Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I used to think I was smart ...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I used to think I was smart ...

Unread postby kizmdyno » December 17th, 2006, 11:56 am

... then I tried to fix my brother-in-laws computer.

Followed the "before you post" instructions: installed and ran spybot and ad-aware, installed and ran a-squared, and installed and ran norton anti-virus. Everytime I run spybot and ad-aware spyware is detected, the software tells me it will be removed upon restart, but upon restart it is still there. When I start up I get an error message saying that a program cannot be started by rundll.

Thanks for your help.

Below is the hijackthis log.
***************************************

Logfile of HijackThis v1.99.1
Scan saved at 10:52:12 AM, on 12/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Documents and Settings\Staples\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5280391607
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\o0rola931d.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Secure HTTP (Service Secured) - Unknown owner - C:\WINDOWS\csrvs.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am
Advertisement
Register to Remove

Unread postby Shaba » December 17th, 2006, 1:50 pm

Hi kizmdyno

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Send:

- a fresh HijackThis log
- combofix report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

thanks for the quick response

Unread postby kizmdyno » December 17th, 2006, 2:37 pm

*********************
combofix.txt file
*********************
Staples - 06-12-17 13:09:36.05 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Staples\Desktop"

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))

REGISTRY ENTRIES REMOVED:

[HKEY_CLASSES_ROOT\clsid\{C1D61687-9F17-45C7-BF58-2F974DD98FD6}]
@=""
"IDEx"="ADDR"

[HKEY_CLASSES_ROOT\clsid\{C1D61687-9F17-45C7-BF58-2F974DD98FD6}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{C1D61687-9F17-45C7-BF58-2F974DD98FD6}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{C1D61687-9F17-45C7-BF58-2F974DD98FD6}\InprocServer32]
@="C:\\WINDOWS\\system32\\wwpshell.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{53E1EC9F-2039-4481-8ACF-3E5F0FCC8AB4}]
@=""

[HKEY_CLASSES_ROOT\clsid\{53E1EC9F-2039-4481-8ACF-3E5F0FCC8AB4}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{53E1EC9F-2039-4481-8ACF-3E5F0FCC8AB4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{53E1EC9F-2039-4481-8ACF-3E5F0FCC8AB4}\InprocServer32]
@="C:\\WINDOWS\\system32\\ldcalsec.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{CE49563D-A085-43D1-961F-29377EDF29B6}]
@=""

[HKEY_CLASSES_ROOT\clsid\{CE49563D-A085-43D1-961F-29377EDF29B6}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{CE49563D-A085-43D1-961F-29377EDF29B6}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{CE49563D-A085-43D1-961F-29377EDF29B6}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{17BAB331-044A-4E6B-B43A-ADC0B2ACB995}]
@=""

[HKEY_CLASSES_ROOT\clsid\{17BAB331-044A-4E6B-B43A-ADC0B2ACB995}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{17BAB331-044A-4E6B-B43A-ADC0B2ACB995}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{17BAB331-044A-4E6B-B43A-ADC0B2ACB995}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdg4dmod.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{985F0CEC-D0A0-4EB3-9F87-F32F56F42CD4}]
@=""

[HKEY_CLASSES_ROOT\clsid\{985F0CEC-D0A0-4EB3-9F87-F32F56F42CD4}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{985F0CEC-D0A0-4EB3-9F87-F32F56F42CD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{985F0CEC-D0A0-4EB3-9F87-F32F56F42CD4}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\clsid\{C6E4FAED-6492-4C13-B4CE-7FE1A5485C7A}]
@=""

[HKEY_CLASSES_ROOT\clsid\{C6E4FAED-6492-4C13-B4CE-7FE1A5485C7A}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\clsid\{C6E4FAED-6492-4C13-B4CE-7FE1A5485C7A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\clsid\{C6E4FAED-6492-4C13-B4CE-7FE1A5485C7A}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


FILES REMOVED:

C:\WINDOWS\system32\acphelp.dll
C:\WINDOWS\system32\aza0l9hm1.dll
C:\WINDOWS\system32\cfral.dll
C:\WINDOWS\system32\CGDBUIRoxio.dll
C:\WINDOWS\system32\clgbkend.dll
C:\WINDOWS\system32\crgmgr32.dll
C:\WINDOWS\system32\d0j00a1med.dll
C:\WINDOWS\system32\d2j00c1mef.dll
C:\WINDOWS\system32\d8j0li1m18.dll
C:\WINDOWS\system32\dnpm0171e.dll
C:\WINDOWS\system32\drrpsetu.dll
C:\WINDOWS\system32\dsskperf.dll
C:\WINDOWS\system32\dswsockx.dll
C:\WINDOWS\system32\en0ul1d91.dll
C:\WINDOWS\system32\en2ql1f51.dll
C:\WINDOWS\system32\f20olcd31f0.dll
C:\WINDOWS\system32\fp0u03d9e.dll
C:\WINDOWS\system32\fp8u03l9e.dll
C:\WINDOWS\system32\fpl6033se.dll
C:\WINDOWS\system32\fprs0397e.dll
C:\WINDOWS\system32\g2lm0c31ef.dll
C:\WINDOWS\system32\gp88l3lu1.dll
C:\WINDOWS\system32\gpjul3191.dll
C:\WINDOWS\system32\h22o0cf3ef2.dll
C:\WINDOWS\system32\hJl.dll
C:\WINDOWS\system32\hr0m05d1e.dll
C:\WINDOWS\system32\hr4o05h3e.dll
C:\WINDOWS\system32\i4nmle511h.dll
C:\WINDOWS\system32\i642lgho164c.dll
C:\WINDOWS\system32\i6nmlg5116.dll
C:\WINDOWS\system32\ICKED.DLL
C:\WINDOWS\system32\ioetpp.dll
C:\WINDOWS\system32\ir0sl5d71.dll
C:\WINDOWS\system32\ir2ql5f51.dll
C:\WINDOWS\system32\ir44l5hq1.dll
C:\WINDOWS\system32\j02q0af5ed2.dll
C:\WINDOWS\system32\j62qlgf5162.dll
C:\WINDOWS\system32\jnaw400.dll
C:\WINDOWS\system32\jt8q07l5e.dll
C:\WINDOWS\system32\jtrq0795e.dll
C:\WINDOWS\system32\k2800clmefqa0.dll
C:\WINDOWS\system32\k808lidu1808.dll
C:\WINDOWS\system32\k8260ifse8260.dll
C:\WINDOWS\system32\k826lifs1826.dll
C:\WINDOWS\system32\k8lq0i35e8.dll
C:\WINDOWS\system32\k8pmli7118.dll
C:\WINDOWS\system32\khdhe220.dll
C:\WINDOWS\system32\ksdvntc.dll
C:\WINDOWS\system32\kt24l7fq1.dll
C:\WINDOWS\system32\ktdheb.dll
C:\WINDOWS\system32\l66o0gj3e6o.dll
C:\WINDOWS\system32\l8l60i3se8.dll
C:\WINDOWS\system32\lbk.dll
C:\WINDOWS\system32\lcghours.dll
C:\WINDOWS\system32\ldcalsec.dll
C:\WINDOWS\system32\lnwen13n.dll
C:\WINDOWS\system32\LQX2KUSB.DLL
C:\WINDOWS\system32\lv6609jse.dll
C:\WINDOWS\system32\lv6s09j7e.dll
C:\WINDOWS\system32\lvr2099oe.dll
C:\WINDOWS\system32\LWBAGF.DLL
C:\WINDOWS\system32\m228lcfu1f28.dll
C:\WINDOWS\system32\m4460ehseh460.dll
C:\WINDOWS\system32\m4nqle551h.dll
C:\WINDOWS\system32\m4pole731h.dll
C:\WINDOWS\system32\mcdimap.dll
C:\WINDOWS\system32\mev1_0.dll
C:\WINDOWS\system32\mttext35.dll
C:\WINDOWS\system32\mudimap.dll
C:\WINDOWS\system32\mv40l9hm1.dll
C:\WINDOWS\system32\mvjol9131.dll
C:\WINDOWS\system32\mvlul9391.dll
C:\WINDOWS\system32\mvp4l97q1.dll
C:\WINDOWS\system32\mvp8l97u1.dll
C:\WINDOWS\system32\MZC42ENU.DLL
C:\WINDOWS\system32\n0p4la7q1d.dll
C:\WINDOWS\system32\n46qlej51ho.dll
C:\WINDOWS\system32\n62ulgf9162.dll
C:\WINDOWS\system32\n88o0il3e8q.dll
C:\WINDOWS\system32\nltshell.dll
C:\WINDOWS\system32\o0rola931d.dll
C:\WINDOWS\system32\o448lehu1h48.dll
C:\WINDOWS\system32\o6lulg3916.dll
C:\WINDOWS\system32\ovbcjt32.dll
C:\WINDOWS\system32\psrfctrs.dll
C:\WINDOWS\system32\r06ulaj91do.dll
C:\WINDOWS\system32\r08slal71dq.dll
C:\WINDOWS\system32\ROOCURS.DLL
C:\WINDOWS\system32\siell32.dll
C:\WINDOWS\system32\svdpapi.dll
C:\WINDOWS\system32\sxtupdll.dll
C:\WINDOWS\system32\szarddlg.dll
C:\WINDOWS\system32\uqrcntra.dll
C:\WINDOWS\system32\utbmon.dll
C:\WINDOWS\system32\wxwfax.dll
C:\WINDOWS\system32\wyock32.dll
C:\WINDOWS\system32\xwlehlp.dll
C:\WINDOWS\system32\guard.tmp


Granting sedebugprivilege to Administrators ... successful


((((((((((((((((((((((((((((((((((((((((((( E-Give / Ssk's Log )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\data19


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


((((((((((((((((((((((((((((((( Files Created from 2006-11-17 to 2006-12-17 ))))))))))))))))))))))))))))))))))


2006-12-17 12:55 <DIR> d-------- C:\Documents and Settings\Staples\.housecall6.6
2006-12-11 03:07 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-12-11 03:06 <DIR> d-------- C:\b866fe632f9d69b878
2006-12-10 22:56 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-12-10 20:59 <DIR> d-------- C:\Program Files\a-squared Free
2006-12-10 20:38 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-12-10 19:34 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\Lavasoft
2006-12-10 19:33 <DIR> d-------- C:\Program Files\Lavasoft
2006-12-10 19:11 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2006-12-10 19:09 <DIR> d-------- C:\Program Files\msn gaming zone
2006-12-10 19:06 <DIR> d-------- C:\WINDOWS\Prefetch
2006-12-10 18:45 9,216 --------- C:\WINDOWS\system32\proxycfg.exe
2006-12-10 18:45 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2006-12-10 18:45 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2006-12-10 18:45 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2006-12-10 18:45 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2006-12-10 18:45 59,392 --------- C:\WINDOWS\system32\logman.exe
2006-12-10 18:45 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2006-12-10 18:45 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2006-12-10 18:45 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2006-12-10 18:45 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2006-12-10 18:45 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2006-12-10 18:45 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2006-12-10 18:45 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2006-12-10 18:45 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2006-12-10 18:45 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2006-12-10 18:45 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2006-12-10 18:45 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2006-12-10 18:45 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2006-12-10 18:45 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2006-12-10 18:45 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2006-12-10 18:45 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2006-12-10 18:45 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2006-12-10 18:45 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2006-12-10 18:45 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2006-12-10 18:45 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2006-12-10 18:45 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2006-12-10 18:45 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2006-12-10 18:45 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2006-12-10 18:45 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2006-12-10 18:45 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2006-12-10 18:45 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2006-12-10 18:45 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2006-12-10 18:45 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2006-12-10 18:45 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2006-12-10 18:45 263,040 --------- C:\WINDOWS\system32\drivers\http.sys
2006-12-10 18:45 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2006-12-10 18:45 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2006-12-10 18:45 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2006-12-10 18:45 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2006-12-10 18:45 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2006-12-10 18:45 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2006-12-10 18:45 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2006-12-10 18:45 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2006-12-10 18:45 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2006-12-10 18:45 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2006-12-10 18:45 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2006-12-10 18:45 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2006-12-10 18:45 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2006-12-10 18:45 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2006-12-10 18:45 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2006-12-10 18:45 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2006-12-10 18:45 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-10 18:45 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2006-12-10 18:45 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2006-12-10 18:45 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2006-12-10 18:45 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2006-12-10 18:45 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2006-12-10 18:45 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2006-12-10 18:45 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2006-12-10 18:45 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2006-12-10 18:44 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2006-12-10 18:44 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2006-12-10 18:44 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2006-12-10 18:44 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2006-12-10 18:44 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2006-12-10 18:44 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2006-12-10 18:44 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2006-12-10 18:44 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2006-12-10 18:44 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2006-12-10 18:44 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2006-12-10 18:44 73,796 --------- C:\WINDOWS\system32\slserv.exe
2006-12-10 18:44 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2006-12-10 18:44 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2006-12-10 18:44 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2006-12-10 18:44 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2006-12-10 18:44 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2006-12-10 18:44 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2006-12-10 18:44 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2006-12-10 18:44 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2006-12-10 18:44 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2006-12-10 18:44 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2006-12-10 18:44 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2006-12-10 18:44 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2006-12-10 18:44 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2006-12-10 18:44 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2006-12-10 18:44 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2006-12-10 18:44 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2006-12-10 18:44 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2006-12-10 18:44 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2006-12-10 18:44 44,032 --------- C:\WINDOWS\system32\twext.dll
2006-12-10 18:44 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2006-12-10 18:44 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2006-12-10 18:44 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2006-12-10 18:44 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2006-12-10 18:44 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2006-12-10 18:44 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2006-12-10 18:44 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2006-12-10 18:44 32,866 --------- C:\WINDOWS\slrundll.exe
2006-12-10 18:44 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2006-12-10 18:44 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2006-12-10 18:44 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2006-12-10 18:44 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2006-12-10 18:44 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2006-12-10 18:44 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2006-12-10 18:44 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2006-12-10 18:44 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2006-12-10 18:44 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2006-12-10 18:44 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2006-12-10 18:44 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2006-12-10 18:44 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-12-10 18:44 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2006-12-10 18:44 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2006-12-10 18:44 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2006-12-10 18:44 20,992 --------- C:\WINDOWS\system32\bthci.dll
2006-12-10 18:44 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2006-12-10 18:44 188,508 --------- C:\WINDOWS\system32\slgen.dll
2006-12-10 18:44 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2006-12-10 18:44 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2006-12-10 18:44 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2006-12-10 18:44 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2006-12-10 18:44 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2006-12-10 18:44 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-12-10 18:44 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2006-12-10 18:44 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2006-12-10 18:44 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2006-12-10 18:44 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2006-12-10 18:44 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2006-12-10 18:44 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2006-12-10 18:44 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2006-12-10 18:44 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2006-12-10 18:44 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2006-12-10 18:44 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2006-12-10 18:44 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2006-12-10 18:44 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2006-12-10 18:44 116,224 --------- C:\WINDOWS\system32\p2p.dll
2006-12-10 18:44 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2006-12-10 18:44 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2006-12-10 18:44 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2006-12-10 18:44 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2006-12-10 18:44 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2006-12-10 18:44 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2006-12-10 18:44 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2006-12-10 18:44 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2006-12-10 18:44 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-12-10 18:44 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-12-10 18:44 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2006-12-10 13:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-12-10 03:10 91,856 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-10 03:10 123,712 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-10 03:09 <DIR> d-------- C:\Program Files\Symantec AntiVirus
2006-12-10 03:09 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2006-12-10 01:25 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2006-12-10 01:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-10 01:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-12-10 00:31 <DIR> d-------- C:\WINDOWS\provisioning
2006-12-10 00:31 <DIR> d-------- C:\WINDOWS\peernet
2006-12-10 00:24 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2006-12-10 00:12 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-12-10 00:10 97,280 --a------ C:\WINDOWS\system32\dpcdll.dll
2006-12-10 00:10 896,512 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2006-12-10 00:10 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-12-10 00:10 7,168 --a------ C:\WINDOWS\system32\hccoin.dll
2006-12-10 00:10 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-12-10 00:10 537,088 --a------ C:\WINDOWS\system32\msftedit.dll
2006-12-10 00:10 484,864 --a------ C:\WINDOWS\system32\wmspdmod.dll
2006-12-10 00:10 438,784 --a------ C:\WINDOWS\system32\xpob2res.dll
2006-12-10 00:10 4,096 --a------ C:\WINDOWS\system32\dsprpres.dll
2006-12-10 00:10 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2006-12-10 00:10 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-12-10 00:10 37,376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2006-12-10 00:10 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2006-12-10 00:10 338,432 --a------ C:\WINDOWS\system32\ir41_qcx.dll
2006-12-10 00:10 310,272 --a------ C:\WINDOWS\system32\mp43dmod.dll
2006-12-10 00:10 26,624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2006-12-10 00:10 24,064 --a------ C:\WINDOWS\system32\pidgen.dll
2006-12-10 00:10 20,480 --a------ C:\WINDOWS\system32\encapi.dll
2006-12-10 00:10 2,897,920 --a------ C:\WINDOWS\system32\xpsp2res.dll
2006-12-10 00:10 2,113,536 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-12-10 00:10 187,392 --a------ C:\WINDOWS\system32\xpsp1res.dll
2006-12-10 00:10 186,368 --a------ C:\WINDOWS\system32\encdec.dll
2006-12-10 00:10 151,552 --a------ C:\WINDOWS\system32\wmidx.dll
2006-12-10 00:10 120,320 --a------ C:\WINDOWS\system32\ir41_qc.dll
2006-12-10 00:10 12,416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2006-12-10 00:10 1,689,088 --a------ C:\WINDOWS\system32\d3d9.dll
2006-12-10 00:10 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-12-10 00:10 1,001,472 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-12-10 00:09 937,984 --a------ C:\WINDOWS\system32\winbrand.dll
2006-12-10 00:09 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-12-10 00:09 270,848 --a------ C:\WINDOWS\system32\sbe.dll
2006-12-10 00:09 159,232 --a------ C:\WINDOWS\system32\sbeio.dll
2006-12-10 00:09 134,656 --a------ C:\WINDOWS\system32\mssap.dll
2006-12-10 00:08 99,840 --a------ C:\WINDOWS\system32\advpack.dll
2006-12-10 00:08 98,304 --a------ C:\WINDOWS\system32\cscript.exe
2006-12-10 00:08 98,304 --a------ C:\WINDOWS\system32\ahui.exe
2006-12-10 00:08 92,672 --a------ C:\WINDOWS\system32\dskquota.dll
2006-12-10 00:08 9,728 --a------ C:\WINDOWS\system32\gpkrsrc.dll
2006-12-10 00:08 9,344 --a------ C:\WINDOWS\system32\framebuf.dll
2006-12-10 00:08 87,552 --a------ C:\WINDOWS\system32\fldrclnr.dll
2006-12-10 00:08 87,040 --a------ C:\WINDOWS\system32\drmstor.dll
2006-12-10 00:08 85,504 --a------ C:\WINDOWS\system32\diantz.exe
2006-12-10 00:08 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-12-10 00:08 84,992 --a------ C:\WINDOWS\system32\avifil32.dll
2006-12-10 00:08 84,480 --a------ C:\WINDOWS\system32\cabview.dll
2006-12-10 00:08 83,456 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-12-10 00:08 825,344 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-12-10 00:08 82,432 --a------ C:\WINDOWS\system32\dmscript.dll
2006-12-10 00:08 82,432 --a------ C:\WINDOWS\system32\dfrgfat.exe
2006-12-10 00:08 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-12-10 00:08 80,384 --a------ C:\WINDOWS\system32\iccvid.dll
2006-12-10 00:08 80,384 --a------ C:\WINDOWS\system32\faultrep.dll
2006-12-10 00:08 8,704 --a------ C:\WINDOWS\system32\dciman32.dll
2006-12-10 00:08 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\igmpagnt.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\asferror.dll
2006-12-10 00:08 792,064 --a------ C:\WINDOWS\system32\comres.dll
2006-12-10 00:08 78,336 --a------ C:\WINDOWS\system32\browsewm.dll
2006-12-10 00:08 77,824 --a------ C:\WINDOWS\system32\cliconfg.dll
2006-12-10 00:08 77,312 --a------ C:\WINDOWS\system32\browser.dll
2006-12-10 00:08 75,264 --a------ C:\WINDOWS\system32\inetpp.dll
2006-12-10 00:08 74,752 --a------ C:\WINDOWS\system32\cryptdlg.dll
2006-12-10 00:08 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-12-10 00:08 71,680 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-12-10 00:08 70,656 --a------ C:\WINDOWS\system32\amstream.dll
2006-12-10 00:08 695,296 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-12-10 00:08 69,120 --a------ C:\WINDOWS\system32\ciodm.dll
2006-12-10 00:08 68,608 --a------ C:\WINDOWS\system32\digest.dll
2006-12-10 00:08 68,096 --a------ C:\WINDOWS\system32\adsmsext.dll
2006-12-10 00:08 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-12-10 00:08 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-12-10 00:08 65,024 --a------ C:\WINDOWS\system32\asycfilt.dll
2006-12-10 00:08 640,000 --a------ C:\WINDOWS\system32\dbghelp.dll
2006-12-10 00:08 64,000 --a------ C:\WINDOWS\system32\cleanmgr.exe
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\cryptnet.dll
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\cmstp.exe
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\browselc.dll
2006-12-10 00:08 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-12-10 00:08 62,976 --a------ C:\WINDOWS\system32\iesetup.dll
2006-12-10 00:08 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2006-12-10 00:08 619,008 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-12-10 00:08 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2006-12-10 00:08 61,440 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-12-10 00:08 61,440 --a------ C:\WINDOWS\system32\admparse.dll
2006-12-10 00:08 60,928 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-12-10 00:08 60,416 --a------ C:\WINDOWS\system32\cryptsvc.dll
2006-12-10 00:08 597,504 --a------ C:\WINDOWS\system32\crypt32.dll
2006-12-10 00:08 59,904 --a------ C:\WINDOWS\system32\devenum.dll
2006-12-10 00:08 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2006-12-10 00:08 580,608 --a------ C:\WINDOWS\system32\autofmt.exe
2006-12-10 00:08 58,880 --a------ C:\WINDOWS\system32\atl.dll
2006-12-10 00:08 57,856 --a------ C:\WINDOWS\system32\clusapi.dll
2006-12-10 00:08 57,344 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-12-10 00:08 56,832 --a------ C:\WINDOWS\system32\authz.dll
2006-12-10 00:08 55,808 --a------ C:\WINDOWS\system32\ipconfig.exe
2006-12-10 00:08 55,808 --a------ C:\WINDOWS\system32\eventlog.dll
2006-12-10 00:08 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-12-10 00:08 54,272 --a------ C:\WINDOWS\system32\dataclen.dll
2006-12-10 00:08 53,840 --a------ C:\WINDOWS\system32\dosx.exe
2006-12-10 00:08 53,760 --a------ C:\WINDOWS\system32\cryptext.dll
2006-12-10 00:08 52,736 --a------ C:\WINDOWS\system32\basesrv.dll
2006-12-10 00:08 52,224 --a------ C:\WINDOWS\system32\dmutil.dll
2006-12-10 00:08 512,512 --a------ C:\WINDOWS\system32\cryptui.dll
2006-12-10 00:08 51,200 --a------ C:\WINDOWS\system32\dssec.dll
2006-12-10 00:08 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-12-10 00:08 50,688 --a------ C:\WINDOWS\twain_32.dll
2006-12-10 00:08 50,688 --a------ C:\WINDOWS\system32\camocx.dll
2006-12-10 00:08 5,632 --a------ C:\WINDOWS\system32\cisvc.exe
2006-12-10 00:08 498,205 --a------ C:\WINDOWS\system32\dxmasf.dll
2006-12-10 00:08 48,640 --a------ C:\WINDOWS\system32\iernonce.dll
2006-12-10 00:08 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-12-10 00:08 48,128 --a------ C:\WINDOWS\system32\docprop2.dll
2006-12-10 00:08 47,104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2006-12-10 00:08 47,104 --a------ C:\WINDOWS\system32\cmdl32.exe
2006-12-10 00:08 457,728 --a------ C:\WINDOWS\system32\certmgr.dll
2006-12-10 00:08 45,568 --a------ C:\WINDOWS\system32\extrac32.exe
2006-12-10 00:08 45,568 --a------ C:\WINDOWS\system32\dnsrslvr.dll
2006-12-10 00:08 44,544 --a------ C:\WINDOWS\system32\alg.exe
2006-12-10 00:08 42,496 --a------ C:\WINDOWS\system32\audiosrv.dll
2006-12-10 00:08 41,984 --a------ C:\WINDOWS\system32\htui.dll
2006-12-10 00:08 4,096 --a------ C:\WINDOWS\system32\actmovie.exe
2006-12-10 00:08 39,936 --a------ C:\WINDOWS\system32\cmutil.dll
2006-12-10 00:08 39,936 --a------ C:\WINDOWS\system32\cmmon32.exe
2006-12-10 00:08 39,424 --a------ C:\WINDOWS\system32\grpconv.exe
2006-12-10 00:08 382,976 --a------ C:\WINDOWS\system32\fontext.dll
2006-12-10 00:08 380,957 --a------ C:\WINDOWS\system32\expsrv.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\hhsetup.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\dfrgsnap.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-12-10 00:08 375,296 --a------ C:\WINDOWS\system32\dpnet.dll
2006-12-10 00:08 367,616 --a------ C:\WINDOWS\system32\dsound.dll
2006-12-10 00:08 36,921 --a------ C:\WINDOWS\system32\imeshare.dll
2006-12-10 00:08 35,840 --a------ C:\WINDOWS\system32\imgutil.dll
2006-12-10 00:08 35,840 --a------ C:\WINDOWS\system32\dmloader.dll
2006-12-10 00:08 35,328 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-12-10 00:08 35,328 --a------ C:\WINDOWS\system32\corpol.dll
2006-12-10 00:08 349,696 --a------ C:\WINDOWS\system32\ipsecsnp.dll
2006-12-10 00:08 344,064 --a------ C:\WINDOWS\system32\hnetcfg.dll
2006-12-10 00:08 343,040 --a------ C:\WINDOWS\system32\cmdial32.dll
2006-12-10 00:08 34,304 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-12-10 00:08 337,920 --a------ C:\WINDOWS\system32\filemgmt.dll
2006-12-10 00:08 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll
2006-12-10 00:08 330,752 --a------ C:\WINDOWS\system32\ippromon.dll
2006-12-10 00:08 330,752 --a------ C:\WINDOWS\system32\hnetwiz.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\inetmib1.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\cryptdll.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\clipsrv.exe
2006-12-10 00:08 326,656 --a------ C:\WINDOWS\system32\cscui.dll
2006-12-10 00:08 323,584 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-12-10 00:08 304,128 --a------ C:\WINDOWS\system32\duser.dll
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\ddeshare.exe
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\atmlib.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\icmp.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-12-10 00:08 299,520 --a------ C:\WINDOWS\system32\drmclien.dll
2006-12-10 00:08 286,208 --a------ C:\WINDOWS\system32\blackbox.dll
2006-12-10 00:08 285,696 --a------ C:\WINDOWS\system32\atmfd.dll
2006-12-10 00:08 283,648 --a------ C:\WINDOWS\winhlp32.exe
2006-12-10 00:08 282,624 --a------ C:\WINDOWS\system32\devmgr.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dmband.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dfsshlex.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dbnmpntw.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\batmeter.dll
2006-12-10 00:08 278,016 --a------ C:\WINDOWS\system32\gdi32.dll
2006-12-10 00:08 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-12-10 00:08 27,648 --a------ C:\WINDOWS\system32\conime.exe
2006-12-10 00:08 27,136 --a------ C:\WINDOWS\system32\findstr.exe
2006-12-10 00:08 27,136 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-12-10 00:08 266,240 --a------ C:\WINDOWS\system32\ddraw.dll
2006-12-10 00:08 263,680 --a------ C:\WINDOWS\system32\adsnt.dll
2006-12-10 00:08 253,952 --a------ C:\WINDOWS\system32\icm32.dll
2006-12-10 00:08 252,928 --a------ C:\WINDOWS\system32\compatui.dll
2006-12-10 00:08 25,088 --a------ C:\WINDOWS\system32\defrag.exe
2006-12-10 00:08 25,088 --a------ C:\WINDOWS\system32\at.exe
2006-12-10 00:08 243,200 --a------ C:\WINDOWS\system32\es.dll
2006-12-10 00:08 24,576 --a------ C:\WINDOWS\system32\dbmsrpcn.dll
2006-12-10 00:08 24,576 --a------ C:\WINDOWS\system32\davclnt.dll
2006-12-10 00:08 239,104 --a------ C:\WINDOWS\system32\dsquery.dll
2006-12-10 00:08 23,552 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-12-10 00:08 23,552 --a------ C:\WINDOWS\system32\dmserver.dll
2006-12-10 00:08 23,040 --a------ C:\WINDOWS\system32\ersvc.dll
2006-12-10 00:08 229,888 --a------ C:\WINDOWS\system32\dplayx.dll
2006-12-10 00:08 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2006-12-10 00:08 229,376 --a------ C:\WINDOWS\system32\compstui.dll
2006-12-10 00:08 224,768 --a------ C:\WINDOWS\system32\dmadmin.exe
2006-12-10 00:08 216,576 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-12-10 00:08 212,480 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-12-10 00:08 21,504 --a------ C:\WINDOWS\system32\feclient.dll
2006-12-10 00:08 21,504 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-12-10 00:08 200,704 --a------ C:\WINDOWS\system32\dmdskmgr.dll
2006-12-10 00:08 20,992 --a------ C:\WINDOWS\system32\hid.dll
2006-12-10 00:08 20,992 --a------ C:\WINDOWS\system32\fontview.exe
2006-12-10 00:08 20,480 --a------ C:\WINDOWS\system32\cliconfg.exe
2006-12-10 00:08 2,067,968 --a------ C:\WINDOWS\system32\cdosys.dll
2006-12-10 00:08 194,560 --a------ C:\WINDOWS\system32\certcli.dll
2006-12-10 00:08 194,048 --a------ C:\WINDOWS\system32\activeds.dll
2006-12-10 00:08 193,024 --a------ C:\WINDOWS\system32\eudcedit.exe
2006-12-10 00:08 19,456 --a------ C:\WINDOWS\system32\dswave.dll
2006-12-10 00:08 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-12-10 00:08 183,296 --a------ C:\WINDOWS\system32\els.dll
2006-12-10 00:08 182,784 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2006-12-10 00:08 181,760 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-12-10 00:08 181,760 --a------ C:\WINDOWS\system32\dinput8.dll
2006-12-10 00:08 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2006-12-10 00:08 180,224 --a------ C:\WINDOWS\system32\dwwin.exe
2006-12-10 00:08 18,432 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-12-10 00:08 175,616 --a------ C:\WINDOWS\system32\adsldp.dll
2006-12-10 00:08 17,920 --a------ C:\WINDOWS\system32\dvdupgrd.exe
2006-12-10 00:08 17,408 --a------ C:\WINDOWS\system32\bidispl.dll
2006-12-10 00:08 17,408 --a------ C:\WINDOWS\system32\alrsvc.dll
2006-12-10 00:08 163,840 --a------ C:\WINDOWS\system32\diskpart.exe
2006-12-10 00:08 163,840 --a------ C:\WINDOWS\system32\credui.dll
2006-12-10 00:08 16,896 --a------ C:\WINDOWS\system32\cfgmgr32.dll
2006-12-10 00:08 16,384 --a------ C:\WINDOWS\system32\ds32gt.dll
2006-12-10 00:08 159,232 --a------ C:\WINDOWS\system32\dinput.dll
2006-12-10 00:08 159,232 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-12-10 00:08 150,016 --a------ C:\WINDOWS\system32\imapi.exe
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\inetppui.dll
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\dmremote.exe
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\cmcfg32.dll
2006-12-10 00:08 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2006-12-10 00:08 147,456 --a------ C:\WINDOWS\system32\initpki.dll
2006-12-10 00:08 146,432 --a------ C:\WINDOWS\regedit.exe
2006-12-10 00:08 144,896 --a------ C:\WINDOWS\system32\hotplug.dll
2006-12-10 00:08 143,360 --a------ C:\WINDOWS\system32\adsldpc.dll
2006-12-10 00:08 142,336 --a------ C:\WINDOWS\system32\dsprop.dll
2006-12-10 00:08 14,336 --a------ C:\WINDOWS\system32\drprov.dll
2006-12-10 00:08 139,264 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-12-10 00:08 137,216 --a------ C:\WINDOWS\system32\dssenh.dll
2006-12-10 00:08 135,680 --a------ C:\WINDOWS\system32\ifmon.dll
2006-12-10 00:08 126,976 --a------ C:\WINDOWS\system32\apphelp.dll
2006-12-10 00:08 123,904 --a------ C:\WINDOWS\system32\dfrgui.dll
2006-12-10 00:08 123,392 --a------ C:\WINDOWS\system32\input.dll
2006-12-10 00:08 122,880 --a------ C:\WINDOWS\system32\glu32.dll
2006-12-10 00:08 120,832 --a------ C:\WINDOWS\system32\idq.dll
2006-12-10 00:08 119,808 --a------ C:\WINDOWS\system32\iasrad.dll
2006-12-10 00:08 116,736 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-12-10 00:08 114,688 --a------ C:\WINDOWS\system32\iexpress.exe
2006-12-10 00:08 114,688 --a------ C:\WINDOWS\system32\aclui.dll
2006-12-10 00:08 113,152 --a------ C:\WINDOWS\system32\dsuiext.dll
2006-12-10 00:08 111,104 --a------ C:\WINDOWS\system32\dgnet.dll
2006-12-10 00:08 110,592 --a------ C:\WINDOWS\system32\dbnetlib.dll
2006-12-10 00:08 110,080 --a------ C:\WINDOWS\system32\imm32.dll
2006-12-10 00:08 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\autolfn.exe
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\atmadm.exe
2006-12-10 00:08 105,984 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-12-10 00:08 104,448 --a------ C:\WINDOWS\system32\dmusic.dll
2006-12-10 00:08 103,424 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-12-10 00:08 101,888 --a------ C:\WINDOWS\system32\cscdll.dll
2006-12-10 00:08 101,888 --a------ C:\WINDOWS\system32\actxprxy.dll
2006-12-10 00:08 100,352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-12-10 00:08 10,752 --a------ C:\WINDOWS\system32\dumprep.exe
2006-12-10 00:08 10,752 --a------ C:\WINDOWS\hh.exe
2006-12-10 00:08 1,298,432 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-12-10 00:08 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-12-10 00:08 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-12-10 00:08 1,227,264 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-12-10 00:08 1,179,648 --a------ C:\WINDOWS\system32\d3d8.dll
2006-12-10 00:08 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2006-12-10 00:08 1,032,192 --a------ C:\WINDOWS\explorer.exe
2006-12-10 00:07 994,304 --a------ C:\WINDOWS\system32\msgina.dll
2006-12-10 00:07 97,280 --a------ C:\WINDOWS\system32\loadperf.dll
2006-12-10 00:07 96,768 --a------ C:\WINDOWS\system32\psbase.dll
2006-12-10 00:07 96,256 --a------ C:\WINDOWS\system32\occache.dll
2006-12-10 00:07 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-12-10 00:07 94,208 --a------ C:\WINDOWS\system32\odbcint.dll
2006-12-10 00:07 92,224 --a------ C:\WINDOWS\system32\krnl386.exe
2006-12-10 00:07 92,168 --a------ C:\WINDOWS\system32\rdpdd.dll
2006-12-10 00:07 90,624 --a------ C:\WINDOWS\system32\mydocs.dll
2006-12-10 00:07 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-12-10 00:07 9,216 --a------ C:\WINDOWS\system32\scrnsave.scr
2006-12-10 00:07 884,736 --a------ C:\WINDOWS\system32\msimsg.dll
2006-12-10 00:07 875,008 --a------ C:\WINDOWS\system32\netplwiz.dll
2006-12-10 00:07 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-12-10 00:07 87,040 --a------ C:\WINDOWS\system32\mprapi.dll
2006-12-10 00:07 86,016 --a------ C:\WINDOWS\system32\netsh.exe
2006-12-10 00:07 86,016 --a------ C:\WINDOWS\system32\msapsspc.dll
2006-12-10 00:07 85,504 --a------ C:\WINDOWS\system32\makecab.exe
2006-12-10 00:07 84,480 --a------ C:\WINDOWS\system32\mciavi32.dll
2006-12-10 00:07 831,519 --a------ C:\WINDOWS\system32\mswdat10.dll
2006-12-10 00:07 83,456 --a------ C:\WINDOWS\system32\olepro32.dll
2006-12-10 00:07 815,104 --a------ C:\WINDOWS\system32\mmc.exe
2006-12-10 00:07 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-12-10 00:07 80,896 --a------ C:\WINDOWS\system32\netui0.dll
2006-12-10 00:07 78,848 --a------ C:\WINDOWS\system32\msiexec.exe
2006-12-10 00:07 77,824 --a------ C:\WINDOWS\system32\shrpubw.exe
2006-12-10 00:07 77,312 --a------ C:\WINDOWS\system32\sdbinst.exe
2006-12-10 00:07 77,312 --a------ C:\WINDOWS\system32\rtcshare.exe
2006-12-10 00:07 733,696 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-12-10 00:07 73,728 --a------ C:\WINDOWS\system32\mscms.dll
2006-12-10 00:07 72,704 --a------ C:\WINDOWS\system32\msw3prt.dll
2006-12-10 00:07 72,704 --a------ C:\WINDOWS\system32\magnify.exe
2006-12-10 00:07 713,728 --a------ C:\WINDOWS\system32\opengl32.dll
2006-12-10 00:07 71,680 --a------ C:\WINDOWS\system32\msacm32.dll
2006-12-10 00:07 701,440 --a------ C:\WINDOWS\system32\msxml2.dll
2006-12-10 00:07 70,656 --a------ C:\WINDOWS\system32\mmcbase.dll
2006-12-10 00:07 70,144 --a------ C:\WINDOWS\system32\sigverif.exe
2006-12-10 00:07 7,424 --a------ C:\WINDOWS\system32\kd1394.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\scarddlg.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\raschap.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\odbcconf.exe
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\system32\notepad.exe
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\system32\msctfp.dll
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\notepad.exe
2006-12-10 00:07 68,768 --a------ C:\WINDOWS\system32\mmsystem.dll
2006-12-10 00:07 68,768 --a------ C:\WINDOWS\system\mmsystem.dll
2006-12-10 00:07 68,096 --a------ C:\WINDOWS\system32\shgina.dll
2006-12-10 00:07 67,584 --a------ C:\WINDOWS\system32\osuninst.dll
2006-12-10 00:07 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-12-10 00:07 67,072 --a------ C:\WINDOWS\system32\ntdsapi.dll
2006-12-10 00:07 66,560 --a------ C:\WINDOWS\system32\mtxclu.dll
2006-12-10 00:07 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\shimeng.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\odbccu32.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\odbccr32.dll
2006-12-10 00:07 622,080 --a------ C:\WINDOWS\system32\netcfgx.dll
2006-12-10 00:07 62,976 --a------ C:\WINDOWS\system32\pautoenr.dll
2006-12-10 00:07 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-12-10 00:07 614,429 --a------ C:\WINDOWS\system32\mswstr10.dll
2006-12-10 00:07 61,440 --a------ C:\WINDOWS\system32\msvcrt40.dll
2006-12-10 00:07 60,928 --a------ C:\WINDOWS\system32\miglibnt.dll
2006-12-10 00:07 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\sensapi.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\msidle.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\laprxy.dll
2006-12-10 00:07 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\regsvc.dll
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\mpr.dll
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\ipv6mon.dll
2006-12-10 00:07 586,240 --a------ C:\WINDOWS\system32\mlang.dll
2006-12-10 00:07 581,120 --a------ C:\WINDOWS\system32\rpcrt4.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\resutils.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-12-10 00:07 58,368 --a------ C:\WINDOWS\system32\packager.exe
2006-12-10 00:07 57,344 --a------ C:\WINDOWS\system32\msasn1.dll
2006-12-10 00:07 562,176 --a------ C:\WINDOWS\system32\qedit.dll
2006-12-10 00:07 56,832 --a------ C:\WINDOWS\system32\rasphone.exe
2006-12-10 00:07 56,832 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-12-10 00:07 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-12-10 00:07 552,989 --a------ C:\WINDOWS\system32\msrepl40.dll
2006-12-10 00:07 55,808 --a------ C:\WINDOWS\system32\secur32.dll
2006-12-10 00:07 55,296 --a------ C:\WINDOWS\system32\sendmail.dll
2006-12-10 00:07 549,376 --a------ C:\WINDOWS\system32\shdoclc.dll
2006-12-10 00:07 54,784 --a------ C:\WINDOWS\system32\npptools.dll
2006-12-10 00:07 54,784 --a------ C:\WINDOWS\system32\msvcirt.dll
2006-12-10 00:07 54,272 --a------ C:\WINDOWS\system32\ixsso.dll
2006-12-10 00:07 53,760 --a------ C:\WINDOWS\system32\narrator.exe
2006-12-10 00:07 53,279 --a------ C:\WINDOWS\system32\odbcji32.dll
2006-12-10 00:07 53,279 --a------ C:\WINDOWS\system32\msjter40.dll
2006-12-10 00:07 53,248 --a------ C:\WINDOWS\system32\ipv6.exe
2006-12-10 00:07 514,560 --a------ C:\WINDOWS\system32\logonui.exe
2006-12-10 00:07 512,029 --a------ C:\WINDOWS\system32\msexch40.dll
2006-12-10 00:07 51,712 --a------ C:\WINDOWS\system32\msident.dll
2006-12-10 00:07 506,368 --a------ C:\WINDOWS\system32\msxml.dll
2006-12-10 00:07 50,688 --a------ C:\WINDOWS\system32\mmcshext.dll
2006-12-10 00:07 50,176 --a------ C:\WINDOWS\system32\reg.exe
2006-12-10 00:07 50,176 --a------ C:\WINDOWS\system32\proquota.exe
2006-12-10 00:07 5,632 --a------ C:\WINDOWS\system32\security.dll
2006-12-10 00:07 5,120 --a------ C:\WINDOWS\system32\sfc.dll
2006-12-10 00:07 49,664 --a------ C:\WINDOWS\system32\regapi.dll
2006-12-10 00:07 488,448 --a------ C:\WINDOWS\system32\ntmsmgr.dll
2006-12-10 00:07 48,128 --a------ C:\WINDOWS\system32\msprivs.dll
2006-12-10 00:07 47,616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2006-12-10 00:07 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-12-10 00:07 44,032 --a------ C:\WINDOWS\system32\rtutils.dll
2006-12-10 00:07 438,272 --a------ C:\WINDOWS\system32\shimgvw.dll
2006-12-10 00:07 435,200 --a------ C:\WINDOWS\system32\ntmssvc.dll
2006-12-10 00:07 431,616 --a------ C:\WINDOWS\system32\riched20.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\pstorec.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\ntlanman.dll
2006-12-10 00:07 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-12-10 00:07 423,936 --a------ C:\WINDOWS\system32\licdll.dll
2006-12-10 00:07 421,919 --a------ C:\WINDOWS\system32\msrd2x40.dll
2006-12-10 00:07 42,496 --a------ C:\WINDOWS\system32\shmgrate.exe
2006-12-10 00:07 42,496 --a------ C:\WINDOWS\system32\net.exe
2006-12-10 00:07 413,696 --a------ C:\WINDOWS\system32\msvcp60.dll
2006-12-10 00:07 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-12-10 00:07 407,040 --a------ C:\WINDOWS\system32\netlogon.dll
2006-12-10 00:07 40,960 --a------ C:\WINDOWS\system32\ntmsapi.dll
2006-12-10 00:07 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2006-12-10 00:07 4,126 --a------ C:\WINDOWS\system32\msdxmlc.dll
2006-12-10 00:07 4,096 --a------ C:\WINDOWS\system32\nddeapir.exe
2006-12-10 00:07 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-12-10 00:07 399,872 --a------ C:\WINDOWS\system32\lmrt.dll
2006-12-10 00:07 397,824 --a------ C:\WINDOWS\system32\regwizc.dll
2006-12-10 00:07 395,776 --a------ C:\WINDOWS\system32\rpcss.dll
2006-12-10 00:07 39,936 --a------ C:\WINDOWS\system32\mf3216.dll
2006-12-10 00:07 385,024 --a------ C:\WINDOWS\system32\qdvd.dll
2006-12-10 00:07 384,000 --a------ C:\WINDOWS\system32\ipsmsnap.dll
2006-12-10 00:07 38,912 --a------ C:\WINDOWS\system32\sens.dll
2006-12-10 00:07 363,520 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-12-10 00:07 36,864 --a------ C:\WINDOWS\system32\netstat.exe
2006-12-10 00:07 36,864 --a------ C:\WINDOWS\system32\mscpxl32.dll
2006-12-10 00:07 36,352 --a------ C:\WINDOWS\system32\ncobjapi.dll
2006-12-10 00:07 356,352 --a------ C:\WINDOWS\system32\msscp.dll
2006-12-10 00:07 35,840 --a------ C:\WINDOWS\system32\rcimlby.exe
2006-12-10 00:07 35,648 --a------ C:\WINDOWS\system32\ntio411.sys
2006-12-10 00:07 35,424 --a------ C:\WINDOWS\system32\ntio412.sys
2006-12-10 00:07 35,328 --a------ C:\WINDOWS\system32\pid.dll
2006-12-10 00:07 35,328 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-12-10 00:07 348,189 --a------ C:\WINDOWS\system32\msxbde40.dll
2006-12-10 00:07 348,189 --a------ C:\WINDOWS\system32\mspbde40.dll
2006-12-10 00:07 343,040 --a------ C:\WINDOWS\system32\msvcrt.dll
2006-12-10 00:07 34,816 --a------ C:\WINDOWS\system32\perfproc.dll
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\ntio804.sys
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\ntio404.sys
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-12-10 00:07 34,304 --a------ C:\WINDOWS\system32\pstorsvc.dll
2006-12-10 00:07 33,840 --a------ C:\WINDOWS\system32\ntio.sys
2006-12-10 00:07 33,280 --a------ C:\WINDOWS\system32\rundll32.exe
2006-12-10 00:07 329,728 --a------ C:\WINDOWS\system32\netsetup.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\odbcad32.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-12-10 00:07 319,517 --a------ C:\WINDOWS\system32\msexcl40.dll
2006-12-10 00:07 315,423 --a------ C:\WINDOWS\system32\msrd3x40.dll
2006-12-10 00:07 313,856 --a------ C:\WINDOWS\system32\scesrv.dll
2006-12-10 00:07 31,744 --a------ C:\WINDOWS\system32\rtipxmib.dll
2006-12-10 00:07 31,232 --a------ C:\WINDOWS\system32\sethc.exe
2006-12-10 00:07 30,208 --a------ C:\WINDOWS\system32\mspatcha.dll
2006-12-10 00:07 3,584 --a------ C:\WINDOWS\system32\msafd.dll
2006-12-10 00:07 3,338 --a------ C:\WINDOWS\system32\redir.exe
2006-12-10 00:07 294,400 --a------ C:\WINDOWS\system32\msctf.dll
2006-12-10 00:07 294,400 --a------ C:\WINDOWS\system32\kerberos.dll
2006-12-10 00:07 290,816 --a------ C:\WINDOWS\system32\msnsspc.dll
2006-12-10 00:07 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-12-10 00:07 29,184 --a------ C:\WINDOWS\system32\sendcmsg.dll
2006-12-10 00:07 29,184 --a------ C:\WINDOWS\system32\mshta.exe
2006-12-10 00:07 285,696 --a------ C:\WINDOWS\system32\objsel.dll
2006-12-10 00:07 283,648 --a------ C:\WINDOWS\system32\pdh.dll
2006-12-10 00:07 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-12-10 00:07 279,040 --a------ C:\WINDOWS\system32\qdv.dll
2006-12-10 00:07 278,559 --a------ C:\WINDOWS\system32\odbcjt32.dll
2006-12-10 00:07 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-12-10 00:07 271,360 --a------ C:\WINDOWS\system32\msihnd.dll
2006-12-10 00:07 27,648 --a------ C:\WINDOWS\system32\shscrap.dll
2006-12-10 00:07 27,648 --a------ C:\WINDOWS\system32\profmap.dll
2006-12-10 00:07 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2006-12-10 00:07 266,752 --a------ C:\WINDOWS\system32\oakley.dll
2006-12-10 00:07 26,624 --a------ C:\WINDOWS\system32\perfdisk.dll
2006-12-10 00:07 26,112 --a------ C:\WINDOWS\system32\skeys.exe
2006-12-10 00:07 259,072 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-12-10 00:07 258,077 --a------ C:\WINDOWS\system32\mstext40.dll
2006-12-10 00:07 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\shfolder.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\perfos.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\mslbui.dll
2006-12-10 00:07 249,856 --a------ C:\WINDOWS\system32\odbc32.dll
2006-12-10 00:07 248,832 --a------ C:\WINDOWS\system32\newdev.dll
2006-12-10 00:07 248,832 --a------ C:\WINDOWS\system32\msieftp.dll
2006-12-10 00:07 245,760 --a------ C:\WINDOWS\system32\netui1.dll
2006-12-10 00:07 245,760 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-12-10 00:07 245,248 --a------ C:\WINDOWS\system32\mswsock.dll
2006-12-10 00:07 241,693 --a------ C:\WINDOWS\system32\msjtes40.dll
2006-12-10 00:07 240,640 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2006-12-10 00:07 24,576 --a------ C:\WINDOWS\system32\odbcbcp.dll
2006-12-10 00:07 237,568 --a------ C:\WINDOWS\system32\qasf.dll
2006-12-10 00:07 23,552 --a------ C:\WINDOWS\system32\mciwave.dll
2006-12-10 00:07 23,552 --a------ C:\WINDOWS\system32\ipxroute.exe
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\setup.exe
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\psapi.dll
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\mciseq.dll
2006-12-10 00:07 221,696 --a------ C:\WINDOWS\system32\localsec.dll
2006-12-10 00:07 220,672 --a------ C:\WINDOWS\system32\logon.scr
2006-12-10 00:07 22,528 --a------ C:\WINDOWS\system32\mfcsubs.dll
2006-12-10 00:07 22,016 --a------ C:\WINDOWS\system32\lpk.dll
2006-12-10 00:07 22,016 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-12-10 00:07 216,064 --a------ C:\WINDOWS\system32\moricons.dll
2006-12-10 00:07 215,552 --a------ C:\WINDOWS\system32\osk.exe
2006-12-10 00:07 213,023 --a------ C:\WINDOWS\system32\msltus40.dll
2006-12-10 00:07 21,504 --a------ C:\WINDOWS\system32\rcp.exe
2006-12-10 00:07 207,360 --a------ C:\WINDOWS\system32\mobsync.dll
2006-12-10 00:07 206,336 --a------ C:\WINDOWS\system32\rasppp.dll
2006-12-10 00:07 204,288 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-12-10 00:07 201,728 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-12-10 00:07 20,992 --a------ C:\WINDOWS\system32\sclgntfy.dll
2006-12-10 00:07 20,511 --a------ C:\WINDOWS\system32\odtext32.dll
2006-12-10 00:07 20,511 --a------ C:\WINDOWS\system32\oddbse32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odpdx32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odfox32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odexl32.dll
2006-12-10 00:07 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-12-10 00:07 20,480 --a------ C:\WINDOWS\system32\msorc32r.dll
2006-12-10 00:07 2,890,240 --a------ C:\WINDOWS\system32\msi.dll
2006-12-10 00:07 198,144 --a------ C:\WINDOWS\system32\netman.dll
2006-12-10 00:07 195,072 --a------ C:\WINDOWS\system32\msutb.dll
2006-12-10 00:07 192,512 --a------ C:\WINDOWS\system32\qcap.dll
2006-12-10 00:07 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-12-10 00:07 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-12-10 00:07 19,456 --a------ C:\WINDOWS\system32\shutdown.exe
2006-12-10 00:07 180,224 --a------ C:\WINDOWS\system32\scecli.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\seclogon.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\rsmps.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\nddenb32.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\midimap.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\linkinfo.dll
2006-12-10 00:07 179,712 --a------ C:\WINDOWS\system32\ntmsdba.dll
2006-12-10 00:07 176,128 --a------ C:\WINDOWS\system32\photowiz.dll
2006-12-10 00:07 171,008 --a------ C:\WINDOWS\system32\sccsccp.dll
2006-12-10 00:07 17,920 --a------ C:\WINDOWS\system32\ping.exe
2006-12-10 00:07 17,920 --a------ C:\WINDOWS\system32\nddeapi.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\powrprof.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\msyuv.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-12-10 00:07 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-12-10 00:07 16,896 --a------ C:\WINDOWS\system32\rassapi.dll
2006-12-10 00:07 16,384 --a------ C:\WINDOWS\system32\odbc32gt.dll
2006-12-10 00:07 159,744 --a------ C:\WINDOWS\system32\scrobj.dll
2006-12-10 00:07 159,232 --a------ C:\WINDOWS\system32\msimtf.dll
2006-12-10 00:07 153,600 --a------ C:\WINDOWS\system32\modemui.dll
2006-12-10 00:07 152,576 --a------ C:\WINDOWS\system32\rsaenh.dll
2006-12-10 00:07 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2006-12-10 00:07 151,583 --a------ C:\WINDOWS\system32\msjint40.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\shmedia.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\scrrun.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\msdart.dll
2006-12-10 00:07 150,528 --a------ C:\WINDOWS\system32\keymgr.dll
2006-12-10 00:07 15,872 --a------ C:\WINDOWS\system32\perfmon.exe
2006-12-10 00:07 15,360 --a------ C:\WINDOWS\system32\pjlmon.dll
2006-12-10 00:07 15,360 --a------ C:\WINDOWS\system32\msisip.dll
2006-12-10 00:07 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-12-10 00:07 147,456 --a------ C:\WINDOWS\system32\odbctrac.dll
2006-12-10 00:07 143,872 --a------ C:\WINDOWS\system32\ntshrui.dll
2006-12-10 00:07 143,872 --a------ C:\WINDOWS\system32\itircl.dll
2006-12-10 00:07 143,360 --a------ C:\WINDOWS\system32\msorcl32.dll
2006-12-10 00:07 143,360 --a------ C:\WINDOWS\system32\mobsync.exe
2006-12-10 00:07 140,288 --a------ C:\WINDOWS\system32\sfc_os.dll
2006-12-10 00:07 14,848 --a------ C:\WINDOWS\system32\rsh.exe
2006-12-10 00:07 14,848 --a------ C:\WINDOWS\system32\mcastmib.dll
2006-12-10 00:07 14,336 --a------ C:\WINDOWS\system32\runonce.exe
2006-12-10 00:07 14,336 --a------ C:\WINDOWS\system32\msdmo.dll
2006-12-10 00:07 139,264 --a------ C:\WINDOWS\system32\netid.dll
2006-12-10 00:07 135,168 --a------ C:\WINDOWS\system32\odbcconf.dll
2006-12-10 00:07 134,656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-10 00:07 134,144 --a------ C:\WINDOWS\system32\itss.dll
2006-12-10 00:07 13,824 --a------ C:\WINDOWS\system32\rexec.exe
2006-12-10 00:07 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-12-10 00:07 13,312 --a------ C:\WINDOWS\system32\sigtab.dll
2006-12-10 00:07 13,312 --a------ C:\WINDOWS\system32\lsass.exe
2006-12-10 00:07 124,928 --a------ C:\WINDOWS\system32\net1.exe
2006-12-10 00:07 120,832 --a------ C:\WINDOWS\system32\offfilt.dll
2006-12-10 00:07 120,832 --a------ C:\WINDOWS\system32\msvfw32.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\odbcp32r.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\netrap.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\mscpx32r.dll
2006-12-10 00:07 118,784 --a------ C:\WINDOWS\system32\ntmarta.dll
2006-12-10 00:07 118,272 --a------ C:\WINDOWS\system32\mdminst.dll
2006-12-10 00:07 115,712 --a------ C:\WINDOWS\system32\mstlsapi.dll
2006-12-10 00:07 112,128 --a------ C:\WINDOWS\system32\rastls.dll
2006-12-10 00:07 111,104 --a------ C:\WINDOWS\system32\netdde.exe
2006-12-10 00:07 11,776 --a------ C:\WINDOWS\system32\regsvr32.exe
2006-12-10 00:07 11,776 --a------ C:\WINDOWS\system32\localui.dll
2006-12-10 00:07 11,264 --a------ C:\WINDOWS\system32\msrle32.dll
2006-12-10 00:07 109,568 --a------ C:\WINDOWS\system32\progman.exe
2006-12-10 00:07 107,008 --a------ C:\WINDOWS\system32\oleprn.dll
2006-12-10 00:07 106,496 --a------ C:\WINDOWS\system32\odbccp32.dll
2006-12-10 00:07 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-12-10 00:07 105,472 --a------ C:\WINDOWS\system32\polstore.dll
2006-12-10 00:07 103,936 --a------ C:\WINDOWS\system32\nlhtml.dll
2006-12-10 00:07 103,936 --a------ C:\WINDOWS\system32\logagent.exe
2006-12-10 00:07 102,400 --a------ C:\WINDOWS\system32\rcbdyctl.dll
2006-12-10 00:07 10,240 --a------ C:\WINDOWS\system32\lprhelp.dll
2006-12-10 00:07 1,708,032 --a------ C:\WINDOWS\system32\netshell.dll
2006-12-10 00:07 1,580,544 --a------ C:\WINDOWS\system32\sfcfiles.dll
2006-12-10 00:07 1,507,356 --a------ C:\WINDOWS\system32\msjet40.dll
2006-12-10 00:07 1,435,648 --a------ C:\WINDOWS\system32\query.dll
2006-12-10 00:07 1,428,480 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-12-10 00:07 1,392,671 --a------ C:\WINDOWS\system32\msvbvm60.dll
2006-12-10 00:07 1,287,680 --a------ C:\WINDOWS\system32\quartz.dll
2006-12-10 00:07 1,281,536 --a------ C:\WINDOWS\system32\ole32.dll
2006-12-10 00:07 1,236,480 --a------ C:\WINDOWS\system32\msxml3.dll
2006-12-10 00:07 1,192,960 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2006-12-10 00:07 1,028,096 --a------ C:\WINDOWS\system32\mfc42.dll
2006-12-10 00:07 1,024,000 --a------ C:\WINDOWS\system32\mfc42u.dll
2006-12-10 00:06 99,328 --a------ C:\WINDOWS\system32\winscard.dll
2006-12-10 00:06 984,576 --a------ C:\WINDOWS\system32\syssetup.dll
2006-12-10 00:06 983,552 --a------ C:\WINDOWS\system32\setupapi.dll
2006-12-10 00:06 98,304 --a------ C:\WINDOWS\system32\slbiop.dll
2006-12-10 00:06 96,768 --a------ C:\WINDOWS\system32\srvsvc.dll
2006-12-10 00:06 96,256 --a------ C:\WINDOWS\system32\drivers\scsiport.sys
2006-12-10 00:06 95,744 --a------ C:\WINDOWS\system32\scardsvr.exe
2006-12-10 00:06 95,360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2006-12-10 00:06 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-12-10 00:06 92,672 --a------ C:\WINDOWS\system32\wlnotify.dll
2006-12-10 00:06 92,032 --a------ C:\WINDOWS\system32\drivers\ksecdd.sys
2006-12-10 00:06 91,776 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2006-12-10 00:06 91,648 --a------ C:\WINDOWS\system32\xactsrv.dll
2006-12-10 00:06 91,136 --a------ C:\WINDOWS\system32\ntprint.dll
2006-12-10 00:06 90,624 --a------ C:\WINDOWS\system32\trkwks.dll
2006-12-10 00:06 89,600 --a------ C:\WINDOWS\system32\smlogsvc.exe
2006-12-10 00:06 89,088 --a------ C:\WINDOWS\system32\rasauto.dll
2006-12-10 00:06 88,448 --a------ C:\WINDOWS\system32\drivers\nwlnkipx.sys
2006-12-10 00:06 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2006-12-10 00:06 858,624 --a------ C:\WINDOWS\system32\tapi3.dll
2006-12-10 00:06 85,376 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-12-10 00:06 82,944 --a------ C:\WINDOWS\system32\ws2_32.dll
2006-12-10 00:06 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-12-10 00:06 809,984 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-12-10 00:06 80,128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2006-12-10 00:06 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2006-12-10 00:06 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-12-10 00:06 8,192 --a------ C:\WINDOWS\system32\ntlsapi.dll
2006-12-10 00:06 799,744 --a------ C:\WINDOWS\system32\drivers\dmboot.sys
2006-12-10 00:06 79,744 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2006-12-10 00:06 764,928 --a------ C:\WINDOWS\system32\winntbbu.dll
2006-12-10 00:06 76,800 --a------ C:\WINDOWS\system32\nslookup.exe
2006-12-10 00:06 759,296 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-12-10 00:06 75,776 --a------ C:\WINDOWS\system32\wiascr.dll
2006-12-10 00:06 75,264 --a------ C:\WINDOWS\system32\telnet.exe
2006-12-10 00:06 75,264 --a------ C:\WINDOWS\system32\locator.exe
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\spoolss.dll
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2006-12-10 00:06 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-12-10 00:06 74,240 --a------ C:\WINDOWS\system32\unimdmat.dll
2006-12-10 00:06 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-12-10 00:06 723,456 --a------ C:\WINDOWS\system32\userenv.dll
2006-12-10 00:06 721,920 --a------ C:\WINDOWS\system32\lsasrv.dll
2006-12-10 00:06 713,216 --a------ C:\WINDOWS\system32\sxs.dll
2006-12-10 00:06 71,680 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2006-12-10 00:06 71,552 --a------ C:\WINDOWS\system32\drivers\bridge.sys
2006-12-10 00:06 71,040 --a------ C:\WINDOWS\system32\drivers\dxg.sys
2006-12-10 00:06 708,096 --a------ C:\WINDOWS\system32\ntdll.dll
2006-12-10 00:06 704,512 --a------ C:\WINDOWS\system32\ss3dfo.scr
2006-12-10 00:06 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-12-10 00:06 69,120 --a------ C:\WINDOWS\system32\drivers\psched.sys
2006-12-10 00:06 68,224 --a------ C:\WINDOWS\system32\drivers\pci.sys
2006-12-10 00:06 679,936 --a------ C:\WINDOWS\system32\sstext3d.scr
2006-12-10 00:06 670,720 --a------ C:\WINDOWS\system32\wmadmoe.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\webclnt.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\sti.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-12-10 00:06 66,176 --a------ C:\WINDOWS\system32\drivers\udfs.sys
2006-12-10 00:06 657,920 --a------ C:\WINDOWS\system32\rasdlg.dll
2006-12-10 00:06 65,536 --a------ C:\WINDOWS\system32\wshext.dll
2006-12-10 00:06 65,536 --a------ C:\WINDOWS\system32\wextract.exe
2006-12-10 00:06 64,896 --a------ C:\WINDOWS\system32\drivers\serial.sys
2006-12-10 00:06 64,000 --a------ C:\WINDOWS\system32\samlib.dll
2006-12-10 00:06 63,744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2006-12-10 00:06 63,744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2006-12-10 00:06 616,960 --a------ C:\WINDOWS\system32\advapi32.dll
2006-12-10 00:06 611,328 --a------ C:\WINDOWS\system32\comctl32.dll
2006-12-10 00:06 610,304 --a------ C:\WINDOWS\system32\sspipes.scr
2006-12-10 00:06 61,824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2006-12-10 00:06 61,440 --a------ C:\WINDOWS\system32\rasman.dll
2006-12-10 00:06 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2006-12-10 00:06 602,624 --a------ C:\WINDOWS\system32\autoconv.exe
2006-12-10 00:06 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-12-10 00:06 60,800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2006-12-10 00:06 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-12-10 00:06 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-12-10 00:06 59,904 --a------ C:\WINDOWS\system32\drivers\atmarpc.sys
2006-12-10 00:06 589,312 --a------ C:\WINDOWS\system32\wiashext.dll
2006-12-10 00:06 588,800 --a------ C:\WINDOWS\system32\autochk.exe
2006-12-10 00:06 58,880 --a------ C:\WINDOWS\system32\rastapi.dll
2006-12-10 00:06 577,024 --a------ C:\WINDOWS\system32\user32.dll
2006-12-10 00:06 574,592 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2006-12-10 00:06 57,856 --a------ C:\WINDOWS\system32\synceng.dll
2006-12-10 00:06 57,856 --a------ C:\WINDOWS\system32\spoolsv.exe
2006-12-10 00:06 57,600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2006-12-10 00:06 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-12-10 00:06 560,640 --a------ C:\WINDOWS\system32\
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

thanks for the quick response (cont)

Unread postby kizmdyno » December 17th, 2006, 2:43 pm

*********************
combofix cont
*********************
2006-12-10 00:06 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-12-10 00:06 560,640 --a------ C:\WINDOWS\system32\printui.dll
2006-12-10 00:06 553,472 --a------ C:\WINDOWS\system32\oleaut32.dll
2006-12-10 00:06 55,936 --a------ C:\WINDOWS\system32\drivers\atmlane.sys
2006-12-10 00:06 53,760 --a------ C:\WINDOWS\system32\winsta.dll
2006-12-10 00:06 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2006-12-10 00:06 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2006-12-10 00:06 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2006-12-10 00:06 52,352 --a------ C:\WINDOWS\system32\drivers\volsnap.sys
2006-12-10 00:06 51,712 --a------ C:\WINDOWS\system32\wzcsapi.dll
2006-12-10 00:06 51,712 --a------ C:\WINDOWS\system32\vdmredir.dll
2006-12-10 00:06 51,328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2006-12-10 00:06 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-12-10 00:06 502,272 --a------ C:\WINDOWS\system32\winlogon.exe
2006-12-10 00:06 50,688 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-12-10 00:06 50,688 --a------ C:\WINDOWS\system32\smss.exe
2006-12-10 00:06 50,176 --a------ C:\WINDOWS\system32\utilman.exe
2006-12-10 00:06 5,632 --a------ C:\WINDOWS\system32\wmi.dll
2006-12-10 00:06 5,632 --a------ C:\WINDOWS\system32\winver.exe
2006-12-10 00:06 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-12-10 00:06 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2006-12-10 00:06 5,376 --a------ C:\WINDOWS\system32\drivers\viaide.sys
2006-12-10 00:06 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-12-10 00:06 49,664 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2006-12-10 00:06 49,536 --a------ C:\WINDOWS\system32\drivers\cdrom.sys
2006-12-10 00:06 49,152 --a------ C:\WINDOWS\system32\wdigest.dll
2006-12-10 00:06 48,640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-12-10 00:06 48,384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2006-12-10 00:06 47,104 --a------ C:\WINDOWS\system32\ssmypics.scr
2006-12-10 00:06 463,360 --a------ C:\WINDOWS\system32\wiadefui.dll
2006-12-10 00:06 453,120 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2006-12-10 00:06 45,568 --a------ C:\WINDOWS\system32\tcpmonui.dll
2006-12-10 00:06 45,568 --a------ C:\WINDOWS\system32\tcpmon.dll
2006-12-10 00:06 442,368 --a------ C:\WINDOWS\system32\sqlsrv32.dll
2006-12-10 00:06 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-12-10 00:06 433,664 --a------ C:\WINDOWS\system32\wiaacmgr.exe
2006-12-10 00:06 430,592 --a------ C:\WINDOWS\system32\vssapi.dll
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\wsnmp32.dll
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\ftp.exe
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2006-12-10 00:06 42,240 --a------ C:\WINDOWS\system32\drivers\mountmgr.sys
2006-12-10 00:06 419,840 --a------ C:\WINDOWS\system32\ntvdm.exe
2006-12-10 00:06 417,792 --a------ C:\WINDOWS\system32\vbscript.dll
2006-12-10 00:06 415,744 --a------ C:\WINDOWS\system32\samsrv.dll
2006-12-10 00:06 41,856 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2006-12-10 00:06 41,472 --a------ C:\WINDOWS\system32\drivers\raspppoe.sys
2006-12-10 00:06 408,064 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-12-10 00:06 406,528 --a------ C:\WINDOWS\system32\usp10.dll
2006-12-10 00:06 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2006-12-10 00:06 40,320 --a------ C:\WINDOWS\system32\drivers\nmnt.sys
2006-12-10 00:06 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-12-10 00:06 4,352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-12-10 00:06 393,216 --a------ C:\WINDOWS\system32\ssflwbox.scr
2006-12-10 00:06 39,936 --a------ C:\WINDOWS\system32\rshx32.dll
2006-12-10 00:06 39,936 --a------ C:\WINDOWS\system32\perfctrs.dll
2006-12-10 00:06 388,608 --a------ C:\WINDOWS\system32\cmd.exe
2006-12-10 00:06 385,536 --a------ C:\WINDOWS\system32\themeui.dll
2006-12-10 00:06 378,368 --a------ C:\WINDOWS\system32\wzcdlg.dll
2006-12-10 00:06 37,888 --a------ C:\WINDOWS\system32\url.dll
2006-12-10 00:06 363,008 --a------ C:\WINDOWS\system32\smlogcfg.dll
2006-12-10 00:06 36,992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2006-12-10 00:06 36,480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2006-12-10 00:06 36,352 --a------ C:\WINDOWS\system32\drivers\disk.sys
2006-12-10 00:06 36,224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2006-12-10 00:06 359,936 --a------ C:\WINDOWS\system32\wzcsvc.dll
2006-12-10 00:06 359,040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2006-12-10 00:06 358,400 --a------ C:\WINDOWS\system32\termmgr.dll
2006-12-10 00:06 35,840 --a------ C:\WINDOWS\system32\umandlg.dll
2006-12-10 00:06 35,328 --a------ C:\WINDOWS\system32\drivers\processr.sys
2006-12-10 00:06 35,072 --a------ C:\WINDOWS\system32\drivers\msgpc.sys
2006-12-10 00:06 347,136 --a------ C:\WINDOWS\system32\tourstart.exe
2006-12-10 00:06 341,504 --a------ C:\WINDOWS\system32\localspl.dll
2006-12-10 00:06 34,816 --a------ C:\WINDOWS\system32\ssdpapi.dll
2006-12-10 00:06 34,560 --a------ C:\WINDOWS\system32\drivers\wanarp.sys
2006-12-10 00:06 34,560 --a------ C:\WINDOWS\system32\drivers\netbios.sys
2006-12-10 00:06 337,920 --a------ C:\WINDOWS\system32\zipfldr.dll
2006-12-10 00:06 336,256 --a------ C:\WINDOWS\system32\drivers\srv.sys
2006-12-10 00:06 333,312 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-10 00:06 33,792 --a------ C:\WINDOWS\system32\msgsvc.dll
2006-12-10 00:06 32,768 --a------ C:\WINDOWS\system32\winipsec.dll
2006-12-10 00:06 32,768 --a------ C:\WINDOWS\system32\csrsrv.dll
2006-12-10 00:06 32,256 --a------ C:\WINDOWS\system32\wpnpinst.exe
2006-12-10 00:06 32,256 --a------ C:\WINDOWS\system32\wpabaln.exe
2006-12-10 00:06 316,416 --a------ C:\WINDOWS\system32\untfs.dll
2006-12-10 00:06 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-12-10 00:06 306,176 --a------ C:\WINDOWS\system32\slbcsp.dll
2006-12-10 00:06 303,616 --a------ C:\WINDOWS\system32\wmstream.dll
2006-12-10 00:06 30,848 --a------ C:\WINDOWS\system32\drivers\npfs.sys
2006-12-10 00:06 30,749 --a------ C:\WINDOWS\system32\vbajet32.dll
2006-12-10 00:06 30,720 --a------ C:\WINDOWS\system32\xcopy.exe
2006-12-10 00:06 30,080 --a------ C:\WINDOWS\system32\drivers\rndismp.sys
2006-12-10 00:06 30,080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2006-12-10 00:06 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-12-10 00:06 291,328 --a------ C:\WINDOWS\system32\winsrv.dll
2006-12-10 00:06 289,792 --a------ C:\WINDOWS\system32\vssvc.exe
2006-12-10 00:06 28,672 --a------ C:\WINDOWS\system32\wshcon.dll
2006-12-10 00:06 276,992 --a------ C:\WINDOWS\system32\comdlg32.dll
2006-12-10 00:06 276,480 --a------ C:\WINDOWS\system32\webcheck.dll
2006-12-10 00:06 275,456 --a------ C:\WINDOWS\system32\ulib.dll
2006-12-10 00:06 27,392 --a------ C:\WINDOWS\system32\drivers\fdc.sys
2006-12-10 00:06 27,136 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-12-10 00:06 264,192 --a------ C:\WINDOWS\system32\wow32.dll
2006-12-10 00:06 26,496 --a------ C:\WINDOWS\system32\drivers\usbstor.sys
2006-12-10 00:06 26,112 --a------ C:\WINDOWS\system32\vdmdbg.dll
2006-12-10 00:06 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-12-10 00:06 25,600 --a------ C:\WINDOWS\system32\udhisapi.dll
2006-12-10 00:06 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2006-12-10 00:06 25,472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2006-12-10 00:06 25,088 --a------ C:\WINDOWS\system32\slayerxp.dll
2006-12-10 00:06 25,088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2006-12-10 00:06 246,302 --a------ C:\WINDOWS\system32\strmdll.dll
2006-12-10 00:06 246,272 --a------ C:\WINDOWS\system32\tapisrv.dll
2006-12-10 00:06 24,960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys
2006-12-10 00:06 24,576 --a------ C:\WINDOWS\system32\userinit.exe
2006-12-10 00:06 24,576 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2006-12-10 00:06 239,616 --a------ C:\WINDOWS\system32\upnpui.dll
2006-12-10 00:06 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-12-10 00:06 236,544 --a------ C:\WINDOWS\system32\rasapi32.dll
2006-12-10 00:06 230,400 --a------ C:\WINDOWS\system32\wmasf.dll
2006-12-10 00:06 23,552 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-12-10 00:06 23,040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2006-12-10 00:06 223,616 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2006-12-10 00:06 22,528 --a------ C:\WINDOWS\system32\wsock32.dll
2006-12-10 00:06 218,624 --a------ C:\WINDOWS\system32\uxtheme.dll
2006-12-10 00:06 210,432 --a------ C:\WINDOWS\system32\t2embed.dll
2006-12-10 00:06 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-12-10 00:06 209,408 --a------ C:\WINDOWS\system32\drivers\update.sys
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\ssmarque.scr
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\drivers\vga.sys
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\drivers\ipinip.sys
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpui.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpcore.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpcd.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\drivers\flpydisk.sys
2006-12-10 00:06 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-12-10 00:06 2,940,928 --a------ C:\WINDOWS\system32\wmploc.dll
2006-12-10 00:06 2,179,328 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2006-12-10 00:06 2,105,344 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-12-10 00:06 2,056,832 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2006-12-10 00:06 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2006-12-10 00:06 191,488 --a------ C:\WINDOWS\system32\syncui.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\wshtcpip.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\ws2help.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\ssbezier.scr
2006-12-10 00:06 19,328 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-12-10 00:06 19,072 --a------ C:\WINDOWS\system32\drivers\msfs.sys
2006-12-10 00:06 187,776 --a------ C:\WINDOWS\system32\drivers\acpi.sys
2006-12-10 00:06 185,344 --a------ C:\WINDOWS\system32\upnphost.dll
2006-12-10 00:06 182,912 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2006-12-10 00:06 182,272 --a------ C:\WINDOWS\system32\snmpsnap.dll
2006-12-10 00:06 181,760 --a------ C:\WINDOWS\system32\tapi32.dll
2006-12-10 00:06 181,248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2006-12-10 00:06 180,800 --a------ C:\WINDOWS\system32\sqlunirl.dll
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\version.dll
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\ssmyst.scr
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\snmpapi.dll
2006-12-10 00:06 18,560 --a------ C:\WINDOWS\system32\drivers\tdi.sys
2006-12-10 00:06 18,432 --a------ C:\WINDOWS\system32\wtsapi32.dll
2006-12-10 00:06 18,432 --a------ C:\WINDOWS\system32\ups.exe
2006-12-10 00:06 176,640 --a------ C:\WINDOWS\system32\wintrust.dll
2006-12-10 00:06 176,128 --a------ C:\WINDOWS\system32\winmm.dll
2006-12-10 00:06 174,592 --a------ C:\WINDOWS\system32\w32time.dll
2006-12-10 00:06 174,592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2006-12-10 00:06 174,200 --a------ C:\WINDOWS\system32\xenroll.dll
2006-12-10 00:06 172,032 --a------ C:\WINDOWS\system32\wldap32.dll
2006-12-10 00:06 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-12-10 00:06 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-12-10 00:06 17,664 --a------ C:\WINDOWS\system32\watchdog.sys
2006-12-10 00:06 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-12-10 00:06 162,816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\winrnr.dll
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\usbmon.dll
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\upnpcont.exe
2006-12-10 00:06 16,000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2006-12-10 00:06 153,344 --a------ C:\WINDOWS\system32\drivers\dmio.sys
2006-12-10 00:06 15,488 --a------ C:\WINDOWS\system32\drivers\serenum.sys
2006-12-10 00:06 15,360 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-12-10 00:06 15,360 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-12-10 00:06 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-12-10 00:06 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2006-12-10 00:06 144,896 --a------ C:\WINDOWS\system32\schannel.dll
2006-12-10 00:06 144,384 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-12-10 00:06 144,384 --a------ C:\WINDOWS\system32\imagehlp.dll
2006-12-10 00:06 143,360 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2006-12-10 00:06 142,976 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2006-12-10 00:06 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-12-10 00:06 140,928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-12-10 00:06 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-12-10 00:06 14,976 --a------ C:\WINDOWS\system32\drivers\tape.sys
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\tcpmib.dll
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\stimon.exe
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\mgmtapi.dll
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\wship6.dll
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\svchost.exe
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\ssstars.scr
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\drivers\asyncmac.sys
2006-12-10 00:06 14,208 --a------ C:\WINDOWS\system32\drivers\diskdump.sys
2006-12-10 00:06 14,080 --a------ C:\WINDOWS\system32\drivers\cmbatt.sys
2006-12-10 00:06 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006-12-10 00:06 138,496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2006-12-10 00:06 136,704 --a------ C:\WINDOWS\system32\sti_ci.dll
2006-12-10 00:06 135,680 --a------ C:\WINDOWS\system32\webvw.dll
2006-12-10 00:06 135,680 --a------ C:\WINDOWS\system32\taskmgr.exe
2006-12-10 00:06 134,912 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2006-12-10 00:06 132,608 --a------ C:\WINDOWS\system32\upnp.dll
2006-12-10 00:06 132,096 --a------ C:\WINDOWS\system32\wkssvc.dll
2006-12-10 00:06 13,824 --a------ C:\WINDOWS\system32\uniplat.dll
2006-12-10 00:06 13,824 --a------ C:\WINDOWS\system32\lmhsvc.dll
2006-12-10 00:06 13,312 --a------ C:\WINDOWS\system32\savedump.exe
2006-12-10 00:06 129,536 --a------ C:\WINDOWS\system32\msv1_0.dll
2006-12-10 00:06 124,416 --a------ C:\WINDOWS\system32\wiadss.dll
2006-12-10 00:06 121,856 --a------ C:\WINDOWS\system32\stobject.dll
2006-12-10 00:06 12,928 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2006-12-10 00:06 12,672 --a------ C:\WINDOWS\system32\drivers\usb8023.sys
2006-12-10 00:06 12,288 --a------ C:\WINDOWS\system32\tracert.exe
2006-12-10 00:06 12,168 --a------ C:\WINDOWS\system32\tsddd.dll
2006-12-10 00:06 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-12-10 00:06 119,936 --a------ C:\WINDOWS\system32\drivers\pcmcia.sys
2006-12-10 00:06 118,272 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2006-12-10 00:06 115,200 --a------ C:\WINDOWS\system32\wmsdmoe.dll
2006-12-10 00:06 114,688 --a------ C:\WINDOWS\system32\wscript.exe
2006-12-10 00:06 111,104 --a------ C:\WINDOWS\system32\wiavideo.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\wshrm.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-12-10 00:06 11,392 --a------ C:\WINDOWS\system32\drivers\sfloppy.sys
2006-12-10 00:06 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-12-10 00:06 11,136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-12-10 00:06 108,032 --a------ C:\WINDOWS\system32\services.exe
2006-12-10 00:06 107,904 --a------ C:\WINDOWS\system32\drivers\mup.sys
2006-12-10 00:06 105,984 --a------ C:\WINDOWS\system32\sysocmgr.exe
2006-12-10 00:06 102,400 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-12-10 00:06 101,888 --a------ C:\WINDOWS\system32\win32spl.dll
2006-12-10 00:06 101,376 --a------ C:\WINDOWS\system32\txflog.dll
2006-12-10 00:06 10,880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-12-10 00:06 1,836,288 --a------ C:\WINDOWS\system32\win32k.sys
2006-12-10 00:06 1,050,624 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-12-10 00:05 <DIR> d-------- C:\WINDOWS\EHome
2006-12-09 21:02 16,694 --a------ C:\WINDOWS\system32\drivers\PalmUSBD.sys
2006-12-09 21:02 <DIR> d-------- C:\palm
2006-12-09 18:12 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\Arcsoft
2006-12-09 17:56 53,248 --a------ C:\WINDOWS\PalmDevC.dll
2006-12-09 17:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HotSync
2006-12-09 17:53 <DIR> d-------- C:\Program Files\palmOne
2006-12-09 17:52 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\HotSync
2006-11-21 22:08 <DIR> d-------- C:\Install iTunes
2006-11-21 22:07 <DIR> d-------- C:\Install ICQ
2006-11-21 22:07 <DIR> d-------- C:\AOL Instant Messenger


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-11 03:09 -------- d-------- C:\Program Files\Windows Media Player
2006-12-10 20:19 -------- d-------- C:\Program Files\Common Files\imfw
2006-12-10 19:22 -------- d---s---- C:\Documents and Settings\Staples\Application Data\Microsoft
2006-12-10 19:05 -------- d-------- C:\Program Files\Messenger
2006-12-10 18:44 -------- d-------- C:\Program Files\Movie Maker
2006-12-10 18:44 -------- d-------- C:\Program Files\Internet Explorer
2006-12-10 18:38 -------- d-------- C:\Program Files\NetMeeting
2006-12-10 18:37 -------- d-------- C:\Program Files\Outlook Express
2006-12-10 18:37 -------- d-------- C:\Program Files\Common Files\System
2006-12-10 17:52 -------- d-------- C:\Program Files\MenuPro
2006-12-10 13:13 -------- d-------- C:\Program Files\Pure Networks
2006-12-10 13:13 -------- d-------- C:\Program Files\Common Files
2006-12-10 12:57 -------- d-------- C:\Program Files\Easy Internet signup
2006-12-10 12:54 -------- d-------- C:\Program Files\Common Files\AOL
2006-12-10 12:54 -------- d-------- C:\Documents and Settings\Staples\Application Data\AOL
2006-12-10 03:11 -------- d-------- C:\Program Files\Symantec
2006-12-10 01:25 -------- d--h----- C:\Program Files\WindowsUpdate
2006-11-29 12:39 -------- d-------- C:\Program Files\mobile PhoneTools
2006-11-26 11:15 -------- d-------- C:\Documents and Settings\Staples\Application Data\Share-to-Web Upload Folder
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MMTray"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe"
"vptray"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"RoxioEngineUtility"="\"C:\\Program Files\\Common Files\\Roxio Shared\\System\\EngUtil.exe\""
"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\DragToDisc\\DrgToDsc.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"QT4HPOT"="C:\\Program Files\\HPQ\\One-Touch\\OneTouch.EXE"
"Lexmark X5100 Series"="\"C:\\Program Files\\Lexmark X5100 Series\\lxbabmgr.exe\""
"HPHUPD05"="c:\\Program Files\\Hewlett-Packard\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
"HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb08.exe"
"HP Software Update"="\"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe\""
"Display Settings"="C:\\Program Files\\HPQ\\Notebook Utilities\\hptasks.exe /s"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"CARPService"="carpserv.exe"
"CamMonitor"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\\\Unload\\hpqcmon.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATIModeChange"="Ati2mdxx.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"_NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"hpzswc"="C:\\WINDOWS\\System32\\hpzswc.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"cmdService"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 06-12-17 13:19:07.86
C:\ComboFix.txt ... 06-12-17 13:19
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

thanks for the quick response (cont)

Unread postby kizmdyno » December 17th, 2006, 2:44 pm

hijackthis log
***********************
Logfile of HijackThis v1.99.1
Scan saved at 1:33:41 PM, on 12/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Documents and Settings\Staples\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5280391607
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Secure HTTP (Service Secured) - Unknown owner - C:\WINDOWS\csrvs.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

Unread postby Shaba » December 17th, 2006, 3:09 pm

Hi

First we'll need to backup registry:

Start -> Run -> regedit -> ok. Then File -> Export. Give it a name and press Save.

Save text below as fix.reg on Notepad (save it as all files (*.*) on Desktop

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"hpzswc"=-

Doubleclick fix.reg, press Yes and ok.

Open HijackThis, click do a system scan only and checkmark this:

O23 - Service: Secure HTTP (Service Secured) - Unknown owner - C:\WINDOWS\csrvs.exe (file missing)

Close all windows including browser and press fix checked.

Reboot

Delete if present:

C:\WINDOWS\csrvs.exe
C:\WINDOWS\System32\hpzswc.exe

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Re-run combofix

Send:

- a fresh HijackThis log
- kaspersky report
- combofix report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

FYI, kaspersky log

Unread postby kizmdyno » December 17th, 2006, 9:18 pm

FYI
******************
found neither csrvs.exe nor hpzswc.exe files.

ran kaspersky scan. it found infections but I did NOT act on any of the infections.

******************
kaspersky log
******************
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, December 17, 2006 8:01:05 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 17/12/2006
Kaspersky Anti-Virus database records: 251457
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 66798
Number of viruses found: 11
Number of infected objects: 278 / 0
Number of suspicious objects: 2
Duration of the scan process: 02:50:51

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/mte3ndi6odoxng.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\070C0000.VBN Infected: Backdoor.Win32.SdBot.aad skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A400000.VBN Infected: Trojan-Downloader.Win32.Small.bke skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A400001.VBN Infected: Trojan-Downloader.Win32.Small.cam skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA80000.VBN Infected: Trojan-Downloader.Win32.Small.bke skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA80002.VBN Infected: Trojan-Downloader.Win32.Small.cam skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA80004.VBN Infected: Backdoor.Win32.SdBot.aad skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Staples\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Staples\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Staples\ntuser.dat.LOG Object is locked skipped
C:\Program Files\a-squared Free\Quarantine\08af23c4e9d6afba8590f94bb1c5aabb.a2q/WINDOWS/system32/ugnphost.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\08af23c4e9d6afba8590f94bb1c5aabb.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\0bbd102d883dcb36cb7af18dfc86934a.a2q/WINDOWS/system32/wkock32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\0bbd102d883dcb36cb7af18dfc86934a.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\16e232842de247bc48e72a87862a2a2e.a2q/mg1.exe Infected: not-a-virus:AdWare.Win32.WinAD.bo skipped
C:\Program Files\a-squared Free\Quarantine\16e232842de247bc48e72a87862a2a2e.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\17794991e8108931e211b3ea7c3676ed.a2q/WINDOWS/system32/mtcans32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\17794991e8108931e211b3ea7c3676ed.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\17f77c9ace5d9e7a6497999f550ee7bb.a2q/WINDOWS/system32/lgjbg13n.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\17f77c9ace5d9e7a6497999f550ee7bb.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\1e32f896f97d89473944bb1526e99018.a2q/WINDOWS/system32/dvcompos.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\1e32f896f97d89473944bb1526e99018.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\300ae765072f54b1991be3c8f7790185.a2q/mt13u.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\Program Files\a-squared Free\Quarantine\300ae765072f54b1991be3c8f7790185.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\36a3c7b02a5ddcf49c847d2efce33369.a2q/WINDOWS/system32/auptif.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\36a3c7b02a5ddcf49c847d2efce33369.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\36bf27e62882c7bb2a58586aea92c34e.a2q/WINDOWS/system32/oye32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\36bf27e62882c7bb2a58586aea92c34e.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\3bc72f189e89e12a92886adf9bc292b9.a2q/WINDOWS/system32/whCC-CLICK.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\Program Files\a-squared Free\Quarantine\3bc72f189e89e12a92886adf9bc292b9.a2q/WINDOWS/system32/whCC-CLICK.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\Program Files\a-squared Free\Quarantine\3bc72f189e89e12a92886adf9bc292b9.a2q/WINDOWS/system32/whCC-CLICK.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\Program Files\a-squared Free\Quarantine\3bc72f189e89e12a92886adf9bc292b9.a2q/WINDOWS/system32/whCC-CLICK.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\Program Files\a-squared Free\Quarantine\3bc72f189e89e12a92886adf9bc292b9.a2q ZIP: infected - 4 skipped
C:\Program Files\a-squared Free\Quarantine\4d53c17ccb0762f969c09e10512c0d28.a2q/WINDOWS/system32/mxcpx32r.dLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\4d53c17ccb0762f969c09e10512c0d28.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\4e1f67bdcc217c3df1389bce3d0235da.a2q/WINDOWS/system32/kvddv.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\4e1f67bdcc217c3df1389bce3d0235da.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\4f3d6f7931f148d76b629a3695268daa.a2q/WINDOWS/system32/mdg4dmod.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\4f3d6f7931f148d76b629a3695268daa.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\5a9fa30ab7d05d0a94b1c849c28920a2.a2q/WINDOWS/system32/HKFCI006.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\5a9fa30ab7d05d0a94b1c849c28920a2.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\5cc1d6dac6c31905131d06d2fc9562ce.a2q/WINDOWS/system32/mdimg32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\5cc1d6dac6c31905131d06d2fc9562ce.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\60369579fe902c7456585d9c710cf515.a2q/WINDOWS/system32/el.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\60369579fe902c7456585d9c710cf515.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\7d9a38e41cc944e17ee07916b144a8d9.a2q/WINDOWS/system32/txrmmgr.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\7d9a38e41cc944e17ee07916b144a8d9.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\995abe9871a50616cddbac33728b572f.a2q/WINDOWS/system32/mv22l9fo1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\995abe9871a50616cddbac33728b572f.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\ab1b1c7aa5c5d7d18f811bad45079394.a2q/contextplus.exe Infected: Trojan.Win32.Crypt.t skipped
C:\Program Files\a-squared Free\Quarantine\ab1b1c7aa5c5d7d18f811bad45079394.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\af0bd0c3462d5f7b15e0650196e62378.a2q/WINDOWS/system32/0cw8i7c6.dll Infected: not-a-virus:AdWare.Win32.Sud.e skipped
C:\Program Files\a-squared Free\Quarantine\af0bd0c3462d5f7b15e0650196e62378.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\bac824950623361f4a87f3bf7387e106.a2q/WINDOWS/system32/c0000admed0a0.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\bac824950623361f4a87f3bf7387e106.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\bbe5c3fd1e65de9037838a4295c8ca26.a2q/WINDOWS/system32/k8080idue8080.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\bbe5c3fd1e65de9037838a4295c8ca26.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\c1c8dc57386325f7a765a861dd6d6e26.a2q/mt134.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\Program Files\a-squared Free\Quarantine\c1c8dc57386325f7a765a861dd6d6e26.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\d02beec9863b5608b040f4f40a02cdad.a2q/WINDOWS/system32/ivmp.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\d02beec9863b5608b040f4f40a02cdad.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\d722a45e6730eca1e06c7c14a5ff229f.a2q/WINDOWS/system32/cRbview.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\d722a45e6730eca1e06c7c14a5ff229f.a2q ZIP: infected - 1 skipped
C:\Program Files\a-squared Free\Quarantine\fb7ed5a53e2260c98e0a55f026d73f2f.a2q/WINDOWS/system32/dn8s01l7e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\Program Files\a-squared Free\Quarantine\fb7ed5a53e2260c98e0a55f026d73f2f.a2q ZIP: infected - 1 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP160\A0085817.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP160\A0085850.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP161\A0086861.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP161\A0086884.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP161\A0086909.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP161\A0086931.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP161\A0086944.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP162\A0086959.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0086969.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087000.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087001.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087029.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087030.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087058.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087059.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087089.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087090.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087111.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087139.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087140.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087161.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087183.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087218.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087236.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087246.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087265.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087285.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087308.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087330.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087473.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0087556.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088030.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088306.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088426.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088431.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088458.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0088474.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP163\A0089521.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089565.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089574.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089600.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089605.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089611.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089626.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089636.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089645.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089652.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP164\A0089662.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090667.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090672.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090691.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090698.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090718.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP166\A0091757.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP168\A0091819.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0100928.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0100947.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0101148.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0101155.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101202.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101228.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101229.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101293.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101317.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101318.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101340.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101341.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101345.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101351.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101935.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101939.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101950.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101960.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101964.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101973.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101984.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101988.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101992.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0102000.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0104917.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0104924.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105018.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe RarSFX: infected - 3 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105029.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105030.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105031.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105032.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105033.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105034.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105035.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105036.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105037.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105038.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105039.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105040.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105041.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105042.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105043.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105044.dLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105045.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105046.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105047.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105048.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105049.dll Infected: not-a-virus:AdWare.Win32.Sud.e skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105050.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105051.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105052.exe Infected: not-a-virus:AdWare.Win32.WinAD.bo skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105053.exe Infected: Trojan.Win32.Crypt.t skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105065.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105067.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105083.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105084.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105090.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105096.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105158.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105379.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105446.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105452.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105453.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105454.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105455.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105456.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105457.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105458.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105459.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105460.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105461.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105462.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105463.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105464.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105465.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105466.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105467.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105468.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105469.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105470.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105471.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105472.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105473.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105474.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105475.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105476.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105477.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105478.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105479.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105480.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105481.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105482.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105483.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105484.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105485.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105486.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105487.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105488.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105489.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105490.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105491.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105492.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105493.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105494.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105495.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105496.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105497.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105498.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105499.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105500.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105501.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105502.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105503.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105504.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105505.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105506.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105507.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105508.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105509.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105510.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105511.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105512.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105513.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105514.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105515.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105516.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105517.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105518.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105519.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105520.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105521.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105522.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105523.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105524.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105525.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105526.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105527.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105528.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105529.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105530.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105531.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105532.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105533.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105534.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105535.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105536.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105537.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105538.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105539.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105540.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105542.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105543.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105544.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105545.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105546.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105547.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP175\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\msnavpklog.txt Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{5037C0F7-8AA1-460D-A3CF-28B2F5EA6CB4}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

combofix log 2

Unread postby kizmdyno » December 17th, 2006, 9:19 pm

Staples - 06-12-17 20:04:10.46 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Staples\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-11-17 to 2006-12-17 ))))))))))))))))))))))))))))))))))


2006-12-17 14:50 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2006-12-17 14:44 <DIR> d-------- C:\WINDOWS\LastGood
2006-12-17 12:55 <DIR> d-------- C:\Documents and Settings\Staples\.housecall6.6
2006-12-11 03:07 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-12-11 03:06 <DIR> d-------- C:\b866fe632f9d69b878
2006-12-10 22:56 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-12-10 20:59 <DIR> d-------- C:\Program Files\a-squared Free
2006-12-10 20:38 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-12-10 19:34 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\Lavasoft
2006-12-10 19:33 <DIR> d-------- C:\Program Files\Lavasoft
2006-12-10 19:11 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2006-12-10 19:09 <DIR> d-------- C:\Program Files\msn gaming zone
2006-12-10 19:06 <DIR> d-------- C:\WINDOWS\Prefetch
2006-12-10 18:45 9,216 --------- C:\WINDOWS\system32\proxycfg.exe
2006-12-10 18:45 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2006-12-10 18:45 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2006-12-10 18:45 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2006-12-10 18:45 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2006-12-10 18:45 59,392 --------- C:\WINDOWS\system32\logman.exe
2006-12-10 18:45 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2006-12-10 18:45 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2006-12-10 18:45 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2006-12-10 18:45 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2006-12-10 18:45 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2006-12-10 18:45 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2006-12-10 18:45 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2006-12-10 18:45 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2006-12-10 18:45 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2006-12-10 18:45 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2006-12-10 18:45 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2006-12-10 18:45 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2006-12-10 18:45 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2006-12-10 18:45 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2006-12-10 18:45 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2006-12-10 18:45 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2006-12-10 18:45 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2006-12-10 18:45 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2006-12-10 18:45 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2006-12-10 18:45 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2006-12-10 18:45 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2006-12-10 18:45 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2006-12-10 18:45 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2006-12-10 18:45 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2006-12-10 18:45 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2006-12-10 18:45 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2006-12-10 18:45 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2006-12-10 18:45 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2006-12-10 18:45 263,040 --------- C:\WINDOWS\system32\drivers\http.sys
2006-12-10 18:45 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2006-12-10 18:45 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2006-12-10 18:45 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2006-12-10 18:45 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2006-12-10 18:45 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2006-12-10 18:45 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2006-12-10 18:45 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2006-12-10 18:45 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2006-12-10 18:45 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2006-12-10 18:45 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2006-12-10 18:45 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2006-12-10 18:45 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2006-12-10 18:45 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2006-12-10 18:45 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2006-12-10 18:45 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2006-12-10 18:45 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2006-12-10 18:45 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-10 18:45 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2006-12-10 18:45 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2006-12-10 18:45 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2006-12-10 18:45 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2006-12-10 18:45 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2006-12-10 18:45 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2006-12-10 18:45 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2006-12-10 18:45 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2006-12-10 18:44 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2006-12-10 18:44 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2006-12-10 18:44 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2006-12-10 18:44 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2006-12-10 18:44 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2006-12-10 18:44 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2006-12-10 18:44 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2006-12-10 18:44 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2006-12-10 18:44 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2006-12-10 18:44 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2006-12-10 18:44 73,796 --------- C:\WINDOWS\system32\slserv.exe
2006-12-10 18:44 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2006-12-10 18:44 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2006-12-10 18:44 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2006-12-10 18:44 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2006-12-10 18:44 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2006-12-10 18:44 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2006-12-10 18:44 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2006-12-10 18:44 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2006-12-10 18:44 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2006-12-10 18:44 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2006-12-10 18:44 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2006-12-10 18:44 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2006-12-10 18:44 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2006-12-10 18:44 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2006-12-10 18:44 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2006-12-10 18:44 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2006-12-10 18:44 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2006-12-10 18:44 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2006-12-10 18:44 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2006-12-10 18:44 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2006-12-10 18:44 44,032 --------- C:\WINDOWS\system32\twext.dll
2006-12-10 18:44 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2006-12-10 18:44 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2006-12-10 18:44 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2006-12-10 18:44 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2006-12-10 18:44 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2006-12-10 18:44 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2006-12-10 18:44 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2006-12-10 18:44 32,866 --------- C:\WINDOWS\slrundll.exe
2006-12-10 18:44 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2006-12-10 18:44 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2006-12-10 18:44 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2006-12-10 18:44 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2006-12-10 18:44 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2006-12-10 18:44 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2006-12-10 18:44 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2006-12-10 18:44 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2006-12-10 18:44 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2006-12-10 18:44 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2006-12-10 18:44 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2006-12-10 18:44 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-12-10 18:44 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2006-12-10 18:44 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2006-12-10 18:44 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2006-12-10 18:44 20,992 --------- C:\WINDOWS\system32\bthci.dll
2006-12-10 18:44 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2006-12-10 18:44 188,508 --------- C:\WINDOWS\system32\slgen.dll
2006-12-10 18:44 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2006-12-10 18:44 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2006-12-10 18:44 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2006-12-10 18:44 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2006-12-10 18:44 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2006-12-10 18:44 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-12-10 18:44 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2006-12-10 18:44 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2006-12-10 18:44 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2006-12-10 18:44 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2006-12-10 18:44 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2006-12-10 18:44 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2006-12-10 18:44 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2006-12-10 18:44 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2006-12-10 18:44 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2006-12-10 18:44 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2006-12-10 18:44 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2006-12-10 18:44 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2006-12-10 18:44 116,224 --------- C:\WINDOWS\system32\p2p.dll
2006-12-10 18:44 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2006-12-10 18:44 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2006-12-10 18:44 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2006-12-10 18:44 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2006-12-10 18:44 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2006-12-10 18:44 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2006-12-10 18:44 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2006-12-10 18:44 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2006-12-10 18:44 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-12-10 18:44 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-12-10 18:44 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2006-12-10 13:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-12-10 03:10 91,856 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-10 03:10 123,712 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-10 03:09 <DIR> d-------- C:\Program Files\Symantec AntiVirus
2006-12-10 03:09 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2006-12-10 01:25 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2006-12-10 01:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-10 01:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-12-10 00:31 <DIR> d-------- C:\WINDOWS\provisioning
2006-12-10 00:31 <DIR> d-------- C:\WINDOWS\peernet
2006-12-10 00:24 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2006-12-10 00:12 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-12-10 00:10 97,280 --a------ C:\WINDOWS\system32\dpcdll.dll
2006-12-10 00:10 896,512 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2006-12-10 00:10 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-12-10 00:10 7,168 --a------ C:\WINDOWS\system32\hccoin.dll
2006-12-10 00:10 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-12-10 00:10 537,088 --a------ C:\WINDOWS\system32\msftedit.dll
2006-12-10 00:10 484,864 --a------ C:\WINDOWS\system32\wmspdmod.dll
2006-12-10 00:10 438,784 --a------ C:\WINDOWS\system32\xpob2res.dll
2006-12-10 00:10 4,096 --a------ C:\WINDOWS\system32\dsprpres.dll
2006-12-10 00:10 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2006-12-10 00:10 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-12-10 00:10 37,376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2006-12-10 00:10 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2006-12-10 00:10 338,432 --a------ C:\WINDOWS\system32\ir41_qcx.dll
2006-12-10 00:10 310,272 --a------ C:\WINDOWS\system32\mp43dmod.dll
2006-12-10 00:10 26,624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2006-12-10 00:10 24,064 --a------ C:\WINDOWS\system32\pidgen.dll
2006-12-10 00:10 20,480 --a------ C:\WINDOWS\system32\encapi.dll
2006-12-10 00:10 2,897,920 --a------ C:\WINDOWS\system32\xpsp2res.dll
2006-12-10 00:10 2,113,536 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-12-10 00:10 187,392 --a------ C:\WINDOWS\system32\xpsp1res.dll
2006-12-10 00:10 186,368 --a------ C:\WINDOWS\system32\encdec.dll
2006-12-10 00:10 151,552 --a------ C:\WINDOWS\system32\wmidx.dll
2006-12-10 00:10 120,320 --a------ C:\WINDOWS\system32\ir41_qc.dll
2006-12-10 00:10 12,416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2006-12-10 00:10 1,689,088 --a------ C:\WINDOWS\system32\d3d9.dll
2006-12-10 00:10 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-12-10 00:10 1,001,472 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-12-10 00:09 937,984 --a------ C:\WINDOWS\system32\winbrand.dll
2006-12-10 00:09 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-12-10 00:09 270,848 --a------ C:\WINDOWS\system32\sbe.dll
2006-12-10 00:09 159,232 --a------ C:\WINDOWS\system32\sbeio.dll
2006-12-10 00:09 134,656 --a------ C:\WINDOWS\system32\mssap.dll
2006-12-10 00:08 99,840 --a------ C:\WINDOWS\system32\advpack.dll
2006-12-10 00:08 98,304 --a------ C:\WINDOWS\system32\cscript.exe
2006-12-10 00:08 98,304 --a------ C:\WINDOWS\system32\ahui.exe
2006-12-10 00:08 92,672 --a------ C:\WINDOWS\system32\dskquota.dll
2006-12-10 00:08 9,728 --a------ C:\WINDOWS\system32\gpkrsrc.dll
2006-12-10 00:08 9,344 --a------ C:\WINDOWS\system32\framebuf.dll
2006-12-10 00:08 87,552 --a------ C:\WINDOWS\system32\fldrclnr.dll
2006-12-10 00:08 87,040 --a------ C:\WINDOWS\system32\drmstor.dll
2006-12-10 00:08 85,504 --a------ C:\WINDOWS\system32\diantz.exe
2006-12-10 00:08 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-12-10 00:08 84,992 --a------ C:\WINDOWS\system32\avifil32.dll
2006-12-10 00:08 84,480 --a------ C:\WINDOWS\system32\cabview.dll
2006-12-10 00:08 83,456 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-12-10 00:08 825,344 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-12-10 00:08 82,432 --a------ C:\WINDOWS\system32\dmscript.dll
2006-12-10 00:08 82,432 --a------ C:\WINDOWS\system32\dfrgfat.exe
2006-12-10 00:08 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-12-10 00:08 80,384 --a------ C:\WINDOWS\system32\iccvid.dll
2006-12-10 00:08 80,384 --a------ C:\WINDOWS\system32\faultrep.dll
2006-12-10 00:08 8,704 --a------ C:\WINDOWS\system32\dciman32.dll
2006-12-10 00:08 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\igmpagnt.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-12-10 00:08 8,192 --a------ C:\WINDOWS\system32\asferror.dll
2006-12-10 00:08 792,064 --a------ C:\WINDOWS\system32\comres.dll
2006-12-10 00:08 78,336 --a------ C:\WINDOWS\system32\browsewm.dll
2006-12-10 00:08 77,824 --a------ C:\WINDOWS\system32\cliconfg.dll
2006-12-10 00:08 77,312 --a------ C:\WINDOWS\system32\browser.dll
2006-12-10 00:08 75,264 --a------ C:\WINDOWS\system32\inetpp.dll
2006-12-10 00:08 74,752 --a------ C:\WINDOWS\system32\cryptdlg.dll
2006-12-10 00:08 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-12-10 00:08 71,680 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-12-10 00:08 70,656 --a------ C:\WINDOWS\system32\amstream.dll
2006-12-10 00:08 695,296 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-12-10 00:08 69,120 --a------ C:\WINDOWS\system32\ciodm.dll
2006-12-10 00:08 68,608 --a------ C:\WINDOWS\system32\digest.dll
2006-12-10 00:08 68,096 --a------ C:\WINDOWS\system32\adsmsext.dll
2006-12-10 00:08 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-12-10 00:08 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-12-10 00:08 65,024 --a------ C:\WINDOWS\system32\asycfilt.dll
2006-12-10 00:08 640,000 --a------ C:\WINDOWS\system32\dbghelp.dll
2006-12-10 00:08 64,000 --a------ C:\WINDOWS\system32\cleanmgr.exe
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\cryptnet.dll
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\cmstp.exe
2006-12-10 00:08 63,488 --a------ C:\WINDOWS\system32\browselc.dll
2006-12-10 00:08 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-12-10 00:08 62,976 --a------ C:\WINDOWS\system32\iesetup.dll
2006-12-10 00:08 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2006-12-10 00:08 619,008 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-12-10 00:08 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2006-12-10 00:08 61,440 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-12-10 00:08 61,440 --a------ C:\WINDOWS\system32\admparse.dll
2006-12-10 00:08 60,928 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-12-10 00:08 60,416 --a------ C:\WINDOWS\system32\cryptsvc.dll
2006-12-10 00:08 597,504 --a------ C:\WINDOWS\system32\crypt32.dll
2006-12-10 00:08 59,904 --a------ C:\WINDOWS\system32\devenum.dll
2006-12-10 00:08 59,904 --a------ C:\WINDOWS\system32\cabinet.dll
2006-12-10 00:08 580,608 --a------ C:\WINDOWS\system32\autofmt.exe
2006-12-10 00:08 58,880 --a------ C:\WINDOWS\system32\atl.dll
2006-12-10 00:08 57,856 --a------ C:\WINDOWS\system32\clusapi.dll
2006-12-10 00:08 57,344 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-12-10 00:08 56,832 --a------ C:\WINDOWS\system32\authz.dll
2006-12-10 00:08 55,808 --a------ C:\WINDOWS\system32\ipconfig.exe
2006-12-10 00:08 55,808 --a------ C:\WINDOWS\system32\eventlog.dll
2006-12-10 00:08 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-12-10 00:08 54,272 --a------ C:\WINDOWS\system32\dataclen.dll
2006-12-10 00:08 53,840 --a------ C:\WINDOWS\system32\dosx.exe
2006-12-10 00:08 53,760 --a------ C:\WINDOWS\system32\cryptext.dll
2006-12-10 00:08 52,736 --a------ C:\WINDOWS\system32\basesrv.dll
2006-12-10 00:08 52,224 --a------ C:\WINDOWS\system32\dmutil.dll
2006-12-10 00:08 512,512 --a------ C:\WINDOWS\system32\cryptui.dll
2006-12-10 00:08 51,200 --a------ C:\WINDOWS\system32\dssec.dll
2006-12-10 00:08 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-12-10 00:08 50,688 --a------ C:\WINDOWS\twain_32.dll
2006-12-10 00:08 50,688 --a------ C:\WINDOWS\system32\camocx.dll
2006-12-10 00:08 5,632 --a------ C:\WINDOWS\system32\cisvc.exe
2006-12-10 00:08 498,205 --a------ C:\WINDOWS\system32\dxmasf.dll
2006-12-10 00:08 48,640 --a------ C:\WINDOWS\system32\iernonce.dll
2006-12-10 00:08 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-12-10 00:08 48,128 --a------ C:\WINDOWS\system32\docprop2.dll
2006-12-10 00:08 47,104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2006-12-10 00:08 47,104 --a------ C:\WINDOWS\system32\cmdl32.exe
2006-12-10 00:08 457,728 --a------ C:\WINDOWS\system32\certmgr.dll
2006-12-10 00:08 45,568 --a------ C:\WINDOWS\system32\extrac32.exe
2006-12-10 00:08 45,568 --a------ C:\WINDOWS\system32\dnsrslvr.dll
2006-12-10 00:08 44,544 --a------ C:\WINDOWS\system32\alg.exe
2006-12-10 00:08 42,496 --a------ C:\WINDOWS\system32\audiosrv.dll
2006-12-10 00:08 41,984 --a------ C:\WINDOWS\system32\htui.dll
2006-12-10 00:08 4,096 --a------ C:\WINDOWS\system32\actmovie.exe
2006-12-10 00:08 39,936 --a------ C:\WINDOWS\system32\cmutil.dll
2006-12-10 00:08 39,936 --a------ C:\WINDOWS\system32\cmmon32.exe
2006-12-10 00:08 39,424 --a------ C:\WINDOWS\system32\grpconv.exe
2006-12-10 00:08 382,976 --a------ C:\WINDOWS\system32\fontext.dll
2006-12-10 00:08 380,957 --a------ C:\WINDOWS\system32\expsrv.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\hhsetup.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\dfrgsnap.dll
2006-12-10 00:08 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-12-10 00:08 375,296 --a------ C:\WINDOWS\system32\dpnet.dll
2006-12-10 00:08 367,616 --a------ C:\WINDOWS\system32\dsound.dll
2006-12-10 00:08 36,921 --a------ C:\WINDOWS\system32\imeshare.dll
2006-12-10 00:08 35,840 --a------ C:\WINDOWS\system32\imgutil.dll
2006-12-10 00:08 35,840 --a------ C:\WINDOWS\system32\dmloader.dll
2006-12-10 00:08 35,328 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-12-10 00:08 35,328 --a------ C:\WINDOWS\system32\corpol.dll
2006-12-10 00:08 349,696 --a------ C:\WINDOWS\system32\ipsecsnp.dll
2006-12-10 00:08 344,064 --a------ C:\WINDOWS\system32\hnetcfg.dll
2006-12-10 00:08 343,040 --a------ C:\WINDOWS\system32\cmdial32.dll
2006-12-10 00:08 34,304 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-12-10 00:08 337,920 --a------ C:\WINDOWS\system32\filemgmt.dll
2006-12-10 00:08 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll
2006-12-10 00:08 330,752 --a------ C:\WINDOWS\system32\ippromon.dll
2006-12-10 00:08 330,752 --a------ C:\WINDOWS\system32\hnetwiz.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\inetmib1.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\cryptdll.dll
2006-12-10 00:08 33,280 --a------ C:\WINDOWS\system32\clipsrv.exe
2006-12-10 00:08 326,656 --a------ C:\WINDOWS\system32\cscui.dll
2006-12-10 00:08 323,584 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-12-10 00:08 304,128 --a------ C:\WINDOWS\system32\duser.dll
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\ddeshare.exe
2006-12-10 00:08 30,208 --a------ C:\WINDOWS\system32\atmlib.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\icmp.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-12-10 00:08 3,584 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-12-10 00:08 299,520 --a------ C:\WINDOWS\system32\drmclien.dll
2006-12-10 00:08 286,208 --a------ C:\WINDOWS\system32\blackbox.dll
2006-12-10 00:08 285,696 --a------ C:\WINDOWS\system32\atmfd.dll
2006-12-10 00:08 283,648 --a------ C:\WINDOWS\winhlp32.exe
2006-12-10 00:08 282,624 --a------ C:\WINDOWS\system32\devmgr.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dmband.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dfsshlex.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\dbnmpntw.dll
2006-12-10 00:08 28,672 --a------ C:\WINDOWS\system32\batmeter.dll
2006-12-10 00:08 278,016 --a------ C:\WINDOWS\system32\gdi32.dll
2006-12-10 00:08 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-12-10 00:08 27,648 --a------ C:\WINDOWS\system32\conime.exe
2006-12-10 00:08 27,136 --a------ C:\WINDOWS\system32\findstr.exe
2006-12-10 00:08 27,136 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-12-10 00:08 266,240 --a------ C:\WINDOWS\system32\ddraw.dll
2006-12-10 00:08 263,680 --a------ C:\WINDOWS\system32\adsnt.dll
2006-12-10 00:08 253,952 --a------ C:\WINDOWS\system32\icm32.dll
2006-12-10 00:08 252,928 --a------ C:\WINDOWS\system32\compatui.dll
2006-12-10 00:08 25,088 --a------ C:\WINDOWS\system32\defrag.exe
2006-12-10 00:08 25,088 --a------ C:\WINDOWS\system32\at.exe
2006-12-10 00:08 243,200 --a------ C:\WINDOWS\system32\es.dll
2006-12-10 00:08 24,576 --a------ C:\WINDOWS\system32\dbmsrpcn.dll
2006-12-10 00:08 24,576 --a------ C:\WINDOWS\system32\davclnt.dll
2006-12-10 00:08 239,104 --a------ C:\WINDOWS\system32\dsquery.dll
2006-12-10 00:08 23,552 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-12-10 00:08 23,552 --a------ C:\WINDOWS\system32\dmserver.dll
2006-12-10 00:08 23,040 --a------ C:\WINDOWS\system32\ersvc.dll
2006-12-10 00:08 229,888 --a------ C:\WINDOWS\system32\dplayx.dll
2006-12-10 00:08 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2006-12-10 00:08 229,376 --a------ C:\WINDOWS\system32\compstui.dll
2006-12-10 00:08 224,768 --a------ C:\WINDOWS\system32\dmadmin.exe
2006-12-10 00:08 216,576 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-12-10 00:08 212,480 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-12-10 00:08 21,504 --a------ C:\WINDOWS\system32\feclient.dll
2006-12-10 00:08 21,504 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-12-10 00:08 200,704 --a------ C:\WINDOWS\system32\dmdskmgr.dll
2006-12-10 00:08 20,992 --a------ C:\WINDOWS\system32\hid.dll
2006-12-10 00:08 20,992 --a------ C:\WINDOWS\system32\fontview.exe
2006-12-10 00:08 20,480 --a------ C:\WINDOWS\system32\cliconfg.exe
2006-12-10 00:08 2,067,968 --a------ C:\WINDOWS\system32\cdosys.dll
2006-12-10 00:08 194,560 --a------ C:\WINDOWS\system32\certcli.dll
2006-12-10 00:08 194,048 --a------ C:\WINDOWS\system32\activeds.dll
2006-12-10 00:08 193,024 --a------ C:\WINDOWS\system32\eudcedit.exe
2006-12-10 00:08 19,456 --a------ C:\WINDOWS\system32\dswave.dll
2006-12-10 00:08 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-12-10 00:08 183,296 --a------ C:\WINDOWS\system32\els.dll
2006-12-10 00:08 182,784 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2006-12-10 00:08 181,760 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-12-10 00:08 181,760 --a------ C:\WINDOWS\system32\dinput8.dll
2006-12-10 00:08 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2006-12-10 00:08 180,224 --a------ C:\WINDOWS\system32\dwwin.exe
2006-12-10 00:08 18,432 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-12-10 00:08 175,616 --a------ C:\WINDOWS\system32\adsldp.dll
2006-12-10 00:08 17,920 --a------ C:\WINDOWS\system32\dvdupgrd.exe
2006-12-10 00:08 17,408 --a------ C:\WINDOWS\system32\bidispl.dll
2006-12-10 00:08 17,408 --a------ C:\WINDOWS\system32\alrsvc.dll
2006-12-10 00:08 163,840 --a------ C:\WINDOWS\system32\diskpart.exe
2006-12-10 00:08 163,840 --a------ C:\WINDOWS\system32\credui.dll
2006-12-10 00:08 16,896 --a------ C:\WINDOWS\system32\cfgmgr32.dll
2006-12-10 00:08 16,384 --a------ C:\WINDOWS\system32\ds32gt.dll
2006-12-10 00:08 159,232 --a------ C:\WINDOWS\system32\dinput.dll
2006-12-10 00:08 159,232 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-12-10 00:08 150,016 --a------ C:\WINDOWS\system32\imapi.exe
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\inetppui.dll
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\dmremote.exe
2006-12-10 00:08 15,872 --a------ C:\WINDOWS\system32\cmcfg32.dll
2006-12-10 00:08 15,360 --a------ C:\WINDOWS\system32\ctfmon.exe
2006-12-10 00:08 147,456 --a------ C:\WINDOWS\system32\initpki.dll
2006-12-10 00:08 146,432 --a------ C:\WINDOWS\regedit.exe
2006-12-10 00:08 144,896 --a------ C:\WINDOWS\system32\hotplug.dll
2006-12-10 00:08 143,360 --a------ C:\WINDOWS\system32\adsldpc.dll
2006-12-10 00:08 142,336 --a------ C:\WINDOWS\system32\dsprop.dll
2006-12-10 00:08 14,336 --a------ C:\WINDOWS\system32\drprov.dll
2006-12-10 00:08 139,264 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-12-10 00:08 137,216 --a------ C:\WINDOWS\system32\dssenh.dll
2006-12-10 00:08 135,680 --a------ C:\WINDOWS\system32\ifmon.dll
2006-12-10 00:08 126,976 --a------ C:\WINDOWS\system32\apphelp.dll
2006-12-10 00:08 123,904 --a------ C:\WINDOWS\system32\dfrgui.dll
2006-12-10 00:08 123,392 --a------ C:\WINDOWS\system32\input.dll
2006-12-10 00:08 122,880 --a------ C:\WINDOWS\system32\glu32.dll
2006-12-10 00:08 120,832 --a------ C:\WINDOWS\system32\idq.dll
2006-12-10 00:08 119,808 --a------ C:\WINDOWS\system32\iasrad.dll
2006-12-10 00:08 116,736 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-12-10 00:08 114,688 --a------ C:\WINDOWS\system32\iexpress.exe
2006-12-10 00:08 114,688 --a------ C:\WINDOWS\system32\aclui.dll
2006-12-10 00:08 113,152 --a------ C:\WINDOWS\system32\dsuiext.dll
2006-12-10 00:08 111,104 --a------ C:\WINDOWS\system32\dgnet.dll
2006-12-10 00:08 110,592 --a------ C:\WINDOWS\system32\dbnetlib.dll
2006-12-10 00:08 110,080 --a------ C:\WINDOWS\system32\imm32.dll
2006-12-10 00:08 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\autolfn.exe
2006-12-10 00:08 11,264 --a------ C:\WINDOWS\system32\atmadm.exe
2006-12-10 00:08 105,984 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-12-10 00:08 104,448 --a------ C:\WINDOWS\system32\dmusic.dll
2006-12-10 00:08 103,424 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-12-10 00:08 101,888 --a------ C:\WINDOWS\system32\cscdll.dll
2006-12-10 00:08 101,888 --a------ C:\WINDOWS\system32\actxprxy.dll
2006-12-10 00:08 100,352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-12-10 00:08 10,752 --a------ C:\WINDOWS\system32\dumprep.exe
2006-12-10 00:08 10,752 --a------ C:\WINDOWS\hh.exe
2006-12-10 00:08 1,298,432 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-12-10 00:08 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-12-10 00:08 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-12-10 00:08 1,227,264 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-12-10 00:08 1,179,648 --a------ C:\WINDOWS\system32\d3d8.dll
2006-12-10 00:08 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2006-12-10 00:08 1,032,192 --a------ C:\WINDOWS\explorer.exe
2006-12-10 00:07 994,304 --a------ C:\WINDOWS\system32\msgina.dll
2006-12-10 00:07 97,280 --a------ C:\WINDOWS\system32\loadperf.dll
2006-12-10 00:07 96,768 --a------ C:\WINDOWS\system32\psbase.dll
2006-12-10 00:07 96,256 --a------ C:\WINDOWS\system32\occache.dll
2006-12-10 00:07 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-12-10 00:07 94,208 --a------ C:\WINDOWS\system32\odbcint.dll
2006-12-10 00:07 92,224 --a------ C:\WINDOWS\system32\krnl386.exe
2006-12-10 00:07 92,168 --a------ C:\WINDOWS\system32\rdpdd.dll
2006-12-10 00:07 90,624 --a------ C:\WINDOWS\system32\mydocs.dll
2006-12-10 00:07 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-12-10 00:07 9,216 --a------ C:\WINDOWS\system32\scrnsave.scr
2006-12-10 00:07 884,736 --a------ C:\WINDOWS\system32\msimsg.dll
2006-12-10 00:07 875,008 --a------ C:\WINDOWS\system32\netplwiz.dll
2006-12-10 00:07 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-12-10 00:07 87,040 --a------ C:\WINDOWS\system32\mprapi.dll
2006-12-10 00:07 86,016 --a------ C:\WINDOWS\system32\netsh.exe
2006-12-10 00:07 86,016 --a------ C:\WINDOWS\system32\msapsspc.dll
2006-12-10 00:07 85,504 --a------ C:\WINDOWS\system32\makecab.exe
2006-12-10 00:07 84,480 --a------ C:\WINDOWS\system32\mciavi32.dll
2006-12-10 00:07 831,519 --a------ C:\WINDOWS\system32\mswdat10.dll
2006-12-10 00:07 83,456 --a------ C:\WINDOWS\system32\olepro32.dll
2006-12-10 00:07 815,104 --a------ C:\WINDOWS\system32\mmc.exe
2006-12-10 00:07 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-12-10 00:07 80,896 --a------ C:\WINDOWS\system32\netui0.dll
2006-12-10 00:07 78,848 --a------ C:\WINDOWS\system32\msiexec.exe
2006-12-10 00:07 77,824 --a------ C:\WINDOWS\system32\shrpubw.exe
2006-12-10 00:07 77,312 --a------ C:\WINDOWS\system32\sdbinst.exe
2006-12-10 00:07 77,312 --a------ C:\WINDOWS\system32\rtcshare.exe
2006-12-10 00:07 733,696 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-12-10 00:07 73,728 --a------ C:\WINDOWS\system32\mscms.dll
2006-12-10 00:07 72,704 --a------ C:\WINDOWS\system32\msw3prt.dll
2006-12-10 00:07 72,704 --a------ C:\WINDOWS\system32\magnify.exe
2006-12-10 00:07 713,728 --a------ C:\WINDOWS\system32\opengl32.dll
2006-12-10 00:07 71,680 --a------ C:\WINDOWS\system32\msacm32.dll
2006-12-10 00:07 701,440 --a------ C:\WINDOWS\system32\msxml2.dll
2006-12-10 00:07 70,656 --a------ C:\WINDOWS\system32\mmcbase.dll
2006-12-10 00:07 70,144 --a------ C:\WINDOWS\system32\sigverif.exe
2006-12-10 00:07 7,424 --a------ C:\WINDOWS\system32\kd1394.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\scarddlg.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\raschap.dll
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\odbcconf.exe
2006-12-10 00:07 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\system32\notepad.exe
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\system32\msctfp.dll
2006-12-10 00:07 69,120 --a------ C:\WINDOWS\notepad.exe
2006-12-10 00:07 68,768 --a------ C:\WINDOWS\system32\mmsystem.dll
2006-12-10 00:07 68,768 --a------ C:\WINDOWS\system\mmsystem.dll
2006-12-10 00:07 68,096 --a------ C:\WINDOWS\system32\shgina.dll
2006-12-10 00:07 67,584 --a------ C:\WINDOWS\system32\osuninst.dll
2006-12-10 00:07 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-12-10 00:07 67,072 --a------ C:\WINDOWS\system32\ntdsapi.dll
2006-12-10 00:07 66,560 --a------ C:\WINDOWS\system32\mtxclu.dll
2006-12-10 00:07 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\shimeng.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\odbccu32.dll
2006-12-10 00:07 65,536 --a------ C:\WINDOWS\system32\odbccr32.dll
2006-12-10 00:07 622,080 --a------ C:\WINDOWS\system32\netcfgx.dll
2006-12-10 00:07 62,976 --a------ C:\WINDOWS\system32\pautoenr.dll
2006-12-10 00:07 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-12-10 00:07 614,429 --a------ C:\WINDOWS\system32\mswstr10.dll
2006-12-10 00:07 61,440 --a------ C:\WINDOWS\system32\msvcrt40.dll
2006-12-10 00:07 60,928 --a------ C:\WINDOWS\system32\miglibnt.dll
2006-12-10 00:07 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\sensapi.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\msidle.dll
2006-12-10 00:07 6,656 --a------ C:\WINDOWS\system32\laprxy.dll
2006-12-10 00:07 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\regsvc.dll
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\mpr.dll
2006-12-10 00:07 59,904 --a------ C:\WINDOWS\system32\ipv6mon.dll
2006-12-10 00:07 586,240 --a------ C:\WINDOWS\system32\mlang.dll
2006-12-10 00:07 581,120 --a------ C:\WINDOWS\system32\rpcrt4.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\resutils.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-12-10 00:07 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-12-10 00:07 58,368 --a------ C:\WINDOWS\system32\packager.exe
2006-12-10 00:07 57,344 --a------ C:\WINDOWS\system32\msasn1.dll
2006-12-10 00:07 562,176 --a------ C:\WINDOWS\system32\qedit.dll
2006-12-10 00:07 56,832 --a------ C:\WINDOWS\system32\rasphone.exe
2006-12-10 00:07 56,832 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-12-10 00:07 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-12-10 00:07 552,989 --a------ C:\WINDOWS\system32\msrepl40.dll
2006-12-10 00:07 55,808 --a------ C:\WINDOWS\system32\secur32.dll
2006-12-10 00:07 55,296 --a------ C:\WINDOWS\system32\sendmail.dll
2006-12-10 00:07 549,376 --a------ C:\WINDOWS\system32\shdoclc.dll
2006-12-10 00:07 54,784 --a------ C:\WINDOWS\system32\npptools.dll
2006-12-10 00:07 54,784 --a------ C:\WINDOWS\system32\msvcirt.dll
2006-12-10 00:07 54,272 --a------ C:\WINDOWS\system32\ixsso.dll
2006-12-10 00:07 53,760 --a------ C:\WINDOWS\system32\narrator.exe
2006-12-10 00:07 53,279 --a------ C:\WINDOWS\system32\odbcji32.dll
2006-12-10 00:07 53,279 --a------ C:\WINDOWS\system32\msjter40.dll
2006-12-10 00:07 53,248 --a------ C:\WINDOWS\system32\ipv6.exe
2006-12-10 00:07 514,560 --a------ C:\WINDOWS\system32\logonui.exe
2006-12-10 00:07 512,029 --a------ C:\WINDOWS\system32\msexch40.dll
2006-12-10 00:07 51,712 --a------ C:\WINDOWS\system32\msident.dll
2006-12-10 00:07 506,368 --a------ C:\WINDOWS\system32\msxml.dll
2006-12-10 00:07 50,688 --a------ C:\WINDOWS\system32\mmcshext.dll
2006-12-10 00:07 50,176 --a------ C:\WINDOWS\system32\reg.exe
2006-12-10 00:07 50,176 --a------ C:\WINDOWS\system32\proquota.exe
2006-12-10 00:07 5,632 --a------ C:\WINDOWS\system32\security.dll
2006-12-10 00:07 5,120 --a------ C:\WINDOWS\system32\sfc.dll
2006-12-10 00:07 49,664 --a------ C:\WINDOWS\system32\regapi.dll
2006-12-10 00:07 488,448 --a------ C:\WINDOWS\system32\ntmsmgr.dll
2006-12-10 00:07 48,128 --a------ C:\WINDOWS\system32\msprivs.dll
2006-12-10 00:07 47,616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2006-12-10 00:07 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-12-10 00:07 44,032 --a------ C:\WINDOWS\system32\rtutils.dll
2006-12-10 00:07 438,272 --a------ C:\WINDOWS\system32\shimgvw.dll
2006-12-10 00:07 435,200 --a------ C:\WINDOWS\system32\ntmssvc.dll
2006-12-10 00:07 431,616 --a------ C:\WINDOWS\system32\riched20.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\pstorec.dll
2006-12-10 00:07 43,520 --a------ C:\WINDOWS\system32\ntlanman.dll
2006-12-10 00:07 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-12-10 00:07 423,936 --a------ C:\WINDOWS\system32\licdll.dll
2006-12-10 00:07 421,919 --a------ C:\WINDOWS\system32\msrd2x40.dll
2006-12-10 00:07 42,496 --a------ C:\WINDOWS\system32\shmgrate.exe
2006-12-10 00:07 42,496 --a------ C:\WINDOWS\system32\net.exe
2006-12-10 00:07 413,696 --a------ C:\WINDOWS\system32\msvcp60.dll
2006-12-10 00:07 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-12-10 00:07 407,040 --a------ C:\WINDOWS\system32\netlogon.dll
2006-12-10 00:07 40,960 --a------ C:\WINDOWS\system32\ntmsapi.dll
2006-12-10 00:07 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2006-12-10 00:07 4,126 --a------ C:\WINDOWS\system32\msdxmlc.dll
2006-12-10 00:07 4,096 --a------ C:\WINDOWS\system32\nddeapir.exe
2006-12-10 00:07 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-12-10 00:07 399,872 --a------ C:\WINDOWS\system32\lmrt.dll
2006-12-10 00:07 397,824 --a------ C:\WINDOWS\system32\regwizc.dll
2006-12-10 00:07 395,776 --a------ C:\WINDOWS\system32\rpcss.dll
2006-12-10 00:07 39,936 --a------ C:\WINDOWS\system32\mf3216.dll
2006-12-10 00:07 385,024 --a------ C:\WINDOWS\system32\qdvd.dll
2006-12-10 00:07 384,000 --a------ C:\WINDOWS\system32\ipsmsnap.dll
2006-12-10 00:07 38,912 --a------ C:\WINDOWS\system32\sens.dll
2006-12-10 00:07 363,520 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-12-10 00:07 36,864 --a------ C:\WINDOWS\system32\netstat.exe
2006-12-10 00:07 36,864 --a------ C:\WINDOWS\system32\mscpxl32.dll
2006-12-10 00:07 36,352 --a------ C:\WINDOWS\system32\ncobjapi.dll
2006-12-10 00:07 356,352 --a------ C:\WINDOWS\system32\msscp.dll
2006-12-10 00:07 35,840 --a------ C:\WINDOWS\system32\rcimlby.exe
2006-12-10 00:07 35,648 --a------ C:\WINDOWS\system32\ntio411.sys
2006-12-10 00:07 35,424 --a------ C:\WINDOWS\system32\ntio412.sys
2006-12-10 00:07 35,328 --a------ C:\WINDOWS\system32\pid.dll
2006-12-10 00:07 35,328 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-12-10 00:07 348,189 --a------ C:\WINDOWS\system32\msxbde40.dll
2006-12-10 00:07 348,189 --a------ C:\WINDOWS\system32\mspbde40.dll
2006-12-10 00:07 343,040 --a------ C:\WINDOWS\system32\msvcrt.dll
2006-12-10 00:07 34,816 --a------ C:\WINDOWS\system32\perfproc.dll
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\ntio804.sys
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\ntio404.sys
2006-12-10 00:07 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-12-10 00:07 34,304 --a------ C:\WINDOWS\system32\pstorsvc.dll
2006-12-10 00:07 33,840 --a------ C:\WINDOWS\system32\ntio.sys
2006-12-10 00:07 33,280 --a------ C:\WINDOWS\system32\rundll32.exe
2006-12-10 00:07 329,728 --a------ C:\WINDOWS\system32\netsetup.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\odbcad32.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-12-10 00:07 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-12-10 00:07 319,517 --a------ C:\WINDOWS\system32\msexcl40.dll
2006-12-10 00:07 315,423 --a------ C:\WINDOWS\system32\msrd3x40.dll
2006-12-10 00:07 313,856 --a------ C:\WINDOWS\system32\scesrv.dll
2006-12-10 00:07 31,744 --a------ C:\WINDOWS\system32\rtipxmib.dll
2006-12-10 00:07 31,232 --a------ C:\WINDOWS\system32\sethc.exe
2006-12-10 00:07 30,208 --a------ C:\WINDOWS\system32\mspatcha.dll
2006-12-10 00:07 3,584 --a------ C:\WINDOWS\system32\msafd.dll
2006-12-10 00:07 3,338 --a------ C:\WINDOWS\system32\redir.exe
2006-12-10 00:07 294,400 --a------ C:\WINDOWS\system32\msctf.dll
2006-12-10 00:07 294,400 --a------ C:\WINDOWS\system32\kerberos.dll
2006-12-10 00:07 290,816 --a------ C:\WINDOWS\system32\msnsspc.dll
2006-12-10 00:07 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-12-10 00:07 29,184 --a------ C:\WINDOWS\system32\sendcmsg.dll
2006-12-10 00:07 29,184 --a------ C:\WINDOWS\system32\mshta.exe
2006-12-10 00:07 285,696 --a------ C:\WINDOWS\system32\objsel.dll
2006-12-10 00:07 283,648 --a------ C:\WINDOWS\system32\pdh.dll
2006-12-10 00:07 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-12-10 00:07 279,040 --a------ C:\WINDOWS\system32\qdv.dll
2006-12-10 00:07 278,559 --a------ C:\WINDOWS\system32\odbcjt32.dll
2006-12-10 00:07 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-12-10 00:07 271,360 --a------ C:\WINDOWS\system32\msihnd.dll
2006-12-10 00:07 27,648 --a------ C:\WINDOWS\system32\shscrap.dll
2006-12-10 00:07 27,648 --a------ C:\WINDOWS\system32\profmap.dll
2006-12-10 00:07 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2006-12-10 00:07 266,752 --a------ C:\WINDOWS\system32\oakley.dll
2006-12-10 00:07 26,624 --a------ C:\WINDOWS\system32\perfdisk.dll
2006-12-10 00:07 26,112 --a------ C:\WINDOWS\system32\skeys.exe
2006-12-10 00:07 259,072 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-12-10 00:07 258,077 --a------ C:\WINDOWS\system32\mstext40.dll
2006-12-10 00:07 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\shfolder.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\perfos.dll
2006-12-10 00:07 25,088 --a------ C:\WINDOWS\system32\mslbui.dll
2006-12-10 00:07 249,856 --a------ C:\WINDOWS\system32\odbc32.dll
2006-12-10 00:07 248,832 --a------ C:\WINDOWS\system32\newdev.dll
2006-12-10 00:07 248,832 --a------ C:\WINDOWS\system32\msieftp.dll
2006-12-10 00:07 245,760 --a------ C:\WINDOWS\system32\netui1.dll
2006-12-10 00:07 245,760 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-12-10 00:07 245,248 --a------ C:\WINDOWS\system32\mswsock.dll
2006-12-10 00:07 241,693 --a------ C:\WINDOWS\system32\msjtes40.dll
2006-12-10 00:07 240,640 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2006-12-10 00:07 24,576 --a------ C:\WINDOWS\system32\odbcbcp.dll
2006-12-10 00:07 237,568 --a------ C:\WINDOWS\system32\qasf.dll
2006-12-10 00:07 23,552 --a------ C:\WINDOWS\system32\mciwave.dll
2006-12-10 00:07 23,552 --a------ C:\WINDOWS\system32\ipxroute.exe
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\setup.exe
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\psapi.dll
2006-12-10 00:07 23,040 --a------ C:\WINDOWS\system32\mciseq.dll
2006-12-10 00:07 221,696 --a------ C:\WINDOWS\system32\localsec.dll
2006-12-10 00:07 220,672 --a------ C:\WINDOWS\system32\logon.scr
2006-12-10 00:07 22,528 --a------ C:\WINDOWS\system32\mfcsubs.dll
2006-12-10 00:07 22,016 --a------ C:\WINDOWS\system32\lpk.dll
2006-12-10 00:07 22,016 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-12-10 00:07 216,064 --a------ C:\WINDOWS\system32\moricons.dll
2006-12-10 00:07 215,552 --a------ C:\WINDOWS\system32\osk.exe
2006-12-10 00:07 213,023 --a------ C:\WINDOWS\system32\msltus40.dll
2006-12-10 00:07 21,504 --a------ C:\WINDOWS\system32\rcp.exe
2006-12-10 00:07 207,360 --a------ C:\WINDOWS\system32\mobsync.dll
2006-12-10 00:07 206,336 --a------ C:\WINDOWS\system32\rasppp.dll
2006-12-10 00:07 204,288 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-12-10 00:07 201,728 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-12-10 00:07 20,992 --a------ C:\WINDOWS\system32\sclgntfy.dll
2006-12-10 00:07 20,511 --a------ C:\WINDOWS\system32\odtext32.dll
2006-12-10 00:07 20,511 --a------ C:\WINDOWS\system32\oddbse32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odpdx32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odfox32.dll
2006-12-10 00:07 20,510 --a------ C:\WINDOWS\system32\odexl32.dll
2006-12-10 00:07 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-12-10 00:07 20,480 --a------ C:\WINDOWS\system32\msorc32r.dll
2006-12-10 00:07 2,890,240 --a------ C:\WINDOWS\system32\msi.dll
2006-12-10 00:07 198,144 --a------ C:\WINDOWS\system32\netman.dll
2006-12-10 00:07 195,072 --a------ C:\WINDOWS\system32\msutb.dll
2006-12-10 00:07 192,512 --a------ C:\WINDOWS\system32\qcap.dll
2006-12-10 00:07 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-12-10 00:07 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-12-10 00:07 19,456 --a------ C:\WINDOWS\system32\shutdown.exe
2006-12-10 00:07 180,224 --a------ C:\WINDOWS\system32\scecli.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\seclogon.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\rsmps.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\nddenb32.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\midimap.dll
2006-12-10 00:07 18,944 --a------ C:\WINDOWS\system32\linkinfo.dll
2006-12-10 00:07 179,712 --a------ C:\WINDOWS\system32\ntmsdba.dll
2006-12-10 00:07 176,128 --a------ C:\WINDOWS\system32\photowiz.dll
2006-12-10 00:07 171,008 --a------ C:\WINDOWS\system32\sccsccp.dll
2006-12-10 00:07 17,920 --a------ C:\WINDOWS\system32\ping.exe
2006-12-10 00:07 17,920 --a------ C:\WINDOWS\system32\nddeapi.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\powrprof.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\msyuv.dll
2006-12-10 00:07 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-12-10 00:07 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-12-10 00:07 16,896 --a------ C:\WINDOWS\system32\rassapi.dll
2006-12-10 00:07 16,384 --a------ C:\WINDOWS\system32\odbc32gt.dll
2006-12-10 00:07 159,744 --a------ C:\WINDOWS\system32\scrobj.dll
2006-12-10 00:07 159,232 --a------ C:\WINDOWS\system32\msimtf.dll
2006-12-10 00:07 153,600 --a------ C:\WINDOWS\system32\modemui.dll
2006-12-10 00:07 152,576 --a------ C:\WINDOWS\system32\rsaenh.dll
2006-12-10 00:07 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2006-12-10 00:07 151,583 --a------ C:\WINDOWS\system32\msjint40.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\shmedia.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\scrrun.dll
2006-12-10 00:07 151,552 --a------ C:\WINDOWS\system32\msdart.dll
2006-12-10 00:07 150,528 --a------ C:\WINDOWS\system32\keymgr.dll
2006-12-10 00:07 15,872 --a------ C:\WINDOWS\system32\perfmon.exe
2006-12-10 00:07 15,360 --a------ C:\WINDOWS\system32\pjlmon.dll
2006-12-10 00:07 15,360 --a------ C:\WINDOWS\system32\msisip.dll
2006-12-10 00:07 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-12-10 00:07 147,456 --a------ C:\WINDOWS\system32\odbctrac.dll
2006-12-10 00:07 143,872 --a------ C:\WINDOWS\system32\ntshrui.dll
2006-12-10 00:07 143,872 --a------ C:\WINDOWS\system32\itircl.dll
2006-12-10 00:07 143,360 --a------ C:\WINDOWS\system32\msorcl32.dll
2006-12-10 00:07 143,360 --a------ C:\WINDOWS\system32\mobsync.exe
2006-12-10 00:07 140,288 --a------ C:\WINDOWS\system32\sfc_os.dll
2006-12-10 00:07 14,848 --a------ C:\WINDOWS\system32\rsh.exe
2006-12-10 00:07 14,848 --a------ C:\WINDOWS\system32\mcastmib.dll
2006-12-10 00:07 14,336 --a------ C:\WINDOWS\system32\runonce.exe
2006-12-10 00:07 14,336 --a------ C:\WINDOWS\system32\msdmo.dll
2006-12-10 00:07 139,264 --a------ C:\WINDOWS\system32\netid.dll
2006-12-10 00:07 135,168 --a------ C:\WINDOWS\system32\odbcconf.dll
2006-12-10 00:07 134,656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-10 00:07 134,144 --a------ C:\WINDOWS\system32\itss.dll
2006-12-10 00:07 13,824 --a------ C:\WINDOWS\system32\rexec.exe
2006-12-10 00:07 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-12-10 00:07 13,312 --a------ C:\WINDOWS\system32\sigtab.dll
2006-12-10 00:07 13,312 --a------ C:\WINDOWS\system32\lsass.exe
2006-12-10 00:07 124,928 --a------ C:\WINDOWS\system32\net1.exe
2006-12-10 00:07 120,832 --a------ C:\WINDOWS\system32\offfilt.dll
2006-12-10 00:07 120,832 --a------ C:\WINDOWS\system32\msvfw32.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\odbcp32r.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\netrap.dll
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-12-10 00:07 12,288 --a------ C:\WINDOWS\system32\mscpx32r.dll
2006-12-10 00:07 118,784 --a------ C:\WINDOWS\system32\ntmarta.dll
2006-12-10 00:07 118,272 --a------ C:\WINDOWS\system32\mdminst.dll
2006-12-10 00:07 115,712 --a------ C:\WINDOWS\system32\mstlsapi.dll
2006-12-10 00:07 112,128 --a------ C:\WINDOWS\system32\rastls.dll
2006-12-10 00:07 111,104 --a------ C:\WINDOWS\system32\netdde.exe
2006-12-10 00:07 11,776 --a------ C:\WINDOWS\system32\regsvr32.exe
2006-12-10 00:07 11,776 --a------ C:\WINDOWS\system32\localui.dll
2006-12-10 00:07 11,264 --a------ C:\WINDOWS\system32\msrle32.dll
2006-12-10 00:07 109,568 --a------ C:\WINDOWS\system32\progman.exe
2006-12-10 00:07 107,008 --a------ C:\WINDOWS\system32\oleprn.dll
2006-12-10 00:07 106,496 --a------ C:\WINDOWS\system32\odbccp32.dll
2006-12-10 00:07 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-12-10 00:07 105,472 --a------ C:\WINDOWS\system32\polstore.dll
2006-12-10 00:07 103,936 --a------ C:\WINDOWS\system32\nlhtml.dll
2006-12-10 00:07 103,936 --a------ C:\WINDOWS\system32\logagent.exe
2006-12-10 00:07 102,400 --a------ C:\WINDOWS\system32\rcbdyctl.dll
2006-12-10 00:07 10,240 --a------ C:\WINDOWS\system32\lprhelp.dll
2006-12-10 00:07 1,708,032 --a------ C:\WINDOWS\system32\netshell.dll
2006-12-10 00:07 1,580,544 --a------ C:\WINDOWS\system32\sfcfiles.dll
2006-12-10 00:07 1,507,356 --a------ C:\WINDOWS\system32\msjet40.dll
2006-12-10 00:07 1,435,648 --a------ C:\WINDOWS\system32\query.dll
2006-12-10 00:07 1,428,480 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-12-10 00:07 1,392,671 --a------ C:\WINDOWS\system32\msvbvm60.dll
2006-12-10 00:07 1,287,680 --a------ C:\WINDOWS\system32\quartz.dll
2006-12-10 00:07 1,281,536 --a------ C:\WINDOWS\system32\ole32.dll
2006-12-10 00:07 1,236,480 --a------ C:\WINDOWS\system32\msxml3.dll
2006-12-10 00:07 1,192,960 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2006-12-10 00:07 1,028,096 --a------ C:\WINDOWS\system32\mfc42.dll
2006-12-10 00:07 1,024,000 --a------ C:\WINDOWS\system32\mfc42u.dll
2006-12-10 00:06 99,328 --a------ C:\WINDOWS\system32\winscard.dll
2006-12-10 00:06 984,576 --a------ C:\WINDOWS\system32\syssetup.dll
2006-12-10 00:06 983,552 --a------ C:\WINDOWS\system32\setupapi.dll
2006-12-10 00:06 98,304 --a------ C:\WINDOWS\system32\slbiop.dll
2006-12-10 00:06 96,768 --a------ C:\WINDOWS\system32\srvsvc.dll
2006-12-10 00:06 96,256 --a------ C:\WINDOWS\system32\drivers\scsiport.sys
2006-12-10 00:06 95,744 --a------ C:\WINDOWS\system32\scardsvr.exe
2006-12-10 00:06 95,360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2006-12-10 00:06 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-12-10 00:06 92,672 --a------ C:\WINDOWS\system32\wlnotify.dll
2006-12-10 00:06 92,032 --a------ C:\WINDOWS\system32\drivers\ksecdd.sys
2006-12-10 00:06 91,776 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2006-12-10 00:06 91,648 --a------ C:\WINDOWS\system32\xactsrv.dll
2006-12-10 00:06 91,136 --a------ C:\WINDOWS\system32\ntprint.dll
2006-12-10 00:06 90,624 --a------ C:\WINDOWS\system32\trkwks.dll
2006-12-10 00:06 89,600 --a------ C:\WINDOWS\system32\smlogsvc.exe
2006-12-10 00:06 89,088 --a------ C:\WINDOWS\system32\rasauto.dll
2006-12-10 00:06 88,448 --a------ C:\WINDOWS\system32\drivers\nwlnkipx.sys
2006-12-10 00:06 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2006-12-10 00:06 858,624 --a------ C:\WINDOWS\system32\tapi3.dll
2006-12-10 00:06 85,376 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-12-10 00:06 82,944 --a------ C:\WINDOWS\system32\ws2_32.dll
2006-12-10 00:06 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-12-10 00:06 809,984 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-12-10 00:06 80,128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2006-12-10 00:06 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2006-12-10 00:06 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-12-10 00:06 8,192 --a------ C:\WINDOWS\system32\ntlsapi.dll
2006-12-10 00:06 799,744 --a------ C:\WINDOWS\system32\drivers\dmboot.sys
2006-12-10 00:06 79,744 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2006-12-10 00:06 764,928 --a------ C:\WINDOWS\system32\winntbbu.dll
2006-12-10 00:06 76,800 --a------ C:\WINDOWS\system32\nslookup.exe
2006-12-10 00:06 759,296 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-12-10 00:06 75,776 --a------ C:\WINDOWS\system32\wiascr.dll
2006-12-10 00:06 75,264 --a------ C:\WINDOWS\system32\telnet.exe
2006-12-10 00:06 75,264 --a------ C:\WINDOWS\system32\locator.exe
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\spoolss.dll
2006-12-10 00:06 74,752 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2006-12-10 00:06 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-12-10 00:06 74,240 --a------ C:\WINDOWS\system32\unimdmat.dll
2006-12-10 00:06 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-12-10 00:06 723,456 --a------ C:\WINDOWS\system32\userenv.dll
2006-12-10 00:06 721,920 --a------ C:\WINDOWS\system32\lsasrv.dll
2006-12-10 00:06 713,216 --a------ C:\WINDOWS\system32\sxs.dll
2006-12-10 00:06 71,680 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2006-12-10 00:06 71,552 --a------ C:\WINDOWS\system32\drivers\bridge.sys
2006-12-10 00:06 71,040 --a------ C:\WINDOWS\system32\drivers\dxg.sys
2006-12-10 00:06 708,096 --a------ C:\WINDOWS\system32\ntdll.dll
2006-12-10 00:06 704,512 --a------ C:\WINDOWS\system32\ss3dfo.scr
2006-12-10 00:06 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-12-10 00:06 69,120 --a------ C:\WINDOWS\system32\drivers\psched.sys
2006-12-10 00:06 68,224 --a------ C:\WINDOWS\system32\drivers\pci.sys
2006-12-10 00:06 679,936 --a------ C:\WINDOWS\system32\sstext3d.scr
2006-12-10 00:06 670,720 --a------ C:\WINDOWS\system32\wmadmoe.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\webclnt.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\sti.dll
2006-12-10 00:06 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-12-10 00:06 66,176 --a------ C:\WINDOWS\system32\drivers\udfs.sys
2006-12-10 00:06 657,920 --a------ C:\WINDOWS\system32\rasdlg.dll
2006-12-10 00:06 65,536 --a------ C:\WINDOWS\system32\wshext.dll
2006-12-10 00:06 65,536 --a------ C:\WINDOWS\system32\wextract.exe
2006-12-10 00:06 64,896 --a------ C:\WINDOWS\system32\drivers\serial.sys
2006-12-10 00:06 64,000 --a------ C:\WINDOWS\system32\samlib.dll
2006-12-10 00:06 63,744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2006-12-10 00:06 63,744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2006-12-10 00:06 616,960 --a------ C:\WINDOWS\system32\advapi32.dll
2006-12-10 00:06 611,328 --a------ C:\WINDOWS\system32\comctl32.dll
2006-12-10 00:06 610,304 --a------ C:\WINDOWS\system32\sspipes.scr
2006-12-10 00:06 61,824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2006-12-10 00:06 61,440 --a------ C:\WINDOWS\system32\rasman.dll
2006-12-10 00:06 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2006-12-10 00:06 602,624 --a------ C:\WINDOWS\system32\autoconv.exe
2006-12-10 00:06 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-12-10 00:06 60,800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2006-12-10 00:06 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-12-10 00:06 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-12-10 00:06 59,904 --a------ C:\WINDOWS\system32\drivers\atmarpc.sys
2006-12-10 00:06 589,312 --a------ C:\WINDOWS\system32\wiashext.dll
2006-12-10 00:06 588,800 --a------ C:\WINDOWS\system32\autochk.exe
2006-12-10 00:06 58,880 --a------ C:\WINDOWS\system32\rastapi.dll
2006-12-10 00:06 577,024 --a------ C:\WINDOWS\system32\user32.dll
2006-12-10 00:06 574,592 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2006-12-10 00:06 57,856 --a------ C:\WINDOWS\system32\synceng.dll
2006-12-10 00:06 57,856 --a------ C:\WINDOWS\system32\spoolsv.exe
2006-12-10 00:06 57,600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2006-12-10 00:06 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-12-10 00:06 560,640 --a------ C:\WINDOWS\system32\printui.dll
2006-12-10 00:06 553,472 --a------ C:\WINDOWS\system32\oleaut32.dll
2006-12-10 00:06 55,936 --a------ C:\WINDOWS\system32\drivers\atmlane.sys
2006-12-10 00:06 53,760 --a------ C:\WINDOWS\system32\winsta.dll
2006-12-10 00:06 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2006-12-10 00:06 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2006-12-10 00:06 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2006-12-10 00:06 52,352 --a------ C:\WINDOWS\system32\drivers\volsnap.sys
2006-12-10 00:06 51,712 --a------ C:\WINDOWS\system32\wzcsapi.dll
2006-12-10 00:06 51,712 --a------ C:\WINDOWS\system32\vdmredir.dll
2006-12-10 00:06 51,328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2006-12-10 00:06 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-12-10 00:06 502,272 --a------ C:\WINDOWS\system32\winlogon.exe
2006-12-10 00:06 50,688 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-12-10 00:06 50,688 --a------ C:\WINDOWS\system32\smss.exe
2006-12-10 00:06 50,176 --a------ C:\WINDOWS\system32\utilman.exe
2006-12-10 00:06 5,632 --a------ C:\WINDOWS\system32\wmi.dll
2006-12-10 00:06 5,632 --a------ C:\WINDOWS\system32\winver.exe
2006-12-10 00:06 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-12-10 00:06 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2006-12-10 00:06 5,376 --a------ C:\WINDOWS\system32\drivers\viaide.sys
2006-12-10 00:06 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-12-10 00:06 49,664 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2006-12-10 00:06 49,536 --a------ C:\WINDOWS\system32\drivers\cdrom.sys
2006-12-10 00:06 49,152 --a------ C:\WINDOWS\system32\wdigest.dll
2006-12-10 00:06 48,640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-12-10 00:06 48,384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2006-12-10 00:06 47,104 --a------ C:\WINDOWS\system32\ssmypics.scr
2006-12-10 00:06 463,360 --a------ C:\WINDOWS\system32\wiadefui.dll
2006-12-10 00:06 453,120 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2006-12-10 00:06 45,568 --a------ C:\WINDOWS\system32\tcpmonui.dll
2006-12-10 00:06 45,568 --a------ C:\WINDOWS\system32\tcpmon.dll
2006-12-10 00:06 442,368 --a------ C:\WINDOWS\system32\sqlsrv32.dll
2006-12-10 00:06 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-12-10 00:06 433,664 --a------ C:\WINDOWS\system32\wiaacmgr.exe
2006-12-10 00:06 430,592 --a------ C:\WINDOWS\system32\vssapi.dll
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\wsnmp32.dll
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\ftp.exe
2006-12-10 00:06 42,496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2006-12-10 00:06 42,240 --a------ C:\WINDOWS\system32\drivers\mountmgr.sys
2006-12-10 00:06 419,840 --a------ C:\WINDOWS\system32\ntvdm.exe
2006-12-10 00:06 417,792 --a------ C:\WINDOWS\system32\vbscript.dll
2006-12-10 00:06 415,744 --a------ C:\WINDOWS\system32\samsrv.dll
2006-12-10 00:06 41,856 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2006-12-10 00:06 41,472 --a------ C:\WINDOWS\system32\drivers\raspppoe.sys
2006-12-10 00:06 408,064 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-12-10 00:06 406,528 --a------ C:\WINDOWS\system32\usp10.dll
2006-12-10 00:06 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2006-12-10 00:06 40,320 --a------ C:\WINDOWS\system32\drivers\nmnt.sys
2006-12-10 00:06 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-12-10 00:06 4,352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-12-10 00:06 393,216 --a------ C:\WINDOWS\system32\ssflwbox.scr
2006-12-10 00:06 39,936 --a------ C:\WINDOWS\system32\rshx32.dll
2006-12-10 00:06 39,936 --a------ C:\WINDOWS\system32\perfctrs.dll
2006-12-10 00:06 388,608 --a------ C:\WINDOWS\system32\cmd.exe
2006-12-10 00:06 385,536 --a------ C:\WINDOWS\system32\themeui.dll
2006-12-10 00:06 378,368 --a------ C:\WINDOWS\system32\wzcdlg.dll
2006-12-10 00:06 37,888 --a------ C:\WINDOWS\system32\url.dll
2006-12-10 00:06 363,008 --a------ C:\WINDOWS\system32\smlogcfg.dll
2006-12-10 00:06 36,992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2006-12-10 00:06 36,480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2006-12-10 00:06 36,352 --a------ C:\WINDOWS\system32\drivers\disk.sys
2006-12-10 00:06 36,224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2006-12-10 00:06 359,936 --a------ C:\WINDOWS\system32\wzcsvc.dll
2006-12-10 00:06 359,040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2006-12-10 00:06 358,400 --a------ C:\WINDOWS\system32\termmgr.dll
2006-12-10 00:06 35,840 --a------ C:\WINDOWS\system32\umandlg.dll
2006-12-10 00:06 35,328 --a------ C:\WINDOWS\system32\drivers\processr.sys
2006-12-10 00:06 35,072 --a------ C:\WINDOWS\system32\drivers\msgpc.sys
2006-12-10 00:06 347,136 --a------ C:\WINDOWS\system32\tourstart.exe
2006-12-10 00:06 341,504 --a------ C:\WINDOWS\system32\localspl.dll
2006-12-10 00:06 34,816 --a------ C:\WINDOWS\system32\ssdpapi.dll
2006-12-10 00:06 34,560 --a------ C:\WINDOWS\system32\drivers\wanarp.sys
2006-12-10 00:06 34,560 --a------ C:\WINDOWS\system32\drivers\netbios.sys
2006-12-10 00:06 337,920 --a------ C:\WINDOWS\system32\zipfldr.dll
2006-12-10 00:06 336,256 --a------ C:\WINDOWS\system32\drivers\srv.sys
2006-12-10 00:06 333,312 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-12-10 00:06 33,792 --a------ C:\WINDOWS\system32\msgsvc.dll
2006-12-10 00:06 32,768 --a------ C:\WINDOWS\system32\winipsec.dll
2006-12-10 00:06 32,768 --a------ C:\WINDOWS\system32\csrsrv.dll
2006-12-10 00:06 32,256 --a------ C:\WINDOWS\system32\wpnpinst.exe
2006-12-10 00:06 32,256 --a------ C:\WINDOWS\system32\wpabaln.exe
2006-12-10 00:06 316,416 --a------ C:\WINDOWS\system32\untfs.dll
2006-12-10 00:06 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-12-10 00:06 306,176 --a------ C:\WINDOWS\system32\slbcsp.dll
2006-12-10 00:06 303,616 --a------ C:\WINDOWS\system32\wmstream.dll
2006-12-10 00:06 30,848 --a------ C:\WINDOWS\system32\drivers\npfs.sys
2006-12-10 00:06 30,749 --a------ C:\WINDOWS\system32\vbajet32.dll
2006-12-10 00:06 30,720 --a------ C:\WINDOWS\system32\xcopy.exe
2006-12-10 00:06 30,080 --a------ C:\WINDOWS\system32\drivers\rndismp.sys
2006-12-10 00:06 30,080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2006-12-10 00:06 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-12-10 00:06 291,328 --a------ C:\WINDOWS\system32\winsrv.dll
2006-12-10 00:06 289,792 --a------ C:\WINDOWS\system32\vssvc.exe
2006-12-10 00:06 28,672 --a------ C:\WINDOWS\system32\wshcon.dll
2006-12-10 00:06 276,992 --a------ C:\WINDOWS\system32\comdlg32.dll
2006-12-10 00:06 276,480 --a------ C:\WINDOWS\system32\webcheck.dll
2006-12-10 00:06 275,456 --a------ C:\WINDOWS\system32\ulib.dll
2006-12-10 00:06 27,392 --a------ C:\WINDOWS\system32\drivers\fdc.sys
2006-12-10 00:06 27,136 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-12-10 00:06 264,192 --a------ C:\WINDOWS\system32\wow32.dll
2006-12-10 00:06 26,496 --a------ C:\WINDOWS\system32\drivers\usbstor.sys
2006-12-10 00:06 26,112 --a------ C
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

combofix log 2 (cont)

Unread postby kizmdyno » December 17th, 2006, 9:21 pm

2006-12-10 00:06 26,496 --a------ C:\WINDOWS\system32\drivers\usbstor.sys
2006-12-10 00:06 26,112 --a------ C:\WINDOWS\system32\vdmdbg.dll
2006-12-10 00:06 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-12-10 00:06 25,600 --a------ C:\WINDOWS\system32\udhisapi.dll
2006-12-10 00:06 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2006-12-10 00:06 25,472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2006-12-10 00:06 25,088 --a------ C:\WINDOWS\system32\slayerxp.dll
2006-12-10 00:06 25,088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2006-12-10 00:06 246,302 --a------ C:\WINDOWS\system32\strmdll.dll
2006-12-10 00:06 246,272 --a------ C:\WINDOWS\system32\tapisrv.dll
2006-12-10 00:06 24,960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys
2006-12-10 00:06 24,576 --a------ C:\WINDOWS\system32\userinit.exe
2006-12-10 00:06 24,576 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2006-12-10 00:06 239,616 --a------ C:\WINDOWS\system32\upnpui.dll
2006-12-10 00:06 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-12-10 00:06 236,544 --a------ C:\WINDOWS\system32\rasapi32.dll
2006-12-10 00:06 230,400 --a------ C:\WINDOWS\system32\wmasf.dll
2006-12-10 00:06 23,552 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-12-10 00:06 23,040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2006-12-10 00:06 223,616 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2006-12-10 00:06 22,528 --a------ C:\WINDOWS\system32\wsock32.dll
2006-12-10 00:06 218,624 --a------ C:\WINDOWS\system32\uxtheme.dll
2006-12-10 00:06 210,432 --a------ C:\WINDOWS\system32\t2embed.dll
2006-12-10 00:06 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-12-10 00:06 209,408 --a------ C:\WINDOWS\system32\drivers\update.sys
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\ssmarque.scr
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\drivers\vga.sys
2006-12-10 00:06 20,992 --a------ C:\WINDOWS\system32\drivers\ipinip.sys
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpui.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpcore.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\wmpcd.dll
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2006-12-10 00:06 20,480 --a------ C:\WINDOWS\system32\drivers\flpydisk.sys
2006-12-10 00:06 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-12-10 00:06 2,940,928 --a------ C:\WINDOWS\system32\wmploc.dll
2006-12-10 00:06 2,179,328 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2006-12-10 00:06 2,105,344 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-12-10 00:06 2,056,832 --a------ C:\WINDOWS\system32\ntkrnlpa.exe
2006-12-10 00:06 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2006-12-10 00:06 191,488 --a------ C:\WINDOWS\system32\syncui.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\wshtcpip.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\ws2help.dll
2006-12-10 00:06 19,968 --a------ C:\WINDOWS\system32\ssbezier.scr
2006-12-10 00:06 19,328 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-12-10 00:06 19,072 --a------ C:\WINDOWS\system32\drivers\msfs.sys
2006-12-10 00:06 187,776 --a------ C:\WINDOWS\system32\drivers\acpi.sys
2006-12-10 00:06 185,344 --a------ C:\WINDOWS\system32\upnphost.dll
2006-12-10 00:06 182,912 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2006-12-10 00:06 182,272 --a------ C:\WINDOWS\system32\snmpsnap.dll
2006-12-10 00:06 181,760 --a------ C:\WINDOWS\system32\tapi32.dll
2006-12-10 00:06 181,248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2006-12-10 00:06 180,800 --a------ C:\WINDOWS\system32\sqlunirl.dll
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\version.dll
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\ssmyst.scr
2006-12-10 00:06 18,944 --a------ C:\WINDOWS\system32\snmpapi.dll
2006-12-10 00:06 18,560 --a------ C:\WINDOWS\system32\drivers\tdi.sys
2006-12-10 00:06 18,432 --a------ C:\WINDOWS\system32\wtsapi32.dll
2006-12-10 00:06 18,432 --a------ C:\WINDOWS\system32\ups.exe
2006-12-10 00:06 176,640 --a------ C:\WINDOWS\system32\wintrust.dll
2006-12-10 00:06 176,128 --a------ C:\WINDOWS\system32\winmm.dll
2006-12-10 00:06 174,592 --a------ C:\WINDOWS\system32\w32time.dll
2006-12-10 00:06 174,592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2006-12-10 00:06 174,200 --a------ C:\WINDOWS\system32\xenroll.dll
2006-12-10 00:06 172,032 --a------ C:\WINDOWS\system32\wldap32.dll
2006-12-10 00:06 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-12-10 00:06 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-12-10 00:06 17,664 --a------ C:\WINDOWS\system32\watchdog.sys
2006-12-10 00:06 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-12-10 00:06 162,816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\winrnr.dll
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\usbmon.dll
2006-12-10 00:06 16,896 --a------ C:\WINDOWS\system32\upnpcont.exe
2006-12-10 00:06 16,000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2006-12-10 00:06 153,344 --a------ C:\WINDOWS\system32\drivers\dmio.sys
2006-12-10 00:06 15,488 --a------ C:\WINDOWS\system32\drivers\serenum.sys
2006-12-10 00:06 15,360 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-12-10 00:06 15,360 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-12-10 00:06 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2006-12-10 00:06 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2006-12-10 00:06 144,896 --a------ C:\WINDOWS\system32\schannel.dll
2006-12-10 00:06 144,384 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-12-10 00:06 144,384 --a------ C:\WINDOWS\system32\imagehlp.dll
2006-12-10 00:06 143,360 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2006-12-10 00:06 142,976 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2006-12-10 00:06 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-12-10 00:06 140,928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-12-10 00:06 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-12-10 00:06 14,976 --a------ C:\WINDOWS\system32\drivers\tape.sys
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\tcpmib.dll
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\stimon.exe
2006-12-10 00:06 14,848 --a------ C:\WINDOWS\system32\mgmtapi.dll
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\wship6.dll
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\svchost.exe
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\ssstars.scr
2006-12-10 00:06 14,336 --a------ C:\WINDOWS\system32\drivers\asyncmac.sys
2006-12-10 00:06 14,208 --a------ C:\WINDOWS\system32\drivers\diskdump.sys
2006-12-10 00:06 14,080 --a------ C:\WINDOWS\system32\drivers\cmbatt.sys
2006-12-10 00:06 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006-12-10 00:06 138,496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2006-12-10 00:06 136,704 --a------ C:\WINDOWS\system32\sti_ci.dll
2006-12-10 00:06 135,680 --a------ C:\WINDOWS\system32\webvw.dll
2006-12-10 00:06 135,680 --a------ C:\WINDOWS\system32\taskmgr.exe
2006-12-10 00:06 134,912 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2006-12-10 00:06 132,608 --a------ C:\WINDOWS\system32\upnp.dll
2006-12-10 00:06 132,096 --a------ C:\WINDOWS\system32\wkssvc.dll
2006-12-10 00:06 13,824 --a------ C:\WINDOWS\system32\uniplat.dll
2006-12-10 00:06 13,824 --a------ C:\WINDOWS\system32\lmhsvc.dll
2006-12-10 00:06 13,312 --a------ C:\WINDOWS\system32\savedump.exe
2006-12-10 00:06 129,536 --a------ C:\WINDOWS\system32\msv1_0.dll
2006-12-10 00:06 124,416 --a------ C:\WINDOWS\system32\wiadss.dll
2006-12-10 00:06 121,856 --a------ C:\WINDOWS\system32\stobject.dll
2006-12-10 00:06 12,928 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2006-12-10 00:06 12,672 --a------ C:\WINDOWS\system32\drivers\usb8023.sys
2006-12-10 00:06 12,288 --a------ C:\WINDOWS\system32\tracert.exe
2006-12-10 00:06 12,168 --a------ C:\WINDOWS\system32\tsddd.dll
2006-12-10 00:06 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-12-10 00:06 119,936 --a------ C:\WINDOWS\system32\drivers\pcmcia.sys
2006-12-10 00:06 118,272 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2006-12-10 00:06 115,200 --a------ C:\WINDOWS\system32\wmsdmoe.dll
2006-12-10 00:06 114,688 --a------ C:\WINDOWS\system32\wscript.exe
2006-12-10 00:06 111,104 --a------ C:\WINDOWS\system32\wiavideo.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\wshrm.dll
2006-12-10 00:06 11,776 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-12-10 00:06 11,392 --a------ C:\WINDOWS\system32\drivers\sfloppy.sys
2006-12-10 00:06 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-12-10 00:06 11,136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-12-10 00:06 108,032 --a------ C:\WINDOWS\system32\services.exe
2006-12-10 00:06 107,904 --a------ C:\WINDOWS\system32\drivers\mup.sys
2006-12-10 00:06 105,984 --a------ C:\WINDOWS\system32\sysocmgr.exe
2006-12-10 00:06 102,400 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-12-10 00:06 101,888 --a------ C:\WINDOWS\system32\win32spl.dll
2006-12-10 00:06 101,376 --a------ C:\WINDOWS\system32\txflog.dll
2006-12-10 00:06 10,880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-12-10 00:06 1,836,288 --a------ C:\WINDOWS\system32\win32k.sys
2006-12-10 00:06 1,050,624 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2006-12-10 00:05 <DIR> d-------- C:\WINDOWS\EHome
2006-12-09 21:02 16,694 --a------ C:\WINDOWS\system32\drivers\PalmUSBD.sys
2006-12-09 21:02 <DIR> d-------- C:\palm
2006-12-09 18:12 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\Arcsoft
2006-12-09 17:56 53,248 --a------ C:\WINDOWS\PalmDevC.dll
2006-12-09 17:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HotSync
2006-12-09 17:53 <DIR> d-------- C:\Program Files\palmOne
2006-12-09 17:52 <DIR> d-------- C:\Documents and Settings\Staples\Application Data\HotSync
2006-11-21 22:08 <DIR> d-------- C:\Install iTunes
2006-11-21 22:07 <DIR> d-------- C:\Install ICQ
2006-11-21 22:07 <DIR> d-------- C:\AOL Instant Messenger


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-11 03:09 -------- d-------- C:\Program Files\Windows Media Player
2006-12-10 20:19 -------- d-------- C:\Program Files\Common Files\imfw
2006-12-10 19:22 -------- d---s---- C:\Documents and Settings\Staples\Application Data\Microsoft
2006-12-10 19:05 -------- d-------- C:\Program Files\Messenger
2006-12-10 18:44 -------- d-------- C:\Program Files\Movie Maker
2006-12-10 18:44 -------- d-------- C:\Program Files\Internet Explorer
2006-12-10 18:38 -------- d-------- C:\Program Files\NetMeeting
2006-12-10 18:37 -------- d-------- C:\Program Files\Outlook Express
2006-12-10 18:37 -------- d-------- C:\Program Files\Common Files\System
2006-12-10 17:52 -------- d-------- C:\Program Files\MenuPro
2006-12-10 13:13 -------- d-------- C:\Program Files\Pure Networks
2006-12-10 13:13 -------- d-------- C:\Program Files\Common Files
2006-12-10 12:57 -------- d-------- C:\Program Files\Easy Internet signup
2006-12-10 12:54 -------- d-------- C:\Program Files\Common Files\AOL
2006-12-10 12:54 -------- d-------- C:\Documents and Settings\Staples\Application Data\AOL
2006-12-10 03:11 -------- d-------- C:\Program Files\Symantec
2006-12-10 01:25 -------- d--h----- C:\Program Files\WindowsUpdate
2006-11-29 12:39 -------- d-------- C:\Program Files\mobile PhoneTools
2006-11-26 11:15 -------- d-------- C:\Documents and Settings\Staples\Application Data\Share-to-Web Upload Folder
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MMTray"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Share-to-Web Namespace Daemon"="C:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnd.exe"
"RoxioEngineUtility"="\"C:\\Program Files\\Common Files\\Roxio Shared\\System\\EngUtil.exe\""
"RoxioDragToDisc"="\"C:\\Program Files\\Roxio\\Easy CD Creator 6\\DragToDisc\\DrgToDsc.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"QT4HPOT"="C:\\Program Files\\HPQ\\One-Touch\\OneTouch.EXE"
"Lexmark X5100 Series"="\"C:\\Program Files\\Lexmark X5100 Series\\lxbabmgr.exe\""
"HPHUPD05"="c:\\Program Files\\Hewlett-Packard\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
"HPHmon05"="C:\\WINDOWS\\System32\\hphmon05.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb08.exe"
"HP Software Update"="\"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd.exe\""
"Display Settings"="C:\\Program Files\\HPQ\\Notebook Utilities\\hptasks.exe /s"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"CARPService"="carpserv.exe"
"CamMonitor"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\\\Unload\\hpqcmon.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATIModeChange"="Ati2mdxx.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"_NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"cmdService"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Symantec NetDetect.job

Completion time: 06-12-17 20:06:59.32
C:\ComboFix.txt ... 06-12-17 20:06
C:\ComboFix2.txt ... 06-12-17 13:19
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

hijackthis run 2 log

Unread postby kizmdyno » December 17th, 2006, 9:22 pm

Logfile of HijackThis v1.99.1
Scan saved at 8:08:24 PM, on 12/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\palmOne\Hotsync.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Staples\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5280391607
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Secure HTTP (Service Secured) - Unknown owner - C:\WINDOWS\csrvs.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

Unread postby Shaba » December 18th, 2006, 3:11 am

Hi

Go to start -> run -> services.msc -> ok
Find this:

Secure HTTP (Service Secured)

Doubleclick it, click stop and select startuptype disabled

Go to start -> run -> cmd -> ok
Type sc delete "Service Secured" and press enter

Reboot

Delete this:

C:\Program Files\Common Files\imfw

Empty these folders:

C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\
C:\Program Files\a-squared Free\Quarantine

Empty Recycle Bin

Re-scan with kaspersky

Send:

- a fresh HijackThis log
- kaspersky report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

kaspersky report

Unread postby kizmdyno » December 19th, 2006, 8:53 am

I did not "fix" any of these problems in Kaspersky

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, December 19, 2006 7:48:23 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 19/12/2006
Kaspersky Anti-Virus database records: 251820
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 66458
Number of viruses found: 8
Number of infected objects: 168 / 0
Number of suspicious objects: 2
Duration of the scan process: 02:47:30

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/mte3ndi6odoxng.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Staples\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\History\History.IE5\MSHist012006121120061218\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\History\History.IE5\MSHist012006121820061219\index.dat Object is locked skipped
C:\Documents and Settings\Staples\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Staples\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Staples\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Staples\UserData\index.dat Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090667.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090672.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090691.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090698.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP165\A0090718.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP166\A0091757.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP168\A0091819.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0100928.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0100947.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0101148.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP169\A0101155.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101202.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101228.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101229.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101293.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101317.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101318.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101340.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101341.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101345.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP170\A0101351.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101935.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101939.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101950.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101960.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101964.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101973.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101984.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101988.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0101992.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP171\A0102000.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0104917.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0104924.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105018.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar/whAgent.exe Infected: not-a-virus:AdWare.Win32.WebHancer.351 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar/whInstaller.exe Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe/data.rar Infected: not-a-virus:AdWare.Win32.WebHancer.381 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105028.exe RarSFX: infected - 3 skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105029.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105030.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105031.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105032.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105033.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105034.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105035.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105036.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105037.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105038.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105039.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105040.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105041.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105042.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105043.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105044.dLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105045.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105046.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105047.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105048.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105049.dll Infected: not-a-virus:AdWare.Win32.Sud.e skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105050.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105051.exe Infected: Trojan-Downloader.Win32.Adload.j skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105052.exe Infected: not-a-virus:AdWare.Win32.WinAD.bo skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP172\A0105053.exe Infected: Trojan.Win32.Crypt.t skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105065.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105067.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105083.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105084.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105090.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP173\A0105096.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105158.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105379.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105446.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105452.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105453.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105454.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105455.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105456.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105457.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105458.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105459.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105460.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105461.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105462.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105463.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105464.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105465.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105466.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105467.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105468.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105469.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105470.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105471.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105472.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105473.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105474.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105475.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105476.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105477.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105478.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105479.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105480.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105481.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105482.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105483.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105484.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105485.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105486.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105487.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105488.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105489.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105490.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105491.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105492.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105493.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105494.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105495.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105496.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105497.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105498.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105499.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105500.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105501.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105502.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105503.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105504.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105505.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105506.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105507.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105508.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105509.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105510.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105511.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105512.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105513.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105514.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105515.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105516.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105517.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105518.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105519.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105520.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105521.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105522.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105523.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105524.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105525.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105526.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105527.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105528.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105529.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105530.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105531.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105532.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105533.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105534.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105535.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105536.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105537.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105538.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105539.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105540.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105541.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105542.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105543.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105544.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105545.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105546.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP174\A0105547.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab skipped
C:\System Volume Information\_restore{2E9DCF39-6F73-409D-8C36-24193BEF49E3}\RP176\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\msnavpklog.txt Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{A57C99BB-506F-4CA8-92B5-E9A14D2E9180}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

hijack this log

Unread postby kizmdyno » December 19th, 2006, 8:54 am

Logfile of HijackThis v1.99.1
Scan saved at 7:49:21 AM, on 12/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\palmOne\Hotsync.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Staples\Desktop\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5280391607
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am

Unread postby Shaba » December 19th, 2006, 11:34 am

Hi

Logs look good.

You have viruses but they're all in system restore which can be easily cleaned. I give you later instructions how.

Do you still have problems?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

thanks for all your help

Unread postby kizmdyno » December 19th, 2006, 10:04 pm

no more problems! I appreciate your time and effort. You did an excellent job. :D :D
kizmdyno
Active Member
 
Posts: 11
Joined: December 17th, 2006, 11:35 am
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware