OKay,
From Jotti:
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file.
Dss Log:
Main:
Deckard's System Scanner v20071014.68
Run by chen on 2007-11-19 07:37:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
52: 2007-11-18 23:37:44 UTC - RP67 - Deckard's System Scanner Restore Point
51: 2007-11-18 06:46:55 UTC - RP66 - 系统检查点
50: 2007-11-17 05:26:46 UTC - RP65 - ComboFix created restore point
49: 2007-11-16 08:47:30 UTC - RP64 - 未签署驱动程序安装
48: 2007-11-16 07:21:43 UTC - RP63 - 未签署驱动程序安装
-- First Restore Point --
1: 2007-11-09 09:41:57 UTC - RP16 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as chen.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:39, on 2007-11-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\chen\桌面\dss.exe
C:\chen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3930D164-6564-4099-A33E-2DD4DFBC4669} - C:\WINDOWS\system32\ssqpm.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {96BEE5B7-892D-4A91-82F8-17C585B67D8C} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [combofix] "C:\WINDOWS\system32\cmd.exe" /c "cd /d C:\ComboFix\ & Combobatch.bat"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - est2015.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 7085 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 8g0yr9zmam (8g0yr9zma) - c:\windows\system32\drivers\8g0yr9zmam.sys
R1 eabfiltr - c:\windows\system32\drivers\eabfiltr.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HPQuick Launch Buttons>
R1 FsVga - c:\windows\system32\drivers\fsvga.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface x86 Driver>
R3 HBtnKey - c:\windows\system32\drivers\cpqbttn.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
R3 HSF_DPV - c:\windows\system32\drivers\hsf_dpv.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSFHWAZL - c:\windows\system32\drivers\hsfhwazl.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
S0 kl1 - c:\windows\system32\drivers\kl1.sys (file missing)
S2 enl618yqxl - c:\windows\system32\drivers\enl618yqxl.sys (file missing)
S3 catchme - c:\docume~1\chen\locals~1\temp\catchme.sys (file missing)
S3 eabusb - c:\windows\system32\drivers\eabusb.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 FE574465 - c:\windows\system32\1cd0c26.exe -k (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2007-10-19 and 2007-11-19 -----------------------------
2008-11-12 12:00:00 40960 --a------ C:\WINDOWS\system32\VBAME.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-11-12 12:00:00 15872 --a------ C:\WINDOWS\system32\SCP32.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-11-12 12:00:00 94208 --a------ C:\WINDOWS\system32\MSSTKPRP.DLL <Not Verified; Microsoft Corporation; msprop32>
2008-11-12 12:00:00 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-11-12 12:00:00 7168 --a------ C:\WINDOWS\system32\MSPRPCHS.DLL <Not Verified; Microsoft Corporation; msprop32>
2007-11-17 12:21:27 0 d-------- C:\Documents and Settings\chen\Application Data\Lavasoft
2007-11-17 11:20:37 81984 --a------ C:\WINDOWS\system32\yajwtvnd.dll
2007-11-17 11:17:37 85056 -----n--- C:\WINDOWS\system32\wqdkdbup.dll
2007-11-17 02:37:35 81984 --a------ C:\WINDOWS\system32\xcyfcigc.dll
2007-11-17 00:19:46 97792 --a------ C:\WINDOWS\system32\refresh.exe <Not Verified;
http://www.refresh.com; refresh.exe>
2007-11-16 18:45:10 0 d-------- C:\Documents and Settings\chen\Application Data\DivX
2007-11-16 18:40:02 0 d-------- C:\Program Files\DivX
2007-11-16 14:51:52 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-16 14:48:56 0 d-------- C:\WINDOWS\system32\LogFiles
2007-11-16 14:48:56 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-16 09:54:07 53248 -----n--- C:\WINDOWS\system32\06a1.dll <Not Verified; ; IEHpr Module>
2007-11-16 01:41:46 85056 --a------ C:\WINDOWS\system32\cxelxrjc.dll
2007-11-16 01:38:45 79936 --a------ C:\WINDOWS\system32\sefjrlih.dll
2007-11-15 20:56:05 0 d-------- C:\Program Files\Lavasoft
2007-11-15 20:55:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-15 20:34:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 20:30:21 0 d-------- C:\Program Files\a-squared Anti-Malware
2007-11-15 17:11:42 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-11-15 17:02:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-11-15 01:40:45 85056 --a------ C:\WINDOWS\system32\pbxhmhlb.dll
2007-11-14 16:55:25 0 d-------- C:\WINDOWS\A4W_DATA
2007-11-14 12:51:48 0 dr-h----- C:\Documents and Settings\chen\Recent
2007-11-14 01:51:37 0 d-------- C:\Documents and Settings\chen\??
2007-11-14 01:51:04 0 d-------- C:\Program Files\Trillian
2007-11-14 00:58:32 80448 --a------ C:\WINDOWS\system32\nlpfnqsu.dll
2007-11-14 00:58:29 0 d-------- C:\Program Files\Windows Installer Clean Up
2007-11-14 00:57:12 0 d-------- C:\Program Files\MSECACHE
2007-11-14 00:01:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\WinRAR
2007-11-13 23:59:32 512 --a------ C:\ScanSectorLog.dat <SCANSE~1.DAT>
2007-11-13 23:53:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\MailFrontier
2007-11-13 23:52:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-11-13 23:51:17 0 d-------- C:\Documents and Settings\Administrator\桌面
2007-11-13 23:51:17 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-11-13 23:51:17 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-11-13 23:51:17 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-11-13 23:51:17 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-11-13 23:51:17 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-11-13 23:51:17 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-11-13 23:51:17 0 d-------- C:\Documents and Settings\Administrator\Favorites
2007-11-13 23:51:17 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-11-13 23:51:17 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-11-13 23:51:17 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-11-13 23:51:17 0 dr------- C:\Documents and Settings\Administrator\「开始」菜单
2007-11-13 23:51:16 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-11-13 22:56:10 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-13 22:43:05 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-11-13 22:18:49 0 d-------- C:\Program Files\Common Files\Control Panels
2007-11-13 22:12:21 0 d-------- C:\Documents and Settings\All Users\Application Data\ALM
2007-11-13 20:48:00 0 d-------- C:\Program Files\QuickTime
2007-11-13 19:25:37 0 d-------- C:\Program Files\Bonjour
2007-11-13 18:56:49 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-13 15:52:19 80448 --a------ C:\WINDOWS\system32\tdwokvgb.dll
2007-11-13 02:44:55 84 --a------ C:\WINDOWS\-95-6868-102
2007-11-12 15:52:10 81472 --a------ C:\WINDOWS\system32\mannjxeb.dll
2007-11-11 13:08:30 0 d-------- C:\Program Files\Winamp
2007-11-11 10:35:35 0 d-------- C:\Documents and Settings\chen\Application Data\MailFrontier
2007-11-11 10:32:20 76320 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-11 10:32:20 731168 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-11 10:14:14 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-11-11 10:13:48 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2007-11-11 10:13:10 0 d-------- C:\WINDOWS\system32\ZoneLabs
2007-11-11 10:12:38 0 d-------- C:\WINDOWS\Internet Logs
2007-11-11 10:07:32 0 d-------- C:\Documents and Settings\chen\Application Data\WinRAR
2007-11-11 02:37:21 0 d-------- C:\Documents and Settings\chen\Application Data\Grisoft
2007-11-11 02:34:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-11 02:33:51 0 d-------- C:\VundoFix Backups <VUNDOF~1>
2007-11-11 02:27:24 0 d-------- C:\Program Files\Yahoo!
2007-11-11 02:27:14 0 d-------- C:\Program Files\CCleaner
2007-11-09 18:35:37 0 d-------- C:\Program Files\М?crosoft
2007-11-09 18:32:23 0 d-------- C:\Program Files\Common Files\?уstem32
2007-11-09 18:02:15 0 d-------- C:\Program Files\Microsoft Works
2007-11-09 18:02:02 0 d-------- C:\Program Files\MSBuild
2007-11-09 17:50:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-09 17:48:00 0 dr-h----- C:\MSOCache
2007-11-09 17:10:42 0 d-------- C:\Program Files\Common Files\xing shared
2007-11-09 17:10:18 0 d-------- C:\Program Files\Real
2007-11-09 17:10:18 0 d-------- C:\Documents and Settings\chen\Application Data\Real
2007-11-09 14:00:48 0 d-------- C:\Program Files\uTorrent
2007-11-09 14:00:43 0 d-------- C:\Documents and Settings\chen\Application Data\uTorrent
2007-11-08 19:36:14 1405 --a------ C:\WINDOWS\mozver.dat
2007-11-08 18:47:08 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-08 18:47:04 0 d-------- C:\Documents and Settings\chen\Application Data\Mozilla
2007-11-08 08:17:34 20541 --a------ C:\WINDOWS\system32\detoured.dll <Not Verified; Microsoft Corporation; Microsoft Research Detours Package>
2007-11-08 08:17:34 0 d-------- C:\Program Files\Windows Live
2007-11-08 08:17:34 0 d-a------ C:\Program Files\MSN Messenger
2007-11-08 08:17:34 0 d-------- C:\Program Files\Incesoft
2007-11-07 15:12:13 0 d-------- C:\Documents and Settings\chen\Application Data\QQUpdate
2007-11-07 15:08:19 0 d-------- C:\Documents and Settings\chen\Application Data\QQ
2007-11-07 14:06:55 68 --a------ C:\WINDOWS\system32\fc5a
2007-11-07 13:36:54 68 --a------ C:\WINDOWS\system32\efd
2007-11-07 13:06:53 68 --a------ C:\WINDOWS\system32\ec4
2007-11-07 12:36:52 68 --a------ C:\WINDOWS\system32\dcc4
2007-11-07 12:06:51 68 --a------ C:\WINDOWS\system32\cc45c1
2007-11-07 11:36:50 68 --a------ C:\WINDOWS\system32\c5aec
2007-11-07 11:06:49 68 --a------ C:\WINDOWS\system32\aec4
2007-11-07 10:36:48 68 --a------ C:\WINDOWS\system32\a63
2007-11-07 02:53:23 68 --a------ C:\WINDOWS\system32\7fc
2007-11-07 02:23:22 68 --a------ C:\WINDOWS\system32\1583
2007-11-07 02:03:16 29 --a------ C:\WINDOWS\system32\-55-6868-102
2007-11-07 02:02:59 14 --a------ C:\WINDOWS\system32\-71-6868-102
2007-11-05 22:20:15 0 d-------- C:\WINDOWS
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\WinSxS
2007-11-05 22:20:15 0 dr------- C:\WINDOWS\Web
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\twain_32
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\wins
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\wbem
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\usmt
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\spool
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\ShellExt
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\Setup
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\ras
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\oobe
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\npp
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\mui
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\inetsrv
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\IME
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\icsxml
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\ias
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\export
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\drivers
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-11-05 22:20:15 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\dhcp
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\config
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\3076
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\2052
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1054
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1042
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1041
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1037
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1033
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1031
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1028
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system32\1025
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\system
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\security
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Resources
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\repair
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Provisioning
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\PeerNet
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\pchealth
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\mui
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\msapps
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\msagent
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Media
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\java
2007-11-05 22:20:15 0 d--h----- C:\WINDOWS\inf
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\ime
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Help
2007-11-05 22:20:15 0 dr--s---- C:\WINDOWS\Fonts
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\ehome
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Driver Cache
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Debug
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Cursors
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Connection Wizard
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\Config
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\AppPatch
2007-11-05 22:20:15 0 d-------- C:\WINDOWS\addins
2007-11-05 15:19:26 0 d-------- C:\WINDOWS\system32\PreInstall
2007-11-05 15:19:24 0 d--h----- C:\WINDOWS\$hf_mig$
2007-11-05 15:09:05 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-11-05 14:59:52 14592 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:59:44 5760 --a------ C:\WINDOWS\system32\drivers\EabUsb.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
2007-11-05 14:59:44 7808 --a------ C:\WINDOWS\system32\drivers\eabfiltr.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HPQuick Launch Buttons>
2007-11-05 14:59:44 9344 --a------ C:\WINDOWS\system32\drivers\CPQBttn.sys <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
2007-11-05 14:59:44 987136 --a------ C:\WINDOWS\system32\BttnCmn.dll <Not Verified; Hewlett-Packard Company; Q Menu>
2007-11-05 14:59:43 0 d-------- C:\Program Files\Hewlett-Packard
2007-11-05 14:57:42 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-11-05 14:57:38 69722 --a------ C:\WINDOWS\system32\SynTPFcs.dll
2007-11-05 14:57:38 81920 --a------ C:\WINDOWS\system32\SynTPCo2.dll <Not Verified; Synaptics, Inc.; Synaptics Pointing Device Driver>
2007-11-05 14:57:38 94298 --a------ C:\WINDOWS\system32\SynTPAPI.dll <Not Verified; Synaptics, Inc.; Synaptics Pointing Device Driver>
2007-11-05 14:57:38 193056 --a------ C:\WINDOWS\system32\drivers\SynTP.sys <Not Verified; Synaptics, Inc.; Synaptics Pointing Device Driver>
2007-11-05 14:57:37 114688 --a------ C:\WINDOWS\system32\SynCtrl.dll <Not Verified; Synaptics, Inc.; Synaptics ActiveX Control>
2007-11-05 14:57:37 82013 --a------ C:\WINDOWS\system32\SynCOM.dll <Not Verified; Synaptics, Inc.; COM SDK>
2007-11-05 14:57:37 0 d-------- C:\Program Files\Synaptics
2007-11-05 14:56:32 0 d-------- C:\WINDOWS\nview
2007-11-05 14:55:15 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:55:10 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:55:08 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:55:03 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:59 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:58 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:57 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:55 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:54:54 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:52 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:54:33 4096 --a------ C:\WINDOWS\system32\ksuser.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:54:33 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:54:17 0 d-------- C:\Program Files\CONEXANT
2007-11-05 14:53:03 569856 --a------ C:\WINDOWS\system32\drivers\CHDAud.sys <Not Verified; Conexant Systems Inc.; Conexant HDAudio Driver>
2007-11-05 14:52:46 0 d-------- C:\Program Files\HPQ
2007-11-05 14:52:45 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-05 14:52:41 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-05 14:52:38 118784 --a------ C:\WINDOWS\system32\uci32105.dll <Not Verified; Conexant Systems, Inc; Conexant Unified x86 Device CoInstaller>
2007-11-05 14:52:38 86016 --a------ C:\WINDOWS\system32\mdmxsdk.dll <Not Verified; Conexant; Diagnostic Interface x86 DLL>
2007-11-05 14:52:38 12672 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface x86 Driver>
2007-11-05 14:52:37 206976 --a------ C:\WINDOWS\system32\drivers\HSFHWAZL.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2007-11-05 14:52:37 995712 --a------ C:\WINDOWS\system32\drivers\HSF_DPV.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2007-11-05 14:52:37 726400 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
2007-11-05 14:52:36 1519616 --a------ C:\WINDOWS\system32\nwiz.exe
2007-11-05 14:52:36 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-11-05 14:52:35 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-11-05 14:52:35 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-11-05 14:52:34 1466368 --a------ C:\WINDOWS\system32\nview.dll
2007-11-05 14:52:34 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-11-05 14:52:32 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-11-05 14:52:32 98304 --a------ C:\WINDOWS\system32\nvapi.dll
2007-11-05 14:52:31 425984 --a------ C:\WINDOWS\system32\keystone.exe
2007-11-05 14:52:17 0 d-------- C:\SWSETUP
2007-11-05 14:44:53 0 d-------- C:\Documents and Settings\chen\Application Data\Identities
2007-11-05 14:44:44 0 d-------- C:\Documents and Settings\chen\桌面
2007-11-05 14:44:44 0 d--h----- C:\Documents and Settings\chen\Templates
2007-11-05 14:44:44 0 dr-h----- C:\Documents and Settings\chen\SendTo
2007-11-05 14:44:44 0 d--h----- C:\Documents and Settings\chen\PrintHood
2007-11-05 14:44:44 3932160 --ah----- C:\Documents and Settings\chen\NTUSER.DAT
2007-11-05 14:44:44 0 d--h----- C:\Documents and Settings\chen\NetHood
2007-11-05 14:44:44 0 dr------- C:\Documents and Settings\chen\My Documents
2007-11-05 14:44:44 0 d--h----- C:\Documents and Settings\chen\Local Settings
2007-11-05 14:44:44 0 dr------- C:\Documents and Settings\chen\Favorites
2007-11-05 14:44:44 0 d---s---- C:\Documents and Settings\chen\Cookies
2007-11-05 14:44:44 0 dr-h----- C:\Documents and Settings\chen\Application Data
2007-11-05 14:44:44 0 dr------- C:\Documents and Settings\chen\「开始」菜单
2007-11-05 14:43:15 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-11-05 14:43:13 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-11-05 14:43:13 0 d-------- C:\WINDOWS\Prefetch
2007-11-05 14:43:12 1572864 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-11-05 14:43:12 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-11-05 14:43:12 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-11-05 14:43:12 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-11-05 14:43:12 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-11-05 14:42:47 1572864 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-11-05 14:42:47 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-11-05 14:42:47 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-11-05 14:42:47 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-11-05 14:42:47 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-11-05 14:39:52 0 d-------- C:\WINDOWS\system32\xircom
2007-11-05 14:39:52 0 d-------- C:\Program Files\microsoft frontpage
2007-11-05 14:39:38 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-11-05 14:39:30 0 -rahs---- C:\MSDOS.SYS
2007-11-05 14:39:30 0 -rahs---- C:\IO.SYS
2007-11-05 14:39:30 0 --a------ C:\CONFIG.SYS
2007-11-05 14:39:30 0 --a------ C:\AUTOEXEC.BAT
2007-11-05 14:39:13 112128 --a------ C:\WINDOWS\system32\mapi32.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:38:26 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-11-05 14:38:16 0 dr------- C:\WINDOWS\Offline Web Pages
2007-11-05 14:38:16 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-11-05 14:38:05 0 d--h----- C:\Program Files\WindowsUpdate
2007-11-05 14:38:00 0 d-------- C:\Program Files\Online Services
2007-11-05 14:37:43 0 d-------- C:\WINDOWS\system32\DirectX
2007-11-05 14:37:25 11264 --a------ C:\WINDOWS\system32\atrace.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:17 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll <Not Verified; Microsoft Corporation; Windows(R) NetMeeting(R)>
2007-11-05 14:37:16 64512 --a------ C:\WINDOWS\system32\acctres.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:37:13 0 d---s---- C:\WINDOWS\Tasks
2007-11-05 14:37:13 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:12 0 d-------- C:\Program Files\Common Files\MSSoap
2007-11-05 14:37:09 0 d-------- C:\WINDOWS\srchasst
2007-11-05 14:37:08 0 d-------- C:\WINDOWS\system32\Macromed
2007-11-05 14:37:05 6656 --a------ C:\WINDOWS\system32\wuauserv.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:05 180224 --a------ C:\WINDOWS\system32\wuaueng1.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:37:05 158720 --a------ C:\WINDOWS\system32\wuauclt1.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:37:04 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:04 381952 --a------ C:\WINDOWS\system32\qmgr.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:37:04 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:04 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:37:00 0 d-------- C:\Program Files\Movie Maker
2007-11-05 14:36:57 45568 --a------ C:\WINDOWS\system32\safrslv.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:36:57 29696 --a------ C:\WINDOWS\system32\safrdm.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:57 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:57 43008 --a------ C:\WINDOWS\system32\racpldlg.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:54 233984 --a------ C:\WINDOWS\system32\srrstr.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:54 0 d-------- C:\WINDOWS\system32\Restore
2007-11-05 14:36:54 23040 --a------ C:\WINDOWS\system32\fltmc.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:36:54 16896 --a------ C:\WINDOWS\system32\fltlib.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:36:54 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:36:53 168960 --a------ C:\WINDOWS\system32\srsvc.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:53 67072 --a------ C:\WINDOWS\system32\srclient.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:53 34560 --a------ C:\WINDOWS\system32\mnmdd.dll <Not Verified; Microsoft Corporation; Windows? NetMeeting?>
2007-11-05 14:36:53 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll <Not Verified; Intel Corporation; ISRDBG32.DLL>
2007-11-05 14:36:53 81920 --a------ C:\WINDOWS\system32\ils.dll <Not Verified; Microsoft Corporation; Windows? NetMeeting?>
2007-11-05 14:36:53 73216 --a------ C:\WINDOWS\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:52 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll <Not Verified; Microsoft Corporation; Windows? NetMeeting?>
2007-11-05 14:36:52 69632 --a------ C:\WINDOWS\system32\msconf.dll <Not Verified; Microsoft Corporation; Windows? NetMeeting?>
2007-11-05 14:36:52 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows? NetMeeting?>
2007-11-05 14:36:50 105984 --a------ C:\WINDOWS\system32\msoert2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:36:50 252928 --a------ C:\WINDOWS\system32\msoeacct.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:49 38912 --a------ C:\WINDOWS\system32\inetres.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:47 185344 --a------ C:\WINDOWS\system32\schedsvc.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:47 11776 --a------ C:\WINDOWS\system32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:47 260608 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:47 65536 --a------ C:\WINDOWS\system32\icwphbk.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:47 65536 --a------ C:\WINDOWS\system32\icwdial.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:46 73728 --a------ C:\WINDOWS\system32\isign32.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:46 253952 --a------ C:\WINDOWS\system32\inetcfg.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:36:08 21464 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-05 14:35:49 0 d-------- C:\WINDOWS\Registration
2007-11-05 14:35:33 0 d-------- C:\Program Files\Messenger
2007-11-05 14:35:30 5632 --a------ C:\WINDOWS\system32\write.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:30 0 d-------- C:\Program Files\MSN Gaming Zone
2007-11-05 14:35:21 138752 --a------ C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:21 44544 --a------ C:\WINDOWS\system32\hticons.dll <Not Verified; Hilgraeve, Inc.; Microsoft? Windows? Operating System>
2007-11-05 14:35:21 73216 --a------ C:\WINDOWS\system32\avwav.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:21 227840 --a------ C:\WINDOWS\system32\avtapi.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:21 16384 --a------ C:\WINDOWS\system32\avmeter.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:20 35328 --a------ C:\WINDOWS\system32\winchat.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:14 56832 --a------ C:\WINDOWS\system32\sol.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:14 605696 --a------ C:\WINDOWS\system32\getuname.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:14 80384 --a------ C:\WINDOWS\system32\charmap.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:14 114688 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:13 1048 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-11-05 14:35:13 19456 --a------ C:\WINDOWS\system32\tsshutdn.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:13 18432 --a------ C:\WINDOWS\system32\tskill.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:13 10752 --a------ C:\WINDOWS\system32\reset.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:13 126976 --a------ C:\WINDOWS\system32\mshearts.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:13 55296 --a------ C:\WINDOWS\system32\freecell.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 16896 --a------ C:\WINDOWS\system32\tsdiscon.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 17408 --a------ C:\WINDOWS\system32\tscon.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 16896 --a------ C:\WINDOWS\system32\shadow.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 17920 --a------ C:\WINDOWS\system32\rwinsta.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 33792 --a------ C:\WINDOWS\system32\regini.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:12 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 26624 --a------ C:\WINDOWS\system32\qwinsta.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 18944 --a------ C:\WINDOWS\system32\qappsrv.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 24576 --a------ C:\WINDOWS\system32\msg.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 17408 --a------ C:\WINDOWS\system32\logoff.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:12 15872 --a------ C:\WINDOWS\system32\cdmodem.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:11 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:11 4096 --a------ C:\WINDOWS\system32\mtxex.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:11 20480 --a------ C:\WINDOWS\system32\mtxdm.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:11 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:11 97792 --a------ C:\WINDOWS\system32\comrepl.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:11 25600 --a------ C:\WINDOWS\system32\comaddin.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:10 54272 --a------ C:\WINDOWS\system32\stclient.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:10 147456 --a------ C:\WINDOWS\system32\comsnap.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:05 127488 --a------ C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:05 169472 --a------ C:\WINDOWS\system32\accwiz.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:04 332288 --a------ C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:04 119808 --a------ C:\WINDOWS\system32\mplay32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:04 333824 --a------ C:\WINDOWS\system32\hypertrm.dll <Not Verified; Hilgraeve, Inc.; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:04 0 d-------- C:\Program Files\Windows NT
2007-11-05 14:35:03 93184 --a------ C:\WINDOWS\system32\tscfgwmi.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:03 537088 --a------ C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:03 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:03 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:03 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:03 96768 --a------ C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:02 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:02 285696 --a------ C:\WINDOWS\system32\termsrv.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:02 136704 --a------ C:\WINDOWS\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:02 57344 --a------ C:\WINDOWS\system32\remotepg.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:02 67072 --a------ C:\WINDOWS\system32\rdshost.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:02 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:02 147968 --a------ C:\WINDOWS\system32\rdchost.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:02 655360 --a------ C:\WINDOWS\system32\mstscax.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:02 390144 --a------ C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:01 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:01 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:01 62464 --a------ C:\WINDOWS\system32\rdpclip.exe <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:01 22528 --a------ C:\WINDOWS\system32\qprocess.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:01 91136 --a------ C:\WINDOWS\system32\mtxoci.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:35:01 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:35:01 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:35:01 0 d-------- C:\WINDOWS\system32\MsDtc
2007-11-05 14:35:01 11264 --a------ C:\WINDOWS\system32\icaapi.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:35:01 38400 --a------ C:\WINDOWS\system32\cfgbkend.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:35:00 11776 --a------ C:\WINDOWS\system32\xolehlp.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:35:00 956416 --a------ C:\WINDOWS\system32\msdtctm.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:35:00 58880 --a------ C:\WINDOWS\system32\msdtclog.dll <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:35:00 6144 --a------ C:\WINDOWS\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2007-11-05 14:34:59 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:59 0 d-------- C:\WINDOWS\system32\Com
2007-11-05 14:34:59 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:59 110080 --a------ C:\WINDOWS\system32\clbcatex.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:59 625152 --a------ C:\WINDOWS\system32\catsrvut.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:59 85504 --a------ C:\WINDOWS\system32\catsrvps.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:59 225792 --a------ C:\WINDOWS\system32\catsrv.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:58 540160 --a------ C:\WINDOWS\system32\comuid.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:58 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2007-11-05 14:34:52 55296 --a------ C:\WINDOWS\system32\servdeps.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:34:52 16896 --a------ C:\WINDOWS\system32\mmfutil.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:34:52 58880 --a------ C:\WINDOWS\system32\licwmi.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:34:52 173056 --a------ C:\WINDOWS\system32\cmprops.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:34:48 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:34:47 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:32:50 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:32:23 54784 --a------ C:\WINDOWS\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:32:02 9344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:32:01 16000 --a------ C:\WINDOWS\system32\drivers\battc.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:32:00 14080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:31:23 65024 --a------ C:\WINDOWS\system32\usbui.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:31:08 8832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:30:30 0 d--hs---- C:\WINDOWS\Installer
2007-11-05 14:30:29 0 d-------- C:\Program Files\Common Files\ODBC
2007-11-05 14:30:26 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-11-05 14:30:25 0 dr------- C:\Program Files <PROGRA~1>
2007-11-05 14:30:25 0 d-------- C:\Program Files\Common Files
2007-11-05 14:29:55 185344 --a------ C:\WINDOWS\system32\Thawbrkr.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdvntc.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdintel.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdintam.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 6144 -ra------ C:\WINDOWS\system32\kbdinpun.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdinmar.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdinkan.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdinhin.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdinguj.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5632 -ra------ C:\WINDOWS\system32\kbdindev.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5120 -ra------ C:\WINDOWS\system32\kbdgeo.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5120 -ra------ C:\WINDOWS\system32\kbdarmw.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 5120 -ra------ C:\WINDOWS\system32\kbdarme.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:55 10752 --a------ C:\WINDOWS\system32\c_iscii.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 --a------ C:\WINDOWS\system32\kbdusa.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbdurdu.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbdsyr2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbdsyr1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbdfa.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbddiv2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbddiv1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbda3.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbda2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:53 5632 -ra------ C:\WINDOWS\system32\kbda1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:50 5632 -ra------ C:\WINDOWS\system32\kbdheb.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:47 6144 -ra------ C:\WINDOWS\system32\kbdth3.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:47 6144 -ra------ C:\WINDOWS\system32\kbdth2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:47 5632 -ra------ C:\WINDOWS\system32\kbdth1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:47 5632 -ra------ C:\WINDOWS\system32\kbdth0.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:47 6144 --a------ C:\WINDOWS\system32\ftlx041e.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:42 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:42 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:42 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:41 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:41 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:39 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:37 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:37 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:37 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:37 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:37 6144 -ra------ C:\WINDOWS\system32\kbdest.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:36 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:36 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:36 5632 -ra------ C:\WINDOWS\system32\kbdro.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:35 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:31 838144 --a------ C:\WINDOWS\system32\chtbrkr.dll <Not Verified; Microsoft Corporation; Microsoft Traditional Chinese Word Breaker>
2007-11-05 14:29:30 98304 --a------ C:\WINDOWS\system32\msir3jp.dll <Not Verified; Microsoft Corporation; Natural Language Components>
2007-11-05 14:29:30 70656 --a------ C:\WINDOWS\system32\korwbrkr.dll <Not Verified; Microsoft Corporation; Korean WordBreaker>
2007-11-05 14:29:20 218112 --a------ C:\WINDOWS\system32\c_g18030.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:19 6144 --a------ C:\WINDOWS\system32\kbd101a.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 7680 --a------ C:\WINDOWS\system32\kbdnecNT.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 9216 --a------ C:\WINDOWS\system32\kbdnecAT.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 7168 --a------ C:\WINDOWS\system32\kbdnec95.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 6144 --a------ C:\WINDOWS\system32\kbdlk41j.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 6656 --a------ C:\WINDOWS\system32\kbdlk41a.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 7168 --a------ C:\WINDOWS\system32\kbdibm02.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 6144 --a------ C:\WINDOWS\system32\kbdax2.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 6144 --a------ C:\WINDOWS\system32\kbd106n.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 6144 --a------ C:\WINDOWS\system32\kbd101.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:29:09 7168 --a------ C:\WINDOWS\system32\f3ahvoas.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:46 6656 --a------ C:\WINDOWS\system32\c_is2022.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:44 76288 --a------ C:\WINDOWS\system32\uniime.dll <Not Verified; Microsoft Corporation; MicrosoftR WindowsR Operating System>
2007-11-05 14:28:44 811064 --a------ C:\WINDOWS\system32\imjp81k.dll <Not Verified; Microsoft Corporation; Microsoft IME 2002>
2007-11-05 14:28:42 8192 --a------ C:\WINDOWS\system32\kbdkor.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:42 8704 --a------ C:\WINDOWS\system32\kbdjpn.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:42 6144 --a------ C:\WINDOWS\system32\kbd106.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:42 5632 --a------ C:\WINDOWS\system32\kbd103.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:42 6144 --a------ C:\WINDOWS\system32\kbd101c.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:39 6144 --a------ C:\WINDOWS\system32\kbd101b.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:37 13312 --a------ C:\WINDOWS\system32\irclass.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:28:37 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll <Not Verified; Digi International, Inc.; Digi RealPort? Driver>
2007-11-05 14:28:36 24661 --a------ C:\WINDOWS\system32\spxcoins.dll <Not Verified; Perle Systems Ltd.; Specialix Multi-port Serial Device Class CoInstaller>
2007-11-05 14:28:36 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll <Not Verified; Equinox Systems Inc.; Equinox Multiport Serial Coinstaller>
2007-11-05 14:28:36 85020 --a------ C:\WINDOWS\system32\dgsetup.dll <Not Verified; Digi International; DGSETUP Dynamic Link Library>
2007-11-05 14:28:36 9008 --a------ C:\WINDOWS\system\VER.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(TM) Operating System>
2007-11-05 14:28:36 19200 --a------ C:\WINDOWS\system\TAPI.DLL <Not Verified; Microsoft Corporation; Microsoft?Windows(TM) Operating System>
2007-11-05 14:28:36 5120 --a------ C:\WINDOWS\system\SHELL.DLL <Not Verified; Microsoft Corporation; Microsoft?Windows(TM) Operating System>
2007-11-05 14:28:35 24064 --a------ C:\WINDOWS\system\OLESVR.DLL <Not Verified; Microsoft Corporation; Microsoft Object Linking and Embedding Libraries for Window>
2007-11-05 14:28:35 82535 --a------ C:\WINDOWS\system\OLECLI.DLL <Not Verified; Microsoft Corporation; Microsoft Object Linking and Embedding Libraries for Windows>
2007-11-05 14:28:35 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
2007-11-05 14:28:35 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL <Not Verified; Microsoft Corporation; Microsoft?Windows(TM) Operating System>
2007-11-05 14:28:35 32848 --a------ C:\WINDOWS\system\COMMDLG.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(TM) 操作系统>
2007-11-05 14:28:35 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL <Not Verified; Microsoft Corporation; Microsoft Windows>
2007-11-05 14:28:34 15360 --a------ C:\WINDOWS\TASKMAN.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:28:34 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:34 8704 --a------ C:\WINDOWS\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft? Windows? Operating System>
2007-11-05 14:28:34 69584 --a------ C:\WINDOWS\system\AVICAP.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
2007-11-05 14:28:33 68768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(TM) 操作系统>
2007-11-05 14:28:33 66560 --a------ C:\WINDOWS\NOTEPAD.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:28:32 67584 --a------ C:\WINDOWS\system32\storprop.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-11-05 14:28:23 0 d-------- C:\Documents and Settings\Default User\桌面
2007-11-05 14:28:23 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-11-05 14:28:23 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-11-05 14:28:23 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-11-05 14:28:23 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-11-05 14:28:23 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-11-05 14:28:23 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-11-05 14:28:23 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-11-05 14:28:23 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-11-05 14:28:23 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-11-05 14:28:23 0 dr------- C:\Documents and Settings\Default User\「开始」菜单
2007-11-05 14:28:23 0 d-------- C:\Documents and Settings\All Users\桌面
2007-11-05 14:28:23 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-11-05 14:28:23 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-11-05 14:28:23 0 dr------- C:\Documents and Settings\All Users\Documents
2007-11-05 14:28:23 0 dr------- C:\Documents and Settings\All Users\「开始」菜单
2007-11-05 14:28:11 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-11-05 14:28:11 0 d-------- C:\WINDOWS\system32\CatRoot
2007-11-05 14:28:05 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-11-05 14:28:05 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-11-05 14:28:05 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-11-05 14:28:05 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-11-05 14:27:42 0 d--hs---- C:\System Volume Information <SYSTEM~1>
2007-11-05 14:27:42 0 d-------- C:\Documents and Settings <DOCUME~1>
2007-10-20 08:56:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 08:54:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-20 08:54:28 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-20 08:54:12 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-20 08:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-20 08:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-20 08:54:10 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX?>
-- Find3M Report ---------------------------------------------------------------
2007-11-19 07:34:39 147212 --a------ C:\WINDOWS\system32\prfh0804.dat
2007-11-19 07:34:39 75018 --a------ C:\WINDOWS\system32\prfc0804.dat
2007-11-19 06:50:40 0 d-------- C:\Program Files\Symantec AntiVirus
2007-11-17 15:22:48 0 d-------- C:\Program Files\StormII
2007-11-15 13:45:11 24114 --a------ C:\WINDOWS\system32\comrcinf.dat
2007-11-15 13:45:11 369 --a------ C:\WINDOWS\system32\cmbinfo.dat
2007-11-14 14:36:23 0 d-------- C:\Documents and Settings\chen\Application Data\Adobe
2007-11-13 22:27:19 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-09 19:57:22 0 d-------- C:\Program Files\М?crosoft
2007-11-09 19:57:22 0 d-------- C:\Program Files\Common Files\?уstem32
2007-11-09 17:10:32 0 d-------- C:\Program Files\Common Files\Real
2007-11-09 17:10:22 499712 --a------ C:\WINDOWS\system32\msvcp71.dll <Not Verified; Microsoft Corporation; Microsoft? Visual Studio .NET>
2007-11-09 17:04:20 0 d-------- C:\Documents and Settings\chen\Application Data\Macromedia
2007-11-05 14:28:23 62 --ahs---- C:\Documents and Settings\chen\Application Data\desktop.ini
2007-10-18 17:02:34 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-09-30 20:47:12 139264 ---h----- C:\msn.exe <Not Verified;
http://www.msn.com; msncom>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3930D164-6564-4099-A33E-2DD4DFBC4669}]
C:\WINDOWS\system32\ssqpm.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{96BEE5B7-892D-4A91-82F8-17C585B67D8C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 13:01]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-02-16 14:42]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-06-09 20:31]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2004-08-02 19:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-09 17:10]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-01-08 14:29]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2007-08-31 20:24]
"combofix"="C:\WINDOWS\system32\cmd.exe" [2004-08-17 22:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 22:00]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ctfmon.exe"=ctfmon.exe
C:\Documents and Settings\chen\「开始」菜单\程序\启动\
msn.exe [2007-09-30 20:47:12]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{867623F2-B60C-49c4-A50D-FCA697B0CC04}"= C:\WINDOWS\system32\NavCOM03.dll [2005-11-05 18:13 0]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b68dc774-8e6f-11dc-893c-0016d3a75b70}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL msn.exe
explore\Command- F:\msn.exe
open\Command- F:\msn.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c10aa8-4e6a-11da-8494-0016d3a75b70}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL msn.exe
explore\Command- H:\msn.exe
open\Command- H:\msn.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee9f7c1d-4e13-11da-bfb9-0016d3a75b70}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL msn.exe
explore\Command- F:\msn.exe
open\Command- F:\msn.exe
-- End of Deckard's System Scanner: finished at 2007-11-19 07:40:48 ------------
Extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Chinese
CPU 0: AMD Athlon(tm) 64 X2
CPU 1: AMD Athlon(tm) 64 X2
Percentage of Memory in Use: 53%
Physical Memory (total/avail): 990.54 MiB / 458.17 MiB
Pagefile Memory (total/avail): 1619.88 MiB / 1206.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1929.81 MiB
C: is Fixed (NTFS) - 59.57 GiB total, 38.38 GiB free.
D: is Fixed (NTFS) - 52.21 GiB total, 51.77 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - SAMSUNG HM120JI - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - 可安装文件系统 - 59.57 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 52.21 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: ZoneAlarm Security Suite Firewall v7.0.302.000 (Check Point, LTD.)
AV: ZoneAlarm Security Suite Antivirus v7.0.302.000 (Check Point, LTD.)
Disabled OutdatedAV: Symantec AntiVirus Corporate Edition v9.0.1.1000 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\chen\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=CHENGONGJI
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\chen
LOGONSERVER=\\CHENGONGJI
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\chen\LOCALS~1\Temp
TMP=C:\DOCUME~1\chen\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=CHENGONGJI
USERNAME=chen
USERPROFILE=C:\Documents and Settings\chen
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
chen
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Anti-Malware 3.0 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Add or Remove Adobe Creative Suite 3 Master Collection --> C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe
Adobe After Effects CS3 --> MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe After Effects CS3 Presets --> MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3 --> MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3 --> MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Master Collection --> MsiExec.exe /I{8718DC03-D066-4957-94E5-50C3C5042E8E}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3 --> MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe Encore CS3 --> MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
Adobe Encore CS3 Codecs --> MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3 --> MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3 --> MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
Adobe Flash CS3 --> MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player 9 Plugin --> MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Video Encoder --> MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3 --> MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 --> MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe InDesign CS3 Icon Handler --> MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files --> MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Pro CS3 --> MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Premiere Pro CS3 Functional Content --> MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content --> MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Reader 7.08 雨林木风版 --> "C:\Program Files\Adobe\Acrobat 7.0\Reader\unins000.exe"
Adobe Setup --> MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe SING CS3 --> MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Soundbooth CS3 --> MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
Adobe Soundbooth CS3 Codecs --> MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server --> MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles --> MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3 --> MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3 --> MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3 --> MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AHV content for Acrobat and Flash --> MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -Iwis30B5a.INF
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_wis30B5m\HXFSETUP.EXE -U -Iwis30B5m.inf
HijackThis 2.0.2 --> "C:\Documents and Settings\chen\桌面\HijackThis.exe" /uninstal
HP Quick Launch Buttons 6.00 D1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x804 -removeonly uninst
LiveUpdate 2.0 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
MailFrontier Desktop --> C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\UNWISE.EXE C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\INSTMLF.LOG
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110804-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec AntiVirus --> MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Trillian --> C:\Program Files\Trillian\trillian.exe /uninstall
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP 安全更新 (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
ZoneAlarm Security Suite --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
μTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
千千静听 4.6.0 --> "C:\Program Files\TTPlayer\uninst.exe"
暴风影音2 --> C:\Program Files\StormII\uninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type2221 / Error
Event Submitted/Written: 11/19/2007 07:34:39 AM
Event ID/Source: 3001 / LoadPerf
Event Description:
注册表中性能计数器名称字符串数值的格式不正确。
不正确的字符串是 3696,不正确的索引值是数据节中的第一个 DWORD 值,
最后的有效索引值是数据节中的第二个和第三个 DWORD 值。
Event Record #/Type2220 / Warning
Event Submitted/Written: 11/19/2007 07:34:39 AM
Event ID/Source: 2006 / LoadPerf
Event Description:
性能注册表的 LastCounter 和 LastHelp 值不正确,需要更新。
数据段中的第一个和第二个 DWORDs 是原始值,
第三个和第四个 DWORDs 是经过更新的新值。
Event Record #/Type2217 / Error
Event Submitted/Written: 11/19/2007 06:52:47 AM
Event ID/Source: 3001 / LoadPerf
Event Description:
注册表中性能计数器名称字符串数值的格式不正确。
不正确的字符串是 3696,不正确的索引值是数据节中的第一个 DWORD 值,
最后的有效索引值是数据节中的第二个和第三个 DWORD 值。
Event Record #/Type2216 / Warning
Event Submitted/Written: 11/19/2007 06:52:47 AM
Event ID/Source: 2006 / LoadPerf
Event Description:
性能注册表的 LastCounter 和 LastHelp 值不正确,需要更新。
数据段中的第一个和第二个 DWORDs 是原始值,
第三个和第四个 DWORDs 是经过更新的新值。
Event Record #/Type2207 / Error
Event Submitted/Written: 11/19/2007 06:40:57 AM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Trojan.Vundo in File: C:\Documents and Settings\chen\Local Settings\Temporary Internet Files\Content.IE5\0AKU45XY\hctp[1] by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Threat Found!Threat: W32.SillyFDC in File: C:\Documents and Settings\chen\「开始」菜单\程序\启动\msn.exe by: Scheduled scan. Action: Clean failed : Quarantine failed. Action Description: The file was left unchanged.
Threat Found!Threat: W32.SillyFDC in File: C:\Documents and Settings\chen\桌面\backups\backup-20071115-191232-956-msn.exe by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Threat Found!Threat: W32.SillyFDC in File: C:\msn.exe by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3225 / Error
Event Submitted/Written: 11/19/2007 06:50:39 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
由于下列错误,SAVRT 服务启动失败:
%%31
Event Record #/Type3224 / Error
Event Submitted/Written: 11/19/2007 06:50:39 AM
Event ID/Source: 6 / SAVRT
Event Description:
Incompatible version of SYMEVENT.SYS is loaded.
Event Record #/Type3223 / Error
Event Submitted/Written: 11/19/2007 06:50:38 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
由于下列错误,Application Layer Gateway Service 服务启动失败:
%%1053
Event Record #/Type3222 / Error
Event Submitted/Written: 11/19/2007 06:49:28 AM
Event ID/Source: 7009 / Service Control Manager
Event Description:
等待 Application Layer Gateway Service 服务的连接超时(30000 毫秒)。
Event Record #/Type3209 / Error
Event Submitted/Written: 11/19/2007 06:48:57 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Automatic Updates 服务因下列错误而停止:
%%3228369022
-- End of Deckard's System Scanner: finished at 2007-11-19 07:40:48 ------------
Ran hijack this and removed the stated items.