11392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-11 41752]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091204.006\NAVENG.SYS [2009-08-27 84912]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091204.006\NAVEX15.SYS [2009-08-27 1323568]
R3 NtrigDigitizerUSBLowerFilter;N-trig HID Tablet Digitizer KMDF Filter Driver; C:\Windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys [2007-07-19 6656]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-07 330240]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-04-22 109744]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2007-08-14 47376]
R3 umpserenum;Serenum Filter Driver ; C:\Windows\system32\DRIVERS\umpserenum.sys [2007-06-28 18432]
R3 umpusbvista;UMP Serial Port Driver ; C:\Windows\system32\DRIVERS\umpusbvista.sys [2007-07-02 56320]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
R3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-10 31616]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WUDFRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-04-30 265496]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-11-28 30872]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 lxbt_device;lxbt_device; C:\Windows\system32\lxbtcoms.exe [2007-05-03 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nicconfigsvc;Dell Internal Network Card Power Management; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [2008-02-22 390424]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 SBSDWSCService;SBSD Security Center Service; D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-07 102400]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-11-28 1962136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-21 24064]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-31 700416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

-----------------EOF-----------------

Thanks again!
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm
Advertisement
Register to Remove

Re: help! My MS Outlook is sending spam

Unread postby Dakeyras » December 10th, 2009, 9:03 am

Hi. :)

MSConfig Advice:

Personally I do not think it wise to use the System Configuration Utility unless you know exactly what your are doing as otherwise serious problems may arise.

I advise you consider this application to use instead StartUpLite.

It is very simple to use and quite effective and will advise about any unnecessary system startups that can be safely removed. By all means download it now if you so wish but do not use it until after I give the all clear.

Flash Disinfector:

  • Please download Flash Disinfector and save it to your desktop.
  • Right click on Flash_Disinfector.exe and select Run As Administrator to run it. If you receive a prompt, please allow it.
  • You will be prompted to plug in your flash/usb drive. Plug it in.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Right click on erunt-setup.exe and select Run As Administrator to Install ERUNT by following the prompts.
  • Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder. You can enable this option later if you wish.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Next:

Please download OTM to your Desktop.

  • Right-click OTM and select Run As Administrator to start the program.
  • Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + B (or, after highlighting, right-click and choose Copy):
Code: Select all
:Processes

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwfile-8876480]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBTCATS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbtmon.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EEPUpdater.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Skyscape SmartUpdate.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WD Anywhere Backup Launcher.lnk]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d28f8d6-115e-11dd-be38-001d0938b8f0}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73fbdb26-bb91-11dd-93b7-00219bdabeec}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7f70ef5-8fb3-11dd-b171-00219bdabeec}]

:Commands
[Purity]
[EmptyTemp]
[Start Explorer]
[Reboot]
  • Return to OTM, right-click in the "Paste instructions for items to be moved" window (under the yellow bar) and choose Paste
  • Then click the red MoveIt! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of it and pressing CTRL + C (or, after highlighting, right-click and choose Copy), and paste it into your next response.
  • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
  • Close OTM.

When completed the above, please post back the following:

  • How is you computer performing now? Any problems encountered and or any further symptoms?
  • OTM Log.
  • A new RSIT Log.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: help! My MS Outlook is sending spam

Unread postby almic » December 10th, 2009, 11:02 am

hello again,

computer seems to be working fine now.

My only problem is with Google Chrome which has spells of freezing and restarting. This happens almost everyday. I've tried updating it but to no avail. What do you think of Chrome?

OMT log

All processes killed
========== PROCESSES ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwfile-8876480\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXBTCATS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbtmon.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EEPUpdater.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Skyscape SmartUpdate.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jmicl034^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WD Anywhere Backup Launcher.lnk\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d28f8d6-115e-11dd-be38-001d0938b8f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d28f8d6-115e-11dd-be38-001d0938b8f0}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73fbdb26-bb91-11dd-93b7-00219bdabeec}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73fbdb26-bb91-11dd-93b7-00219bdabeec}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7f70ef5-8fb3-11dd-b171-00219bdabeec}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f7f70ef5-8fb3-11dd-b171-00219bdabeec}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default

User: Default User

User: jmicl034

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 110334 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 24604300 bytes

Total Files Cleaned = 23,60 mb


OTM by OldTimer - Version 3.1.2.2 log created on 12102009_094754

Files moved on Reboot...
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...


will post RSIT logs on a separate post.
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm

Re: help! My MS Outlook is sending spam

Unread postby almic » December 10th, 2009, 11:04 am

RSIT 1 of 2

log file

Logfile of random's system information tool 1.06 (written by random/random)
Run by jmicl034 at 2009-12-10 10:02:57
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 13 GB (22%) free of 57 GB
Total RAM: 2813 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:25, on 2009-12-10
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\N-trig\N-trig Software Bundle\NtrigApplet.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
d:\Desktop\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\jmicl034.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.medicine.uottawa.ca/Students/MD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NtrigApplet] C:\Program Files\N-trig\N-trig Software Bundle\NtrigApplet.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxbt_device - - C:\Windows\system32\lxbtcoms.exe
O23 - Service: Dell Internal Network Card Power Management (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 8200 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4288720384-1415621487-3964185074-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4288720384-1415621487-3964185074-1003UA.job
C:\Windows\tasks\User_Feed_Synchronization-{3016D178-EC12-4A9A-BE58-74B538A1B08E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-10-11 163840]
"NtrigApplet"=C:\Program Files\N-trig\N-trig Software Bundle\NtrigApplet.exe [2008-06-04 2248704]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-28 134808]
"PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2007-08-14 48904]
"Lexmark 5200 series"=C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe [2004-03-25 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-07 405504]
"LXBTCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2007-08-14 89600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-12-10 09:45:39 ----D---- C:\Windows\ERDNT
2009-12-10 09:44:18 ----D---- C:\Program Files\ERUNT
2009-12-09 19:08:19 ----D---- C:\rsit
2009-12-09 18:37:56 ----D---- C:\ProgramData\Malwarebytes
2009-12-09 18:37:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-09 03:09:00 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 03:08:56 ----A---- C:\Windows\system32\httpapi.dll
2009-12-08 17:49:00 ----A---- C:\Windows\system32\wininet.dll
2009-12-08 17:48:59 ----A---- C:\Windows\system32\mshtml.dll
2009-12-08 17:48:58 ----A---- C:\Windows\system32\urlmon.dll
2009-12-08 17:48:55 ----A---- C:\Windows\system32\ieframe.dll
2009-12-08 17:48:52 ----A---- C:\Windows\system32\ieui.dll
2009-12-08 17:48:50 ----A---- C:\Windows\system32\ieencode.dll
2009-12-08 17:48:46 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-08 17:48:39 ----A---- C:\Windows\system32\winhttp.dll
2009-12-08 17:44:41 ----A---- C:\Windows\system32\rastls.dll
2009-11-25 03:02:07 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 22:20:19 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 22:20:17 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 18:02:09 ----A---- C:\Windows\system32\javaws.exe
2009-11-23 18:02:09 ----A---- C:\Windows\system32\javaw.exe
2009-11-23 18:01:53 ----A---- C:\Windows\system32\java.exe
2009-11-22 19:05:45 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-17 03:26:57 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 03:06:15 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 03:06:13 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 03:06:13 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 03:05:04 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 03:05:02 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 03:05:00 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 03:04:59 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 03:04:58 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 03:04:58 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 03:04:57 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 03:04:57 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 03:04:56 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 03:04:09 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 03:04:09 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 03:04:09 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 03:04:01 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 03:03:53 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 03:03:53 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 03:03:52 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 03:03:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 03:01:24 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 03:01:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 03:01:22 ----A---- C:\Windows\system32\oleacc.dll
2009-11-12 23:08:18 ----D---- C:\Windows\system32\eu-ES
2009-11-12 23:08:18 ----D---- C:\Windows\system32\ca-ES
2009-11-12 23:08:13 ----D---- C:\Windows\system32\vi-VN
2009-11-12 16:45:40 ----D---- C:\Windows\system32\EventProviders
2009-11-12 14:49:52 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-11-12 14:49:46 ----A---- C:\Windows\system32\SLsvc.exe
2009-11-12 14:49:46 ----A---- C:\Windows\system32\SLCExt.dll
2009-11-12 14:49:42 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-11-12 14:49:42 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-11-12 14:49:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-11-12 14:49:38 ----A---- C:\Windows\system32\mssrch.dll
2009-11-12 14:49:33 ----A---- C:\Windows\system32\tquery.dll
2009-11-12 14:49:30 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-11-12 14:49:29 ----A---- C:\Windows\system32\scavenge.dll
2009-11-12 14:49:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-11-12 14:49:29 ----A---- C:\Windows\system32\RMActivate.exe
2009-11-12 14:49:27 ----A---- C:\Windows\system32\msi.dll
2009-11-12 14:49:25 ----A---- C:\Windows\system32\imapi2fs.dll
2009-11-12 14:49:23 ----A---- C:\Windows\system32\secproc_isv.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\WscEapPr.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-11-12 14:49:22 ----A---- C:\Windows\system32\sysmain.dll
2009-11-12 14:49:19 ----A---- C:\Windows\system32\icardagt.exe
2009-11-12 14:49:17 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-11-12 14:49:16 ----A---- C:\Windows\system32\EhStorShell.dll
2009-11-12 14:49:15 ----A---- C:\Windows\system32\spreview.exe
2009-11-12 14:49:14 ----A---- C:\Windows\system32\spinstall.exe
2009-11-12 14:49:14 ----A---- C:\Windows\system32\drmv2clt.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\spwizui.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\shell32.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\secproc.dll
2009-11-12 14:49:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-11-12 14:49:09 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-11-12 14:49:09 ----A---- C:\Windows\system32\p2psvc.dll
2009-11-12 14:49:08 ----A---- C:\Windows\system32\mssvp.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mssphtb.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mssph.dll
2009-11-12 14:49:07 ----A---- C:\Windows\system32\mscoree.dll
2009-11-12 14:49:06 ----A---- C:\Windows\system32\imapi2.dll
2009-11-12 14:49:05 ----A---- C:\Windows\system32\sdohlp.dll
2009-11-12 14:49:04 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-11-12 14:49:04 ----A---- C:\Windows\system32\esent.dll
2009-11-12 14:49:03 ----A---- C:\Windows\system32\DevicePairing.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\wevtsvc.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\sperror.dll
2009-11-12 14:49:02 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-11-12 14:49:02 ----A---- C:\Windows\system32\korwbrkr.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\SLC.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-11-12 14:49:01 ----A---- C:\Windows\system32\IasMigReader.exe
2009-11-12 14:49:00 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-11-12 14:49:00 ----A---- C:\Windows\system32\msshsq.dll
2009-11-12 14:48:58 ----A---- C:\Windows\system32\pmcsnap.dll
2009-11-12 14:48:55 ----A---- C:\Windows\system32\msjet40.dll
2009-11-12 14:48:54 ----A---- C:\Windows\system32\MPSSVC.dll
2009-11-12 14:48:52 ----A---- C:\Windows\system32\Query.dll
2009-11-12 14:48:52 ----A---- C:\Windows\system32\qmgr.dll
2009-11-12 14:48:51 ----A---- C:\Windows\system32\msexch40.dll
2009-11-12 14:48:51 ----A---- C:\Windows\system32\diagperf.dll
2009-11-12 14:48:50 ----A---- C:\Windows\system32\P2PGraph.dll
2009-11-12 14:48:50 ----A---- C:\Windows\system32\ole32.dll
2009-11-12 14:48:49 ----A---- C:\Windows\system32\srchadmin.dll
2009-11-12 14:48:49 ----A---- C:\Windows\system32\ntdll.dll
2009-11-12 14:48:48 ----A---- C:\Windows\system32\winload.exe
2009-11-12 14:48:48 ----A---- C:\Windows\system32\mblctr.exe
2009-11-12 14:48:47 ----A---- C:\Windows\system32\uDWM.dll
2009-11-12 14:48:47 ----A---- C:\Windows\system32\mmc.exe
2009-11-12 14:48:47 ----A---- C:\Windows\system32\EncDec.dll
2009-11-12 14:48:46 ----A---- C:\Windows\system32\dfsr.exe
2009-11-12 14:48:45 ----A---- C:\Windows\system32\riched20.dll
2009-11-12 14:48:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-11-12 14:48:44 ----A---- C:\Windows\system32\fdBth.dll
2009-11-12 14:48:43 ----A---- C:\Windows\system32\RacEngn.dll
2009-11-12 14:48:42 ----A---- C:\Windows\system32\kernel32.dll
2009-11-12 14:48:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-11-12 14:48:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-11-12 14:48:41 ----A---- C:\Windows\system32\milcore.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\spoolss.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-11-12 14:48:40 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-12 14:48:39 ----A---- C:\Windows\system32\schedsvc.dll
2009-11-12 14:48:39 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\msvcp60.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\msjtes40.dll
2009-11-12 14:48:36 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-11-12 14:48:35 ----A---- C:\Windows\system32\infocardapi.dll
2009-11-12 14:48:35 ----A---- C:\Windows\system32\gpedit.dll
2009-11-12 14:48:34 ----A---- C:\Windows\system32\WinSAT.exe
2009-11-12 14:48:34 ----A---- C:\Windows\system32\es.dll
2009-11-12 14:48:33 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-11-12 14:48:33 ----A---- C:\Windows\system32\Magnify.exe
2009-11-12 14:48:33 ----A---- C:\Windows\system32\cscsvc.dll
2009-11-12 14:48:33 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\WebClnt.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\mstext40.dll
2009-11-12 14:48:32 ----A---- C:\Windows\system32\advapi32.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\slwmi.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\msxbde40.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\msexcl40.dll
2009-11-12 14:48:31 ----A---- C:\Windows\system32\comsvcs.dll
2009-11-12 14:48:30 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-11-12 14:48:29 ----A---- C:\Windows\system32\vssapi.dll
2009-11-12 14:48:28 ----A---- C:\Windows\system32\msfeeds.dll
2009-11-12 14:48:28 ----A---- C:\Windows\system32\authui.dll
2009-11-12 14:48:27 ----A---- C:\Windows\system32\NetProjW.dll
2009-11-12 14:48:26 ----A---- C:\Windows\system32\vbscript.dll
2009-11-12 14:48:26 ----A---- C:\Windows\system32\PresentationHost.exe
2009-11-12 14:48:26 ----A---- C:\Windows\system32\msrepl40.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\propsys.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\newdev.dll
2009-11-12 14:48:25 ----A---- C:\Windows\system32\iasrecst.dll
2009-11-12 14:48:24 ----A---- C:\Windows\system32\gpsvc.dll
2009-11-12 14:48:24 ----A---- C:\Windows\system32\eudcedit.exe
2009-11-12 14:48:24 ----A---- C:\Windows\system32\crypt32.dll
2009-11-12 14:48:23 ----A---- C:\Windows\system32\rpcss.dll
2009-11-12 14:48:23 ----A---- C:\Windows\system32\iedkcs32.dll
2009-11-12 14:48:23 ----A---- C:\Windows\explorer.exe
2009-11-12 14:48:22 ----A---- C:\Windows\system32\setupapi.dll
2009-11-12 14:48:22 ----A---- C:\Windows\system32\mspbde40.dll
2009-11-12 14:48:22 ----A---- C:\Windows\system32\d3d9.dll
2009-11-12 14:48:21 ----A---- C:\Windows\system32\msltus40.dll
2009-11-12 14:48:21 ----A---- C:\Windows\system32\davclnt.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\shlwapi.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\msrd3x40.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\mfc42.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-11-12 14:48:20 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\wevtapi.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\photowiz.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\nlhtml.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\msdtctm.dll
2009-11-12 14:48:19 ----A---- C:\Windows\system32\browseui.dll
2009-11-12 14:48:17 ----A---- C:\Windows\system32\user32.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\samsrv.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\quartz.dll
2009-11-12 14:48:16 ----A---- C:\Windows\system32\ci.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\win32spl.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-11-12 14:48:15 ----A---- C:\Windows\system32\oleaut32.dll
2009-11-12 14:48:14 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-11-12 14:48:13 ----A---- C:\Windows\system32\netshell.dll
2009-11-12 14:48:13 ----A---- C:\Windows\system32\compcln.exe
2009-11-12 14:48:12 ----A---- C:\Windows\system32\apds.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\xmlfilter.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\mswstr10.dll
2009-11-12 14:48:11 ----A---- C:\Windows\system32\audiosrv.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\msvcrt.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\msctf.dll
2009-11-12 14:48:10 ----A---- C:\Windows\system32\emdmgmt.dll
2009-11-12 14:48:09 ----A---- C:\Windows\system32\VSSVC.exe
2009-11-12 14:48:09 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-11-12 14:48:09 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-11-12 14:48:09 ----A---- C:\Windows\system32\gdi32.dll
2009-11-12 14:48:08 ----A---- C:\Windows\system32\SLUI.exe
2009-11-12 14:48:08 ----A---- C:\Windows\system32\mfc42u.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\msrd2x40.dll
2009-11-12 14:48:07 ----A---- C:\Windows\system32\eapphost.dll
2009-11-12 14:48:06 ----A---- C:\Windows\system32\wbengine.exe
2009-11-12 14:48:05 ----A---- C:\Windows\system32\winresume.exe
2009-11-12 14:48:05 ----A---- C:\Windows\system32\shdocvw.dll
2009-11-12 14:48:05 ----A---- C:\Windows\system32\propdefs.dll
2009-11-12 14:48:05 ----A---- C:\Windows\system32\odbc32.dll
2009-11-12 14:48:04 ----A---- C:\Windows\system32\dbgeng.dll
2009-11-12 14:48:03 ----A---- C:\Windows\system32\wevtutil.exe
2009-11-12 14:48:03 ----A---- C:\Windows\system32\mssitlb.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\swprv.dll
2009-11-12 14:48:01 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-11-12 14:48:00 ----A---- C:\Windows\system32\usp10.dll
2009-11-12 14:47:59 ----A---- C:\Windows\system32\vds.exe
2009-11-12 14:47:59 ----A---- C:\Windows\system32\mshtmled.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\netlogon.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\msscb.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\msctfp.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\drvinst.exe
2009-11-12 14:47:58 ----A---- C:\Windows\system32\devmgr.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-11-12 14:47:58 ----A---- C:\Windows\system32\BFE.DLL
2009-11-12 14:47:58 ----A---- C:\Windows\system32\adsldpc.dll
2009-11-12 14:47:57 ----A---- C:\Windows\system32\WFS.exe
2009-11-12 14:47:57 ----A---- C:\Windows\system32\evr.dll
2009-11-12 14:47:56 ----A---- C:\Windows\system32\Wldap32.dll
2009-11-12 14:47:56 ----A---- C:\Windows\system32\wcnwiz.dll
2009-11-12 14:47:55 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-11-12 14:47:54 ----A---- C:\Windows\system32\services.exe
2009-11-12 14:47:54 ----A---- C:\Windows\system32\iertutil.dll
2009-11-12 14:47:53 ----A---- C:\Windows\system32\wercon.exe
2009-11-12 14:47:52 ----A---- C:\Windows\system32\comdlg32.dll
2009-11-12 14:47:52 ----A---- C:\Windows\system32\adtschema.dll
2009-11-12 14:47:51 ----A---- C:\Windows\system32\wcncsvc.dll
2009-11-12 14:47:51 ----A---- C:\Windows\system32\mimefilt.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\taskeng.exe
2009-11-12 14:47:50 ----A---- C:\Windows\system32\reg.exe
2009-11-12 14:47:50 ----A---- C:\Windows\system32\mswdat10.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msjter40.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msdtcprx.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\msdrm.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-11-12 14:47:50 ----A---- C:\Windows\system32\certcli.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\rtffilt.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\dnsapi.dll
2009-11-12 14:47:49 ----A---- C:\Windows\system32\certutil.exe
2009-11-12 14:47:48 ----A---- C:\Windows\system32\w32time.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\msshooks.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\msscntrs.dll
2009-11-12 14:47:48 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-11-12 14:47:48 ----A---- C:\Windows\system32\bcrypt.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\rsaenh.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\msihnd.dll
2009-11-12 14:47:47 ----A---- C:\Windows\system32\bthserv.dll
2009-11-12 14:47:46 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-11-12 14:47:46 ----A---- C:\Windows\system32\msstrc.dll
2009-11-12 14:47:46 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\scrptadm.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\netapi32.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\inetcomm.dll
2009-11-12 14:47:43 ----A---- C:\Windows\system32\dfshim.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\mtxclu.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\mscories.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\inetpp.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\hidserv.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\fundisc.dll
2009-11-12 14:47:42 ----A---- C:\Windows\system32\cryptsvc.dll
2009-11-12 14:47:41 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-11-12 14:47:41 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-11-12 14:47:40 ----A---- C:\Windows\system32\termsrv.dll
2009-11-12 14:47:40 ----A---- C:\Windows\system32\profsvc.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\wdc.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\shsvcs.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\msiexec.exe
2009-11-12 14:47:38 ----A---- C:\Windows\system32\imapi.dll
2009-11-12 14:47:38 ----A---- C:\Windows\system32\chsbrkr.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\spoolsv.exe
2009-11-12 14:47:37 ----A---- C:\Windows\system32\rasmans.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\pnidui.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\icardres.dll
2009-11-12 14:47:37 ----A---- C:\Windows\system32\iassdo.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\wersvc.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\slmgr.vbs
2009-11-12 14:47:36 ----A---- C:\Windows\system32\scrrun.dll
2009-11-12 14:47:36 ----A---- C:\Windows\system32\PSHED.DLL
2009-11-12 14:47:36 ----A---- C:\Windows\system32\autofmt.exe
2009-11-12 14:47:35 ----A---- C:\Windows\system32\pidgenx.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\pdh.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-11-12 14:47:35 ----A---- C:\Windows\system32\azroles.dll
2009-11-12 14:47:34 ----A---- C:\Windows\system32\wmpmde.dll
2009-11-12 14:47:33 ----A---- C:\Windows\system32\winlogon.exe
2009-11-12 14:47:33 ----A---- C:\Windows\system32\SyncCenter.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\SLUINotify.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-11-12 14:47:32 ----A---- C:\Windows\system32\comuid.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\sethc.exe
2009-11-12 14:47:31 ----A---- C:\Windows\system32\ncrypt.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\kd1394.dll
2009-11-12 14:47:31 ----A---- C:\Windows\system32\certmgr.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\wisptis.exe
2009-11-12 14:47:30 ----A---- C:\Windows\system32\untfs.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\taskcomp.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\spp.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\scrobj.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\rtutils.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\iassam.dll
2009-11-12 14:47:30 ----A---- C:\Windows\system32\dwm.exe
2009-11-12 14:47:29 ----A---- C:\Windows\system32\printui.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\iasnap.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\cscui.dll
2009-11-12 14:47:29 ----A---- C:\Windows\system32\autoconv.exe
2009-11-12 14:47:29 ----A---- C:\Windows\system32\autochk.exe
2009-11-12 14:47:28 ----A---- C:\Windows\system32\winsrv.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\wow32.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\userenv.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\osk.exe
2009-11-12 14:47:27 ----A---- C:\Windows\system32\onex.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\kdcom.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\cscript.exe
2009-11-12 14:47:27 ----A---- C:\Windows\system32\basecsp.dll
2009-11-12 14:47:27 ----A---- C:\Windows\system32\audiodg.exe
2009-11-12 14:47:26 ----A---- C:\Windows\system32\winmm.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\spcmsg.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\RelMon.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\mswsock.dll
2009-11-12 14:47:26 ----A---- C:\Windows\system32\kdusb.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\WinSCard.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-11-12 14:47:25 ----A---- C:\Windows\system32\rdpencom.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\offfilt.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\msftedit.dll
2009-11-12 14:47:25 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\wsepno.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\WerFault.exe
2009-11-12 14:47:23 ----A---- C:\Windows\system32\Utilman.exe
2009-11-12 14:47:23 ----A---- C:\Windows\system32\stobject.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\mfplat.dll
2009-11-12 14:47:23 ----A---- C:\Windows\system32\diskraid.exe
2009-11-12 14:47:22 ----A---- C:\Windows\system32\sysclass.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\SndVol.exe
2009-11-12 14:47:22 ----A---- C:\Windows\system32\prnntfy.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\msnetobj.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\mscms.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\apphelp.dll
2009-11-12 14:47:22 ----A---- C:\Windows\system32\adsmsext.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\wscript.exe
2009-11-12 14:47:21 ----A---- C:\Windows\system32\wiaservc.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\ulib.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\odbccp32.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\iasdatastore.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\dsound.dll
2009-11-12 14:47:21 ----A---- C:\Windows\system32\cryptui.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\wscntfy.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\rastapi.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\pnpsetup.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-11-12 14:47:20 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-11-12 14:47:20 ----A---- C:\Windows\system32\fdProxy.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\wscsvc.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-11-12 14:47:19 ----A---- C:\Windows\system32\wlangpui.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\vdsdyn.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\logman.exe
2009-11-12 14:47:19 ----A---- C:\Windows\system32\iepeers.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\iashlpr.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\gpapi.dll
2009-11-12 14:47:19 ----A---- C:\Windows\system32\diskpart.exe
2009-11-12 14:47:19 ----A---- C:\Windows\system32\brcpl.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\wusa.exe
2009-11-12 14:47:18 ----A---- C:\Windows\system32\regsvc.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\rasapi32.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\ntprint.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\mscorier.dll
2009-11-12 14:47:18 ----A---- C:\Windows\system32\iasrad.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\zipfldr.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\wshext.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\netcenter.dll
2009-11-12 14:47:17 ----A---- C:\Windows\system32\findstr.exe
2009-11-12 14:47:16 ----A---- C:\Windows\system32\wer.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\webcheck.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\rasdlg.dll
2009-11-12 14:47:16 ----A---- C:\Windows\system32\iassvcs.dll
2009-11-12 14:47:15 ----A---- C:\Windows\system32\wsnmp32.dll
2009-11-12 14:47:15 ----A---- C:\Windows\system32\themecpl.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\uxsms.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\tsbyuv.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\srvsvc.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\slcc.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\scansetting.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\ntmarta.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\msutb.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\mstlsapi.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\mssprxy.dll
2009-11-12 14:47:13 ----A---- C:\Windows\system32\iasads.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\powrprof.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\networkmap.dll
2009-11-12 14:47:12 ----A---- C:\Windows\system32\mstsc.exe
2009-11-12 14:47:12 ----A---- C:\Windows\system32\iasacct.dll
2009-11-12 14:47:11 ----A---- C:\Windows\system32\powercpl.dll
2009-11-12 14:47:11 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\umrdp.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\newdev.exe
2009-11-12 14:47:10 ----A---- C:\Windows\system32\connect.dll
2009-11-12 14:47:10 ----A---- C:\Windows\system32\authz.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\themeui.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\systemcpl.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\sud.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\pcaui.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\dot3svc.dll
2009-11-12 14:47:09 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\usercpl.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\samlib.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\qdvd.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\mmci.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\brcplsiw.dll
2009-11-12 14:47:08 ----A---- C:\Windows\system32\autoplay.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\wlanpref.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\rpchttp.dll
2009-11-12 14:47:07 ----A---- C:\Windows\system32\ieaksie.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\vdsutil.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\regapi.dll
2009-11-12 14:47:06 ----A---- C:\Windows\system32\msinfo32.exe
2009-11-12 14:47:06 ----A---- C:\Windows\system32\cscobj.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\tapisrv.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\scksp.dll
2009-11-12 14:47:05 ----A---- C:\Windows\system32\feclient.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\wscisvif.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\scesrv.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\rekeywiz.exe
2009-11-12 14:47:04 ----A---- C:\Windows\system32\psisdecd.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\oleprn.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\mpr.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\imm32.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\iaspolcy.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\Faultrep.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\dot3msm.dll
2009-11-12 14:47:04 ----A---- C:\Windows\system32\DeviceEject.exe
2009-11-12 14:47:04 ----A---- C:\Windows\system32\AudioSes.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\sdclt.exe
2009-11-12 14:47:03 ----A---- C:\Windows\system32\qedit.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\pnpui.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\perfdisk.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\ncryptui.dll
2009-11-12 14:47:03 ----A---- C:\Windows\system32\dpapimig.exe
2009-11-12 14:47:03 ----A---- C:\Windows\system32\certreq.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\TSTheme.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\spwinsat.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\scecli.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\rasplap.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\rasgcw.dll
2009-11-12 14:47:02 ----A---- C:\Windows\system32\hdwwiz.exe
2009-11-12 14:47:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-11-12 14:47:02 ----A---- C:\Windows\system32\extmgr.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\whealogr.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\tcpmon.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-11-12 14:47:01 ----A---- C:\Windows\system32\fdWSD.dll
2009-11-12 14:47:01 ----A---- C:\Windows\system32\cmmon32.exe
2009-11-12 14:47:00 ----A---- C:\Windows\system32\srcore.dll
2009-11-12 14:47:00 ----A---- C:\Windows\system32\conime.exe
2009-11-12 14:47:00 ----A---- C:\Windows\system32\cmdial32.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\SnippingTool.exe
2009-11-12 14:46:59 ----A---- C:\Windows\system32\SCardSvr.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\raschap.dll
2009-11-12 14:46:59 ----A---- C:\Windows\system32\fontext.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-11-12 14:46:58 ----A---- C:\Windows\system32\wlanui.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\wiaaut.dll
2009-11-12 14:46:58 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\shwebsvc.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\rasppp.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\PnPutil.exe
2009-11-12 14:46:57 ----A---- C:\Windows\system32\oobefldr.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\dsprop.dll
2009-11-12 14:46:57 ----A---- C:\Windows\system32\dimsroam.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\shsetup.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\rasmontr.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\occache.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\mscandui.dll
2009-11-12 14:46:56 ----A---- C:\Windows\system32\modemui.dll
2009-11-12 14:46:55 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-11-12 14:46:55 ----A---- C:\Windows\system32\chtbrkr.dll
2009-11-12 14:46:54 ----A---- C:\Windows\system32\dataclen.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\WSDMon.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\smss.exe
2009-11-12 14:46:53 ----A---- C:\Windows\system32\rdpwsx.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\netplwiz.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\CscMig.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\credui.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\blackbox.dll
2009-11-12 14:46:53 ----A---- C:\Windows\system32\appmgmts.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\wmpeffects.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\networkexplorer.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\mstime.dll
2009-11-12 14:46:52 ----A---- C:\Windows\system32\certprop.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\msscp.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\logagent.exe
2009-11-12 14:46:51 ----A---- C:\Windows\system32\InkEd.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\ifmon.dll
2009-11-12 14:46:51 ----A---- C:\Windows\system32\cipher.exe
2009-11-12 14:46:50 ----A---- C:\Windows\system32\wscapi.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\thawbrkr.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\msrating.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\msimtf.dll
2009-11-12 14:46:50 ----A---- C:\Windows\system32\gpresult.exe
2009-11-12 14:46:49 ----A---- C:\Windows\system32\softkbd.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\sendmail.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\msctfui.dll
2009-11-12 14:46:49 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\rdpclip.exe
2009-11-12 14:46:48 ----A---- C:\Windows\system32\olepro32.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-11-12 14:46:48 ----A---- C:\Windows\system32\dmsynth.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\wshbth.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\version.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\SLLUA.exe
2009-11-12 14:46:47 ----A---- C:\Windows\system32\puiapi.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\msisip.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\mprapi.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\input.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\gpprnext.dll
2009-11-12 14:46:47 ----A---- C:\Windows\system32\fc.exe
2009-11-12 14:46:47 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\rdpendp.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\msjint40.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\fdSSDP.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\dmusic.dll
2009-11-12 14:46:46 ----A---- C:\Windows\system32\cscapi.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\wsdchngr.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\Storprop.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\rasdial.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\rasdiag.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\l2nacp.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\ftp.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\eapp3hst.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\cscdll.dll
2009-11-12 14:46:45 ----A---- C:\Windows\system32\bthudtask.exe
2009-11-12 14:46:45 ----A---- C:\Windows\system32\bthci.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\tscupgrd.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\slcinst.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\nslookup.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\ipconfig.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\gpscript.exe
2009-11-12 14:46:44 ----A---- C:\Windows\system32\gpscript.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\fdWCN.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\eappcfg.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\dot3cfg.dll
2009-11-12 14:46:44 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\qprocess.exe
2009-11-12 14:46:43 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\ocsetup.exe
2009-11-12 14:46:43 ----A---- C:\Windows\system32\mmcico.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\hbaapi.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\fdeploy.dll
2009-11-12 14:46:43 ----A---- C:\Windows\system32\eappgnui.dll
2009-11-12 14:46:42 ----A---- C:\Windows\system32\tscon.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\gpupdate.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\csrstub.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\chgusr.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\chgport.exe
2009-11-12 14:46:42 ----A---- C:\Windows\system32\cbsra.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\tskill.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\shadow.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\rwinsta.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\NcdProp.dll
2009-11-12 14:46:41 ----A---- C:\Windows\system32\logoff.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\iscsilog.dll
2009-11-12 14:46:41 ----A---- C:\Windows\system32\chglogon.exe
2009-11-12 14:46:41 ----A---- C:\Windows\system32\bitsigd.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\vdmdbg.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\tsdiscon.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\slwga.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\reset.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\query.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\qappsrv.exe
2009-11-12 14:46:40 ----A---- C:\Windows\system32\odbcconf.dll
2009-11-12 14:46:40 ----A---- C:\Windows\system32\inetppui.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\winrnr.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\midimap.dll
2009-11-12 14:46:39 ----A---- C:\Windows\system32\change.exe
2009-11-12 14:46:34 ----A---- C:\Windows\system32\msimsg.dll
2009-11-12 14:46:34 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-11-12 14:46:08 ----A---- C:\Windows\system32\SmiEngine.dll
2009-11-12 14:46:00 ----A---- C:\Windows\system32\wdscore.dll
2009-11-12 14:46:00 ----A---- C:\Windows\system32\PkgMgr.exe
2009-11-12 14:45:40 ----A---- C:\Windows\system32\drvstore.dll

======List of files/folders modified in the last 1 months======

2009-12-10 10:00:09 ----D---- C:\Windows\System32
2009-12-10 10:00:09 ----D---- C:\Windows\inf
2009-12-10 10:00:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-10 09:58:10 ----D---- C:\Windows\Temp
2009-12-10 09:55:07 ----D---- C:\Windows\Prefetch
2009-12-10 09:45:39 ----D---- C:\Windows
2009-12-10 09:44:18 ----RD---- C:\Program Files
2009-12-09 19:15:43 ----D---- C:\Program Files\Lx_cats
2009-12-09 18:40:44 ----D---- C:\Windows\system32\drivers
2009-12-09 18:37:56 ----HD---- C:\ProgramData
2009-12-09 14:01:21 ----D---- C:\Windows\pss
2009-12-09 13:59:06 ----SHD---- C:\Windows\Installer
2009-12-09 03:53:11 ----D---- C:\Windows\rescache
2009-12-09 03:48:18 ----D---- C:\Windows\winsxs
2009-12-09 03:38:02 ----D---- C:\Windows\system32\catroot
2009-12-09 03:31:03 ----D---- C:\Windows\system32\catroot2
2009-12-09 03:30:25 ----D---- C:\Windows\system32\en-US
2009-12-09 03:30:24 ----D---- C:\Program Files\Windows Mail
2009-12-09 03:12:34 ----D---- C:\ProgramData\Microsoft Help
2009-12-09 03:08:42 ----RSD---- C:\Windows\assembly
2009-12-09 03:00:50 ----SHD---- C:\System Volume Information
2009-12-08 12:31:05 ----D---- C:\Program Files\Common Files
2009-12-01 15:41:22 ----D---- C:\Windows\Minidump
2009-12-01 15:41:08 ----SD---- C:\Windows\Downloaded Program Files
2009-12-01 15:41:08 ----D---- C:\Program Files\Vividesk
2009-12-01 15:33:43 ----D---- C:\Program Files\ATI
2009-12-01 15:06:20 ----A---- C:\Windows\system32\mrt.exe
2009-12-01 13:11:45 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2009-12-01 13:02:45 ----A---- C:\Windows\ntbtlog.txt
2009-11-23 18:00:14 ----D---- C:\Program Files\Java
2009-11-17 08:36:26 ----D---- C:\Windows\system32\Tasks
2009-11-17 03:26:57 ----D---- C:\Windows\system32\wbem
2009-11-17 03:26:53 ----D---- C:\Windows\system32\zh-TW
2009-11-17 03:26:53 ----D---- C:\Windows\system32\zh-HK
2009-11-17 03:26:53 ----D---- C:\Windows\system32\uk-UA
2009-11-17 03:26:53 ----D---- C:\Windows\system32\tr-TR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\th-TH
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sv-SE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sl-SI
2009-11-17 03:26:53 ----D---- C:\Windows\system32\sk-SK
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pt-PT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pt-BR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\pl-PL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\nl-NL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\lv-LV
2009-11-17 03:26:53 ----D---- C:\Windows\system32\lt-LT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\ko-KR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\it-IT
2009-11-17 03:26:53 ----D---- C:\Windows\system32\hu-HU
2009-11-17 03:26:53 ----D---- C:\Windows\system32\hr-HR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\he-IL
2009-11-17 03:26:53 ----D---- C:\Windows\system32\fr-FR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\fi-FI
2009-11-17 03:26:53 ----D---- C:\Windows\system32\et-EE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\es-ES
2009-11-17 03:26:53 ----D---- C:\Windows\system32\el-GR
2009-11-17 03:26:53 ----D---- C:\Windows\system32\de-DE
2009-11-17 03:26:53 ----D---- C:\Windows\system32\bg-BG
2009-11-17 03:26:52 ----D---- C:\Windows\system32\zh-CN
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ru-RU
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ro-RO
2009-11-17 03:26:52 ----D---- C:\Windows\system32\nb-NO
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ja-JP
2009-11-17 03:26:52 ----D---- C:\Windows\system32\da-DK
2009-11-17 03:26:52 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 03:26:52 ----D---- C:\Windows\system32\ar-SA
2009-11-13 14:55:28 ----D---- C:\Windows\Microsoft.NET
2009-11-12 23:26:49 ----SHD---- C:\Boot
2009-11-12 23:10:51 ----D---- C:\Program Files\Windows Calendar
2009-11-12 23:10:51 ----D---- C:\Program Files\Movie Maker
2009-11-12 23:10:48 ----D---- C:\Program Files\Windows Sidebar
2009-11-12 23:10:48 ----D---- C:\Program Files\Internet Explorer
2009-11-12 23:10:47 ----D---- C:\Program Files\Windows Media Player
2009-11-12 23:10:46 ----D---- C:\Program Files\Windows Journal
2009-11-12 23:10:46 ----D---- C:\Program Files\Windows Collaboration
2009-11-12 23:10:43 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-12 23:10:43 ----D---- C:\Program Files\Common Files\System
2009-11-12 23:10:39 ----D---- C:\Program Files\Windows Defender
2009-11-12 23:10:38 ----D---- C:\Windows\servicing
2009-11-12 23:10:22 ----D---- C:\Windows\IME
2009-11-12 23:10:21 ----D---- C:\Windows\system32\XPSViewer
2009-11-12 23:10:21 ----D---- C:\Windows\PolicyDefinitions
2009-11-12 23:10:08 ----D---- C:\Windows\system32\oobe
2009-11-12 23:10:07 ----D---- C:\Windows\system32\migration
2009-11-12 23:10:01 ----D---- C:\Windows\system32\setup
2009-11-12 23:10:01 ----D---- C:\Windows\system32\AdvancedInstallers
2009-11-12 23:10:00 ----D---- C:\Windows\system32\SLUI
2009-11-12 23:09:57 ----D---- C:\Windows\system32\manifeststore
2009-11-12 23:09:57 ----D---- C:\Windows\system32\en
2009-11-12 23:09:47 ----D---- C:\Windows\system32\migwiz
2009-11-12 23:08:29 ----RSD---- C:\Windows\Fonts
2009-11-12 23:08:28 ----D---- C:\Windows\AppPatch
2009-11-12 23:08:13 ----D---- C:\Windows\system32\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-10 351744]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-08-27 371248]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2007-04-03 306295]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2007-08-14 10896]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-22 163888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-27 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;DELL Tablet PC Key Buttons HID Driver; C:\Windows\system32\DRIVERS\HBtnKey.sys [2009-10-30 11392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-11 41752]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091204.006\NAVENG.SYS [2009-08-27 84912]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091204.006\NAVEX15.SYS [2009-08-27 1323568]
R3 NtrigDigitizerUSBLowerFilter;N-trig HID Tablet Digitizer KMDF Filter Driver; C:\Windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys [2007-07-19 6656]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-07 330240]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-04-22 109744]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2007-08-14 47376]
R3 umpserenum;Serenum Filter Driver ; C:\Windows\system32\DRIVERS\umpserenum.sys [2007-06-28 18432]
R3 umpusbvista;UMP Serial Port Driver ; C:\Windows\system32\DRIVERS\umpusbvista.sys [2007-07-02 56320]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
R3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-10 31616]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WUDFRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-21 534016]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-04-30 265496]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-31 700416]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-11-28 30872]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 lxbt_device;lxbt_device; C:\Windows\system32\lxbtcoms.exe [2007-05-03 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nicconfigsvc;Dell Internal Network Card Power Management; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [2008-02-22 390424]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 SBSDWSCService;SBSD Security Center Service; D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-07 102400]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-11-28 1962136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-21 24064]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

-----------------EOF-----------------
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm

Re: help! My MS Outlook is sending spam

Unread postby almic » December 10th, 2009, 11:10 am

hum,

I've run it twice now and it won't give me a new RSIT info log. I only have the same as yesterday in my folder (date stamp is the same).

what do I do?

thanks
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm

Re: help! My MS Outlook is sending spam

Unread postby Dakeyras » December 10th, 2009, 2:26 pm

Hi. :)

computer seems to be working fine now.
Good to know.

My only problem is with Google Chrome which has spells of freezing and restarting. This happens almost everyday. I've tried updating it but to no avail. What do you think of Chrome?
It may be possible the actual installation is corrupted. So when I give the all clear, uninstall it and then download and re-install it. I have never used the browser myself to be perfectly honest. I do know it based upon what is known as cloud computing. For myself I personally would not install and use anything Google related as they have some major privacy issues in the past and though they claim not the case now I remain unconvinced about this.

You may wish to consider other browsers instead if you intend not too use IE7.

hum,

I've run it twice now and it won't give me a new RSIT info log. I only have the same as yesterday in my folder (date stamp is the same).

what do I do?
Actually that is fine and only one log would have been produced.

Next

Adobe Reader when out of date is a security risk.

Now please go to Start >> Control Panel >> Programs and Features and remove the following (if present):

Adobe Reader 8.1.7

To do so click once on the above and then click on Uninstall/Change and follow the prompts.

New Adobe Reader Installation:

  • Go here and click on AdbeRdr920_en_US.exe to download the latest version of Adobe Reader.
  • Save this file to your desktop and run it to install the latest version of Adobe Reader.

Run Kaspersky Online AV Scanner:

Right click on your favourite web browser (Internet Explorer, Firefox, etc) and select Run As Administrator to run it.

Go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan and then put the kettle on!
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

This online tuturial will help explain how to use the aforementioned online scan.

When completed the above, please post back the following:

  • Inform myself how your computer is running. Any problems encountered and or further symptoms?
  • Kaspersky results.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: help! My MS Outlook is sending spam

Unread postby almic » December 11th, 2009, 1:38 pm

done.

The computer keeps working well (other than the Google Chrome issue).

Here's the Kapersky report:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, December 11, 2009
Operating system: Microsoft Windows Vista Business Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, December 10, 2009 19:24:28
Records in database: 3353946
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Objects scanned: 150616
Threats found: 2
Infected objects found: 6
Suspicious objects found: 0
Scan duration: 19:12:09


File name / Threat / Threats count
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\05900002.VBN Infected: Trojan-Downloader.Java.Agent.ab 1
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E040000\4EBD6912.VBN Infected: Trojan-Downloader.WMA.GetCodec.a 1
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\110C0000.VBN Infected: Trojan-Downloader.Java.Agent.ab 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\05900002.VBN Infected: Trojan-Downloader.Java.Agent.ab 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E040000\4EBD6912.VBN Infected: Trojan-Downloader.WMA.GetCodec.a 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\110C0000.VBN Infected: Trojan-Downloader.Java.Agent.ab 1

Selected area has been scanned.
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm

Re: help! My MS Outlook is sending spam

Unread postby Dakeyras » December 11th, 2009, 2:28 pm

Hi. :)

The computer keeps working well (other than the Google Chrome issue).
OK you could try what I suggested and or seek specific IT support for this issue in the below section of What the Tech:-

Browsers, Internet and email

I am a member of the aforementioned forum myself and they have outstanding IT Support Staff.

Next:

I suggest you empty the contents of the Norton\Symantec Quarantine folder. Merely navigate to the actual folder:-

C >> ProgramData >> Symantec >> Symantec AntiVirus Corporate Edition >> 7.5 >> Quarantine

Delete the contents then empty the Recycle Bin.

Next:

Congratulations your computer now appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Clean up with OTM:

  • Right-click OTM and select Run as Administrator to start the program.
  • Close all other programs apart from OTM as this step will require a reboot
  • On the OTM main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Reset the System Restore points:

Create a new, clean System Restore point:-

  • Right click on Computer and select Properties > System protection. > Create.
  • Give this restore point a descriptive name and click Create.
  • When done, click Apply > OK.

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush infected System Restore points:-

  • Right click on Computer and select Properties > System protection.
  • (untick) Vista C system box an click Turn off system restore then Apply > OK.
  • Restart your computer.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan once a week.

Other installed security software:

Your presently installed security application, Symantec AntiVirus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:

  • Click on Start(Vista Orb) >> All Programs >> Windows Update.
  • In the navigation pane, click Check for updates.
  • After Windows Update has finished checking for updates, click View available updates.
  • Click to select the check box for any found, then click Install.
  • When completed Reboot(restart) your computer if not prompted to do so.

Be careful when opening attachments and downloading files:

  • Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
  • Never open emails from unknown senders.
  • Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
  • Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice avoid these types of software applications.

Finally a educational source:

To learn more about how to protect yourself while on the internet read this article by Tony Klein:

So how did I get infected in the first place?

Some consider this article outdated, personally I still think it bares relevance and the author is well respected in the Anti-Malware community and by myself also!

Any questions? Feel free to ask, if not stay safe!
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: help! My MS Outlook is sending spam

Unread postby almic » December 11th, 2009, 3:23 pm

thank you so much. It's great to have such expert advice.

cheers!
almic
Regular Member
 
Posts: 15
Joined: November 29th, 2009, 6:24 pm

Re: help! My MS Outlook is sending spam

Unread postby Dakeyras » December 11th, 2009, 5:12 pm

You're welcome! :)
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: help! My MS Outlook is sending spam

Unread postby NonSuch » December 13th, 2009, 2:45 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 13 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware