Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help me out please possible keylogger >_<!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help me out please possible keylogger >_<!!

Unread postby jINX » October 14th, 2008, 7:12 am

I was on my brother's computer on the World of Warcraft forums and was looking at what some people had to say.. this guy posted a link for "an awesome talent build" and I was stupid enough to click on it :( !! When I clicked the link this page came up.. a pic of a map and this little app ran then dissappeared. My scan's show up all clear but I'm not convinced.. I want to be sure my brother computer is clean! PLEASE HELP ME as I'm petrified of screwing up my brother's computer!! here's my hijjackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:37 PM, on 14/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Users\Marko\Program Files\DNA\btdna.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\PROGRA~1\mcafee\msc\mcshell.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [StartDbServices] WSCRIPT "\JOBS\StartDbServices.vbs"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Marko\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: StupAssist.lnk = C:\Program Files\Common Files\Nikon\Utilities\StupAssist.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11502 bytes
jINX
Active Member
 
Posts: 5
Joined: October 14th, 2008, 6:43 am
Advertisement
Register to Remove

Re: Help me out please possible keylogger >_<!!

Unread postby Katana » October 18th, 2008, 10:29 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

----------------------------------------------------------------------------------------

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please do the following



REMOVE P2P PROGRAMS

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

BitTorrent
BitTorrent DNA


Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected.
The bad guys use P2P filesharing as a major conduit to spread their wares.

Go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red) NOW.


Download and Run RSIT
  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Help me out please possible keylogger >_<!!

Unread postby jINX » October 21st, 2008, 4:40 am

Ok here they are:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Marko at 2008-10-21 19:35:58
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 113 GB (50%) free of 228 GB
Total RAM: 2045 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:36:34 PM, on 21/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\System32\rundll32.exe
C:\Users\Marko\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Marko\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Marko.exe
C:\Users\Public\Games\World of Warcraft\wow.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [StartDbServices] WSCRIPT "\JOBS\StartDbServices.vbs"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Marko\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11981 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{F88DB9EE-D4BD-44EE-8844-B41E1A1DEE4B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-10-24 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-10-20 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-11-18 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-10-20 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"StartDbServices"=WSCRIPT \JOBS\StartDbServices.vbs []
"SigmatelSysTrayApp"=C:\Windows\sttray.exe [2007-02-08 303104]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-09-29 151552]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-04-04 240640]
"ECenter"=c:\dell\E-Center\EULALauncher.exe [2006-11-18 17920]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2006-11-12 446976]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe [2008-03-26 1232896]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2008-04-16 1079808]
"BitTorrent DNA"=C:\Users\Marko\Program Files\DNA\btdna.exe [2008-09-19 289088]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-10-20 171448]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
NETGEAR WG111v2 Smart Wizard..lnk - C:\Program Files\Common Files\VistaRunApp.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files\Xfire\xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-10-21 19:35:58 ----D---- C:\rsit
2008-10-20 16:40:34 ----N---- C:\Windows\system32\dao360.dll
2008-10-20 16:34:30 ----D---- C:\Windows\pss
2008-10-20 16:25:39 ----A---- C:\Windows\system32\dbmsqlgc.dll
2008-10-20 16:25:39 ----A---- C:\Windows\system32\dbmsgnet.dll
2008-10-20 16:24:46 ----D---- C:\Program Files\Microsoft SQL Server
2008-10-20 16:19:55 ----D---- C:\PP5
2008-10-17 01:14:54 ----D---- C:\ProgramData\Blizzard
2008-10-16 18:31:58 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-16 18:31:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-16 18:31:54 ----A---- C:\Windows\system32\mshtml.dll
2008-10-16 18:31:53 ----A---- C:\Windows\system32\ieframe.dll
2008-10-16 18:31:51 ----A---- C:\Windows\system32\urlmon.dll
2008-10-16 18:31:50 ----A---- C:\Windows\system32\wininet.dll
2008-10-16 18:31:50 ----A---- C:\Windows\system32\iertutil.dll
2008-10-16 18:31:49 ----A---- C:\Windows\system32\mstime.dll
2008-10-16 18:31:45 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-15 19:57:54 ----D---- C:\Windows\Sun
2008-10-14 21:54:26 ----D---- C:\Users\Marko\AppData\Roaming\Malwarebytes
2008-10-14 21:54:17 ----D---- C:\ProgramData\Malwarebytes
2008-10-14 21:54:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-14 21:46:41 ----D---- C:\Program Files\Trend Micro
2008-10-14 21:28:31 ----D---- C:\Program Files\Enigma Software Group
2008-10-13 17:28:19 ----D---- C:\ProgramData\Adobe
2008-10-13 17:28:14 ----D---- C:\Program Files\Common Files\Adobe
2008-10-12 19:15:27 ----D---- C:\Users\Marko\AppData\Roaming\AVS4YOU
2008-10-12 19:15:24 ----D---- C:\ProgramData\AVS4YOU
2008-10-11 18:53:47 ----D---- C:\Program Files\AVS4YOU
2008-10-11 18:53:20 ----D---- C:\Program Files\Common Files\AVSMedia
2008-10-11 18:53:17 ----A---- C:\Windows\system32\GdiPlus.dll
2008-10-09 16:41:52 ----D---- C:\Program Files\XviD
2008-10-09 16:36:44 ----D---- C:\Program Files\Growler Guncam
2008-10-09 16:35:42 ----D---- C:\Program Files\Common Files\GC Install
2008-10-09 16:32:10 ----D---- C:\ProgramData\Azureus
2008-10-09 16:32:04 ----D---- C:\Users\Marko\AppData\Roaming\Azureus
2008-10-06 21:56:17 ----D---- C:\Users\Marko\AppData\Roaming\NCH Software
2008-10-06 21:52:34 ----D---- C:\ProgramData\NCH Software
2008-10-06 21:52:28 ----D---- C:\Program Files\NCH Software
2008-10-05 16:17:29 ----D---- C:\Program Files\iPod
2008-10-05 16:17:27 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-05 16:17:27 ----D---- C:\Program Files\iTunes
2008-10-05 16:10:30 ----D---- C:\Program Files\Vuze
2008-09-25 22:09:39 ----A---- C:\Windows\system32\msshooks.dll
2008-09-25 22:09:38 ----A---- C:\Windows\system32\msscb.dll
2008-09-25 22:09:35 ----A---- C:\Windows\system32\mssitlb.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\thawbrkr.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\srchadmin.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-09-25 22:09:34 ----A---- C:\Windows\system32\propsys.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\propdefs.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\msstrc.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\mssprxy.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\msshsq.dll
2008-09-25 22:09:34 ----A---- C:\Windows\system32\korwbrkr.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\xmlfilter.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\wsepno.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\tquery.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-09-25 22:09:33 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-09-25 22:09:33 ----A---- C:\Windows\system32\rtffilt.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\offfilt.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\nlhtml.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\mssrch.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\msscntrs.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\mimefilt.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\chtbrkr.dll
2008-09-25 22:09:33 ----A---- C:\Windows\system32\chsbrkr.dll
2008-09-25 22:09:32 ----A---- C:\Windows\system32\mssvp.dll
2008-09-25 22:09:32 ----A---- C:\Windows\system32\mssphtb.dll
2008-09-25 22:09:32 ----A---- C:\Windows\system32\mssph.dll
2008-09-25 17:10:05 ----A---- C:\Windows\system32\rpcrt4.dll
2008-09-25 17:10:03 ----A---- C:\Windows\system32\pacerprf.dll
2008-09-25 17:10:00 ----A---- C:\Windows\system32\emdmgmt.dll
2008-09-25 17:10:00 ----A---- C:\Windows\system32\dataclen.dll
2008-09-25 17:09:59 ----A---- C:\Windows\system32\cdd.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\wshext.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\wscript.exe
2008-09-25 17:09:55 ----A---- C:\Windows\system32\vbscript.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\scrrun.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\scrobj.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\jscript.dll
2008-09-25 17:09:55 ----A---- C:\Windows\system32\cscript.exe
2008-09-25 12:16:47 ----D---- C:\PerfLogs
2008-09-24 19:41:47 ----A---- C:\Windows\system32\SLsvc.exe
2008-09-24 19:41:47 ----A---- C:\Windows\system32\onex.dll
2008-09-24 19:41:38 ----A---- C:\Windows\system32\PSHED.DLL
2008-09-24 19:41:37 ----A---- C:\Windows\system32\imagesp1.dll
2008-09-24 19:41:35 ----A---- C:\Windows\system32\dfsr.exe
2008-09-24 19:41:34 ----A---- C:\Windows\system32\pidgenx.dll
2008-09-24 19:41:33 ----A---- C:\Windows\system32\sstpsvc.dll
2008-09-24 19:41:33 ----A---- C:\Windows\system32\mstscax.dll
2008-09-24 19:41:32 ----A---- C:\Windows\system32\WsmSvc.dll
2008-09-24 19:41:32 ----A---- C:\Windows\system32\winrscmd.dll
2008-09-24 19:41:31 ----A---- C:\Windows\system32\sysmain.dll
2008-09-24 19:41:31 ----A---- C:\Windows\system32\RMActivate.exe
2008-09-24 19:41:30 ----A---- C:\Windows\system32\VSSVC.exe
2008-09-24 19:41:30 ----A---- C:\Windows\system32\vssapi.dll
2008-09-24 19:41:29 ----A---- C:\Windows\system32\secproc.dll
2008-09-24 19:41:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2008-09-24 19:41:29 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2008-09-24 19:41:29 ----A---- C:\Windows\system32\iesetup.dll
2008-09-24 19:41:26 ----A---- C:\Windows\system32\secproc_isv.dll
2008-09-24 19:41:25 ----A---- C:\Windows\system32\drmv2clt.dll
2008-09-24 19:41:24 ----A---- C:\Windows\system32\icardres.dll
2008-09-24 19:41:24 ----A---- C:\Windows\system32\icardagt.exe
2008-09-24 19:41:23 ----A---- C:\Windows\system32\xpssvcs.dll
2008-09-24 19:41:23 ----A---- C:\Windows\system32\blackbox.dll
2008-09-24 19:41:22 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2008-09-24 19:41:22 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2008-09-24 19:41:22 ----A---- C:\Windows\system32\RacEngn.dll
2008-09-24 19:41:22 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2008-09-24 19:41:21 ----A---- C:\Windows\system32\spwizimg.dll
2008-09-24 19:41:21 ----A---- C:\Windows\system32\rdpencom.dll
2008-09-24 19:41:20 ----A---- C:\Windows\system32\msxml6.dll
2008-09-24 19:41:20 ----A---- C:\Windows\system32\msxml3.dll
2008-09-24 19:41:20 ----A---- C:\Windows\system32\lpremove.exe
2008-09-24 19:41:20 ----A---- C:\Windows\bfsvc.exe
2008-09-24 19:41:19 ----A---- C:\Windows\system32\ntdll.dll
2008-09-24 19:41:19 ----A---- C:\Windows\system32\msjet40.dll
2008-09-24 19:41:19 ----A---- C:\Windows\system32\lsasrv.dll
2008-09-24 19:41:18 ----A---- C:\Windows\system32\wevtsvc.dll
2008-09-24 19:41:18 ----A---- C:\Windows\system32\qmgr.dll
2008-09-24 19:41:18 ----A---- C:\Windows\system32\localspl.dll
2008-09-24 19:41:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2008-09-24 19:41:17 ----A---- C:\Windows\system32\wcncsvc.dll
2008-09-24 19:41:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2008-09-24 19:41:17 ----A---- C:\Windows\system32\recdisc.exe
2008-09-24 19:41:17 ----A---- C:\Windows\system32\mscoree.dll
2008-09-24 19:41:17 ----A---- C:\Windows\system32\kernel32.dll
2008-09-24 19:41:16 ----A---- C:\Windows\system32\vds.exe
2008-09-24 19:41:16 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2008-09-24 19:41:14 ----A---- C:\Windows\system32\wmp.dll
2008-09-24 19:41:13 ----A---- C:\Windows\system32\wcnwiz.dll
2008-09-24 19:41:13 ----A---- C:\Windows\system32\SMBHelperClass.dll
2008-09-24 19:41:13 ----A---- C:\Windows\system32\msvbvm60.dll
2008-09-24 19:41:13 ----A---- C:\Windows\system32\mstsc.exe
2008-09-24 19:41:12 ----A---- C:\Windows\system32\termsrv.dll
2008-09-24 19:41:12 ----A---- C:\Windows\system32\msdtctm.dll
2008-09-24 19:41:12 ----A---- C:\Windows\system32\mf.dll
2008-09-24 19:41:11 ----A---- C:\Windows\system32\kerberos.dll
2008-09-24 19:41:11 ----A---- C:\Windows\system32\IMJP10K.DLL
2008-09-24 19:41:11 ----A---- C:\Windows\system32\advapi32.dll
2008-09-24 19:41:10 ----A---- C:\Windows\system32\mmcndmgr.dll
2008-09-24 19:41:09 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2008-09-24 19:41:09 ----A---- C:\Windows\system32\MPSSVC.dll
2008-09-24 19:41:09 ----A---- C:\Windows\system32\CertEnroll.dll
2008-09-24 19:41:08 ----A---- C:\Windows\system32\xolehlp.dll
2008-09-24 19:41:08 ----A---- C:\Windows\system32\Query.dll
2008-09-24 19:41:08 ----A---- C:\Windows\system32\ole32.dll
2008-09-24 19:41:08 ----A---- C:\Windows\system32\msdtcprx.dll
2008-09-24 19:41:07 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2008-09-24 19:41:07 ----A---- C:\Windows\system32\netlogon.dll
2008-09-24 19:41:07 ----A---- C:\Windows\system32\msvcrt.dll
2008-09-24 19:41:06 ----A---- C:\Windows\system32\SSShim.dll
2008-09-24 19:41:06 ----A---- C:\Windows\system32\nlmgp.dll
2008-09-24 19:41:06 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2008-09-24 19:41:06 ----A---- C:\Windows\system32\DfsShlEx.dll
2008-09-24 19:41:05 ----A---- C:\Windows\system32\shlwapi.dll
2008-09-24 19:41:05 ----A---- C:\Windows\system32\sdclt.exe
2008-09-24 19:41:05 ----A---- C:\Windows\system32\schedsvc.dll
2008-09-24 19:41:05 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2008-09-24 19:41:05 ----A---- C:\Windows\system32\milcore.dll
2008-09-24 19:41:05 ----A---- C:\Windows\system32\IasMigPlugin.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\WSDApi.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\wer.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\vdsdyn.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\user32.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\d3d9.dll
2008-09-24 19:41:04 ----A---- C:\Windows\system32\clusapi.dll
2008-09-24 19:41:03 ----A---- C:\Windows\system32\QAGENTRT.DLL
2008-09-24 19:41:03 ----A---- C:\Windows\system32\diagperf.dll
2008-09-24 19:41:02 ----A---- C:\Windows\system32\winrsmgr.dll
2008-09-24 19:41:02 ----A---- C:\Windows\system32\mtxclu.dll
2008-09-24 19:41:02 ----A---- C:\Windows\system32\mmc.exe
2008-09-24 19:41:01 ----A---- C:\Windows\system32\vdsbas.dll
2008-09-24 19:41:01 ----A---- C:\Windows\system32\swprv.dll
2008-09-24 19:41:01 ----A---- C:\Windows\system32\SLC.dll
2008-09-24 19:41:00 ----A---- C:\Windows\system32\msi.dll
2008-09-24 19:41:00 ----A---- C:\Windows\system32\comctl32.dll
2008-09-24 19:40:59 ----A---- C:\Windows\system32\MSVidCtl.dll
2008-09-24 19:40:59 ----A---- C:\Windows\system32\msdtckrm.dll
2008-09-24 19:40:59 ----A---- C:\Windows\system32\gpsvc.dll
2008-09-24 19:40:58 ----A---- C:\Windows\system32\XPSSHHDR.dll
2008-09-24 19:40:58 ----A---- C:\Windows\system32\sbe.dll
2008-09-24 19:40:58 ----A---- C:\Windows\system32\samsrv.dll
2008-09-24 19:40:58 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2008-09-24 19:40:57 ----A---- C:\Windows\system32\wecutil.exe
2008-09-24 19:40:57 ----A---- C:\Windows\system32\usp10.dll
2008-09-24 19:40:57 ----A---- C:\Windows\system32\sdengin2.dll
2008-09-24 19:40:57 ----A---- C:\Windows\system32\mfc42u.dll
2008-09-24 19:40:57 ----A---- C:\Windows\system32\esent.dll
2008-09-24 19:40:56 ----A---- C:\Windows\system32\mfc42.dll
2008-09-24 19:40:56 ----A---- C:\Windows\system32\gacinstall.dll
2008-09-24 19:40:56 ----A---- C:\Windows\system32\cmipnpinstall.dll
2008-09-24 19:40:56 ----A---- C:\Windows\system32\cmicryptinstall.dll
2008-09-24 19:40:55 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2008-09-24 19:40:55 ----A---- C:\Windows\system32\crypt32.dll
2008-09-24 19:40:55 ----A---- C:\Windows\system32\comsvcs.dll
2008-09-24 19:40:54 ----A---- C:\Windows\system32\mswsock.dll
2008-09-24 19:40:54 ----A---- C:\Windows\system32\certutil.exe
2008-09-24 19:40:54 ----A---- C:\Windows\explorer.exe
2008-09-24 19:40:53 ----A---- C:\Windows\system32\wmdrmsdk.dll
2008-09-24 19:40:53 ----A---- C:\Windows\system32\setupapi.dll
2008-09-24 19:40:53 ----A---- C:\Windows\system32\oleaut32.dll
2008-09-24 19:40:53 ----A---- C:\Windows\system32\FirewallAPI.dll
2008-09-24 19:40:52 ----A---- C:\Windows\system32\wecsvc.dll
2008-09-24 19:40:52 ----A---- C:\Windows\system32\sqlceqp30.dll
2008-09-24 19:40:52 ----A---- C:\Windows\system32\sdohlp.dll
2008-09-24 19:40:52 ----A---- C:\Windows\system32\lsm.exe
2008-09-24 19:40:52 ----A---- C:\Windows\system32\bcrypt.dll
2008-09-24 19:40:52 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\thumbcache.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\schannel.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\p2psvc.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\netapi32.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\msv1_0.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2008-09-24 19:40:51 ----A---- C:\Windows\system32\eapp3hst.dll
2008-09-24 19:40:50 ----A---- C:\Windows\system32\wmpmde.dll
2008-09-24 19:40:50 ----A---- C:\Windows\system32\mcmde.dll
2008-09-24 19:40:49 ----A---- C:\Windows\system32\riched20.dll
2008-09-24 19:40:49 ----A---- C:\Windows\system32\autofmt.exe
2008-09-24 19:40:49 ----A---- C:\Windows\system32\autoconv.exe
2008-09-24 19:40:48 ----A---- C:\Windows\system32\WinSAT.exe
2008-09-24 19:40:48 ----A---- C:\Windows\system32\vdsutil.dll
2008-09-24 19:40:48 ----A---- C:\Windows\system32\imapi2fs.dll
2008-09-24 19:40:48 ----A---- C:\Windows\system32\d3d10_1.dll
2008-09-24 19:40:48 ----A---- C:\Windows\system32\autochk.exe
2008-09-24 19:40:48 ----A---- C:\Windows\system32\authui.dll
2008-09-24 19:40:48 ----A---- C:\Windows\system32\authfwcfg.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\wevtapi.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\dmvdsitf.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\d3d10_1core.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\comuid.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\comdlg32.dll
2008-09-24 19:40:47 ----A---- C:\Windows\system32\browseui.dll
2008-09-24 19:40:46 ----A---- C:\Windows\system32\WSDMon.dll
2008-09-24 19:40:46 ----A---- C:\Windows\system32\mscories.dll
2008-09-24 19:40:46 ----A---- C:\Windows\system32\eapphost.dll
2008-09-24 19:40:45 ----A---- C:\Windows\system32\wevtfwd.dll
2008-09-24 19:40:45 ----A---- C:\Windows\system32\uexfat.dll
2008-09-24 19:40:45 ----A---- C:\Windows\system32\rasmans.dll
2008-09-24 19:40:44 ----A---- C:\Windows\system32\untfs.dll
2008-09-24 19:40:44 ----A---- C:\Windows\system32\sqlcese30.dll
2008-09-24 19:40:44 ----A---- C:\Windows\system32\iassam.dll
2008-09-24 19:40:44 ----A---- C:\Windows\system32\eappcfg.dll
2008-09-24 19:40:44 ----A---- C:\Windows\system32\DfrgNtfs.exe
2008-09-24 19:40:43 ----A---- C:\Windows\system32\wlansvc.dll
2008-09-24 19:40:43 ----A---- C:\Windows\system32\whealogr.dll
2008-09-24 19:40:43 ----A---- C:\Windows\system32\pcaui.dll
2008-09-24 19:40:41 ----A---- C:\Windows\system32\dot3svc.dll
2008-09-24 19:40:40 ----A---- C:\Windows\system32\rdpwsx.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\zipfldr.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\winhttp.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\mssha.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\msdrm.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\evr.dll
2008-09-24 19:40:39 ----A---- C:\Windows\system32\dfrgui.exe
2008-09-24 19:40:38 ----A---- C:\Windows\system32\WsmAuto.dll
2008-09-24 19:40:38 ----A---- C:\Windows\system32\rpcss.dll
2008-09-24 19:40:38 ----A---- C:\Windows\system32\rasppp.dll
2008-09-24 19:40:38 ----A---- C:\Windows\system32\nlasvc.dll
2008-09-24 19:40:38 ----A---- C:\Windows\system32\ncrypt.dll
2008-09-24 19:40:38 ----A---- C:\Windows\system32\BFE.DLL
2008-09-24 19:40:37 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-09-24 19:40:37 ----A---- C:\Windows\system32\wmdrmdev.dll
2008-09-24 19:40:37 ----A---- C:\Windows\system32\msrepl40.dll
2008-09-24 19:40:37 ----A---- C:\Windows\system32\audiosrv.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\WsmWmiPl.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\win32spl.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\WebClnt.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\rastls.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\printui.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2008-09-24 19:40:36 ----A---- C:\Windows\system32\ddraw.dll
2008-09-24 19:40:35 ----A---- C:\Windows\system32\themecpl.dll
2008-09-24 19:40:35 ----A---- C:\Windows\system32\QAGENT.DLL
2008-09-24 19:40:35 ----A---- C:\Windows\system32\objsel.dll
2008-09-24 19:40:35 ----A---- C:\Windows\system32\dbghelp.dll
2008-09-24 19:40:34 ----A---- C:\Windows\system32\w32time.dll
2008-09-24 19:40:34 ----A---- C:\Windows\system32\sqlsrv32.dll
2008-09-24 19:40:34 ----A---- C:\Windows\system32\iasnap.dll
2008-09-24 19:40:33 ----A---- C:\Windows\system32\PresentationHost.exe
2008-09-24 19:40:33 ----A---- C:\Windows\system32\ncryptui.dll
2008-09-24 19:40:33 ----A---- C:\Windows\system32\icm32.dll
2008-09-24 19:40:33 ----A---- C:\Windows\system32\azroles.dll
2008-09-24 19:40:32 ----A---- C:\Windows\system32\wmdrmnet.dll
2008-09-24 19:40:32 ----A---- C:\Windows\system32\WerFaultSecure.exe
2008-09-24 19:40:32 ----A---- C:\Windows\system32\spoolss.dll
2008-09-24 19:40:32 ----A---- C:\Windows\system32\iprtrmgr.dll
2008-09-24 19:40:31 ----A---- C:\Windows\system32\msctf.dll
2008-09-24 19:40:31 ----A---- C:\Windows\system32\infocardapi.dll
2008-09-24 19:40:31 ----A---- C:\Windows\system32\basecsp.dll
2008-09-24 19:40:30 ----A---- C:\Windows\system32\wlangpui.dll
2008-09-24 19:40:30 ----A---- C:\Windows\system32\winsrv.dll
2008-09-24 19:40:30 ----A---- C:\Windows\system32\taskschd.dll
2008-09-24 19:40:30 ----A---- C:\Windows\system32\mstlsapi.dll
2008-09-24 19:40:30 ----A---- C:\Windows\system32\bcdedit.exe
2008-09-24 19:40:29 ----A---- C:\Windows\system32\winsta.dll
2008-09-24 19:40:29 ----A---- C:\Windows\system32\scksp.dll
2008-09-24 19:40:29 ----A---- C:\Windows\system32\netprofm.dll
2008-09-24 19:40:29 ----A---- C:\Windows\system32\AudioEng.dll
2008-09-24 19:40:28 ----A---- C:\Windows\system32\netcfgx.dll
2008-09-24 19:40:28 ----A---- C:\Windows\system32\hcrstco.dll
2008-09-24 19:40:28 ----A---- C:\Windows\system32\dbgeng.dll
2008-09-24 19:40:27 ----A---- C:\Windows\system32\rsaenh.dll
2008-09-24 19:40:26 ----A---- C:\Windows\system32\winlogon.exe
2008-09-24 19:40:26 ----A---- C:\Windows\system32\wercon.exe
2008-09-24 19:40:26 ----A---- C:\Windows\system32\taskcomp.dll
2008-09-24 19:40:26 ----A---- C:\Windows\system32\lpksetup.exe
2008-09-24 19:40:26 ----A---- C:\Windows\system32\cdosys.dll
2008-09-24 19:40:25 ----A---- C:\Windows\system32\sqmapi.dll
2008-09-24 19:40:25 ----A---- C:\Windows\system32\dfshim.dll
2008-09-24 19:40:24 ----A---- C:\Windows\system32\wlansec.dll
2008-09-24 19:40:24 ----A---- C:\Windows\system32\msdtcuiu.dll
2008-09-24 19:40:24 ----A---- C:\Windows\system32\mprddm.dll
2008-09-24 19:40:24 ----A---- C:\Windows\system32\certcli.dll
2008-09-24 19:40:24 ----A---- C:\Windows\system32\apds.dll
2008-09-24 19:40:23 ----A---- C:\Windows\system32\tsgqec.dll
2008-09-24 19:40:23 ----A---- C:\Windows\system32\iasrad.dll
2008-09-24 19:40:23 ----A---- C:\Windows\system32\eapsvc.dll
2008-09-24 19:40:23 ----A---- C:\Windows\system32\AUDIOKSE.dll
2008-09-24 19:40:23 ----A---- C:\Windows\system32\aaclient.dll
2008-09-24 19:40:22 ----A---- C:\Windows\system32\shdocvw.dll
2008-09-24 19:40:21 ----A---- C:\Windows\system32\Wldap32.dll
2008-09-24 19:40:21 ----A---- C:\Windows\system32\uDWM.dll
2008-09-24 19:40:21 ----A---- C:\Windows\system32\dnsapi.dll
2008-09-24 19:40:21 ----A---- C:\Windows\system32\certmgr.dll
2008-09-24 19:40:21 ----A---- C:\Windows\system32\bcdsrv.dll
2008-09-24 19:40:20 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-09-24 19:40:20 ----A---- C:\Windows\system32\msidcrl30.dll
2008-09-24 19:40:19 ----A---- C:\Windows\system32\WMVDECOD.DLL
2008-09-24 19:40:19 ----A---- C:\Windows\system32\pla.dll
2008-09-24 19:40:18 ----A---- C:\Windows\system32\netshell.dll
2008-09-24 19:40:18 ----A---- C:\Windows\system32\dxgi.dll
2008-09-24 19:40:18 ----A---- C:\Windows\system32\dot3gpui.dll
2008-09-24 19:40:17 ----A---- C:\Windows\system32\wmicmiplugin.dll
2008-09-24 19:40:17 ----A---- C:\Windows\system32\ntprint.dll
2008-09-24 19:40:17 ----A---- C:\Windows\system32\comsnap.dll
2008-09-24 19:40:16 ----A---- C:\Windows\system32\shsvcs.dll
2008-09-24 19:40:16 ----A---- C:\Windows\system32\MMDevAPI.dll
2008-09-24 19:40:16 ----A---- C:\Windows\system32\cryptnet.dll
2008-09-24 19:40:15 ----A---- C:\Windows\system32\winmm.dll
2008-09-24 19:40:15 ----A---- C:\Windows\system32\services.exe
2008-09-24 19:40:14 ----A---- C:\Windows\system32\wscsvc.dll
2008-09-24 19:40:14 ----A---- C:\Windows\system32\wscisvif.dll
2008-09-24 19:40:14 ----A---- C:\Windows\system32\synceng.dll
2008-09-24 19:40:14 ----A---- C:\Windows\system32\pnidui.dll
2008-09-24 19:40:14 ----A---- C:\Windows\system32\cmifw.dll
2008-09-24 19:40:13 ----A---- C:\Windows\system32\taskeng.exe
2008-09-24 19:40:13 ----A---- C:\Windows\system32\msjtes40.dll
2008-09-24 19:40:13 ----A---- C:\Windows\system32\msconfig.exe
2008-09-24 19:40:13 ----A---- C:\Windows\system32\iassdo.dll
2008-09-24 19:40:13 ----A---- C:\Windows\system32\cipher.exe
2008-09-24 19:40:12 ----A---- C:\Windows\system32\WMVSDECD.DLL
2008-09-24 19:40:12 ----A---- C:\Windows\system32\imapi2.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\wersvc.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\uxtheme.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\tdh.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\SessEnv.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\rasapi32.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\dot3api.dll
2008-09-24 19:40:11 ----A---- C:\Windows\system32\dmdskmgr.dll
2008-09-24 19:40:10 ----A---- C:\Windows\system32\wkssvc.dll
2008-09-24 19:40:10 ----A---- C:\Windows\system32\qdvd.dll
2008-09-24 19:40:10 ----A---- C:\Windows\system32\msscp.dll
2008-09-24 19:40:10 ----A---- C:\Windows\system32\cmd.exe
2008-09-24 19:40:10 ----A---- C:\Windows\system32\cbsra.exe
2008-09-24 19:40:10 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2008-09-24 19:40:09 ----A---- C:\Windows\system32\wlanmsm.dll
2008-09-24 19:40:09 ----A---- C:\Windows\system32\wlancfg.dll
2008-09-24 19:40:09 ----A---- C:\Windows\system32\wevtutil.exe
2008-09-24 19:40:09 ----A---- C:\Windows\system32\srvsvc.dll
2008-09-24 19:40:09 ----A---- C:\Windows\system32\loadperf.dll
2008-09-24 19:40:08 ----A---- C:\Windows\system32\WUDFx.dll
2008-09-24 19:40:08 ----A---- C:\Windows\system32\mshtmled.dll
2008-09-24 19:40:08 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2008-09-24 19:40:08 ----A---- C:\Windows\system32\diskpart.exe
2008-09-24 19:40:08 ----A---- C:\Windows\system32\comres.dll
2008-09-24 19:40:07 ----A---- C:\Windows\system32\rpchttp.dll
2008-09-24 19:40:07 ----A---- C:\Windows\system32\rdpdd.dll
2008-09-24 19:40:07 ----A---- C:\Windows\system32\localsec.dll
2008-09-24 19:40:07 ----A---- C:\Windows\system32\fontext.dll
2008-09-24 19:40:06 ----A---- C:\Windows\system32\wlanapi.dll
2008-09-24 19:40:06 ----A---- C:\Windows\system32\hnetcfg.dll
2008-09-24 19:40:05 ----A---- C:\Windows\system32\wsqmcons.exe
2008-09-24 19:40:05 ----A---- C:\Windows\system32\WMADMOD.DLL
2008-09-24 19:40:05 ----A---- C:\Windows\system32\WinSATAPI.dll
2008-09-24 19:40:05 ----A---- C:\Windows\system32\dsound.dll
2008-09-24 19:40:04 ----A---- C:\Windows\system32\wlanpref.dll
2008-09-24 19:40:04 ----A---- C:\Windows\system32\NAPMONTR.DLL
2008-09-24 19:40:04 ----A---- C:\Windows\system32\avifil32.dll
2008-09-24 19:40:03 ----A---- C:\Windows\system32\RDPENCDD.dll
2008-09-24 19:40:03 ----A---- C:\Windows\system32\profprov.dll
2008-09-24 19:40:03 ----A---- C:\Windows\system32\filemgmt.dll
2008-09-24 19:40:02 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-09-24 19:40:02 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2008-09-24 19:40:02 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-09-24 19:40:01 ----A---- C:\Windows\system32\wsecedit.dll
2008-09-24 19:40:01 ----A---- C:\Windows\system32\tracerpt.exe
2008-09-24 19:40:01 ----A---- C:\Windows\system32\SLCommDlg.dll
2008-09-24 19:40:01 ----A---- C:\Windows\system32\MuiUnattend.exe
2008-09-24 19:40:01 ----A---- C:\Windows\system32\dhcpcsvc.dll
2008-09-24 19:40:00 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2008-09-24 19:40:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2008-09-24 19:40:00 ----A---- C:\Windows\system32\P2PGraph.dll
2008-09-24 19:40:00 ----A---- C:\Windows\system32\dwmredir.dll
2008-09-24 19:40:00 ----A---- C:\Windows\system32\dwm.exe
2008-09-24 19:40:00 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2008-09-24 19:40:00 ----A---- C:\Windows\system32\apphelp.dll
2008-09-24 19:39:59 ----A---- C:\Windows\system32\wininit.exe
2008-09-24 19:39:59 ----A---- C:\Windows\system32\spp.dll
2008-09-24 19:39:59 ----A---- C:\Windows\system32\rasdlg.dll
2008-09-24 19:39:59 ----A---- C:\Windows\system32\QSHVHOST.DLL
2008-09-24 19:39:59 ----A---- C:\Windows\system32\iassvcs.dll
2008-09-24 19:39:59 ----A---- C:\Windows\system32\gpresult.exe
2008-09-24 19:39:59 ----A---- C:\Windows\system32\azroleui.dll
2008-09-24 19:39:58 ----A---- C:\Windows\system32\mscorier.dll
2008-09-24 19:39:58 ----A---- C:\Windows\system32\iashost.exe
2008-09-24 19:39:58 ----A---- C:\Windows\HelpPane.exe
2008-09-24 19:39:57 ----A---- C:\Windows\system32\spwizeng.dll
2008-09-24 19:39:57 ----A---- C:\Windows\system32\SLUI.exe
2008-09-24 19:39:57 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-09-24 19:39:57 ----A---- C:\Windows\system32\mcbuilder.exe
2008-09-24 19:39:56 ----A---- C:\Windows\system32\wecapi.dll
2008-09-24 19:39:56 ----A---- C:\Windows\system32\srrstr.dll
2008-09-24 19:39:56 ----A---- C:\Windows\system32\rasmontr.dll
2008-09-24 19:39:56 ----A---- C:\Windows\system32\msra.exe
2008-09-24 19:39:56 ----A---- C:\Windows\system32\lltdsvc.dll
2008-09-24 19:39:55 ----A---- C:\Windows\system32\unbcl.dll
2008-09-24 19:39:55 ----A---- C:\Windows\system32\tcpmon.dll
2008-09-24 19:39:55 ----A---- C:\Windows\system32\shrink.dll
2008-09-24 19:39:55 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2008-09-24 19:39:55 ----A---- C:\Windows\system32\brcpl.dll
2008-09-24 19:39:54 ----A---- C:\Windows\system32\WMPEncEn.dll
2008-09-24 19:39:54 ----A---- C:\Windows\system32\oleacc.dll
2008-09-24 19:39:54 ----A---- C:\Windows\system32\msdri.dll
2008-09-24 19:39:54 ----A---- C:\Windows\system32\iashlpr.dll
2008-09-24 19:39:54 ----A---- C:\Windows\system32\gpedit.dll
2008-09-24 19:39:52 ----A---- C:\Windows\system32\regsvc.dll
2008-09-24 19:39:52 ----A---- C:\Windows\system32\raschap.dll
2008-09-24 19:39:52 ----A---- C:\Windows\system32\framedynos.dll
2008-09-24 19:39:52 ----A---- C:\Windows\system32\advpack.dll
2008-09-24 19:39:51 ----A---- C:\Windows\system32\vsstrace.dll
2008-09-24 19:39:51 ----A---- C:\Windows\system32\ntvdm.exe
2008-09-24 19:39:51 ----A---- C:\Windows\system32\ipsmsnap.dll
2008-09-24 19:39:51 ----A---- C:\Windows\system32\fdWSD.dll
2008-09-24 19:39:51 ----A---- C:\Windows\system32\Faultrep.dll
2008-09-24 19:39:50 ----A---- C:\Windows\system32\wpdshext.dll
2008-09-24 19:39:50 ----A---- C:\Windows\system32\wdc.dll
2008-09-24 19:39:50 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2008-09-24 19:39:50 ----A---- C:\Windows\system32\ntlanman.dll
2008-09-24 19:39:49 ----A---- C:\Windows\system32\Storprop.dll
2008-09-24 19:39:49 ----A---- C:\Windows\system32\NetProjW.dll
2008-09-24 19:39:49 ----A---- C:\Windows\system32\netman.dll
2008-09-24 19:39:49 ----A---- C:\Windows\system32\l2nacp.dll
2008-09-24 19:39:49 ----A---- C:\Windows\system32\iedkcs32.dll
2008-09-24 19:39:48 ----A---- C:\Windows\system32\ieapfltr.dll
2008-09-24 19:39:48 ----A---- C:\Windows\system32\framedyn.dll
2008-09-24 19:39:48 ----A---- C:\Windows\system32\dssenh.dll
2008-09-24 19:39:47 ----A---- C:\Windows\system32\WlanMM.dll
2008-09-24 19:39:47 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-09-24 19:39:47 ----A---- C:\Windows\system32\profsvc.dll
2008-09-24 19:39:47 ----A---- C:\Windows\system32\certreq.exe
2008-09-24 19:39:47 ----A---- C:\Windows\system32\adsnt.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\WsmProv.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\wlanhlp.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\WLanConn.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\sxs.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-09-24 19:39:46 ----A---- C:\Windows\system32\KMSVC.DLL
2008-09-24 19:39:45 ----A---- C:\Windows\system32\wusa.exe
2008-09-24 19:39:45 ----A---- C:\Windows\system32\WUDFHost.exe
2008-09-24 19:39:45 ----A---- C:\Windows\system32\VAN.dll
2008-09-24 19:39:45 ----A---- C:\Windows\system32\userenv.dll
2008-09-24 19:39:45 ----A---- C:\Windows\system32\umb.dll
2008-09-24 19:39:45 ----A---- C:\Windows\system32\ncsi.dll
2008-09-24 19:39:45 ----A---- C:\Windows\system32\IPBusEnum.dll
2008-09-24 19:39:44 ----A---- C:\Windows\system32\WerFault.exe
2008-09-24 19:39:44 ----A---- C:\Windows\system32\ie4uinit.exe
2008-09-24 19:39:44 ----A---- C:\Windows\system32\fundisc.dll
2008-09-24 19:39:43 ----A---- C:\Windows\system32\puiobj.dll
2008-09-24 19:39:43 ----A---- C:\Windows\system32\cryptui.dll
2008-09-24 19:39:43 ----A---- C:\Windows\system32\catsrvut.dll
2008-09-24 19:39:42 ----A---- C:\Windows\system32\photowiz.dll
2008-09-24 19:39:42 ----A---- C:\Windows\system32\netid.dll
2008-09-24 19:39:42 ----A---- C:\Windows\system32\netcenter.dll
2008-09-24 19:39:42 ----A---- C:\Windows\system32\MdSched.exe
2008-09-24 19:39:42 ----A---- C:\Windows\system32\InkEd.dll
2008-09-24 19:39:42 ----A---- C:\Windows\system32\dps.dll
2008-09-24 19:39:41 ----A---- C:\Windows\system32\ipsecsnp.dll
2008-09-24 19:39:40 ----A---- C:\Windows\system32\ws2_32.dll
2008-09-24 19:39:40 ----A---- C:\Windows\system32\WinSCard.dll
2008-09-24 19:39:40 ----A---- C:\Windows\system32\tcpmon.ini
2008-09-24 19:39:40 ----A---- C:\Windows\system32\spbcd.dll
2008-09-24 19:39:40 ----A---- C:\Windows\system32\msinfo32.exe
2008-09-24 19:39:39 ----A---- C:\Windows\system32\winrs.exe
2008-09-24 19:39:39 ----A---- C:\Windows\system32\secur32.dll
2008-09-24 19:39:39 ----A---- C:\Windows\system32\odbcjt32.dll
2008-09-24 19:39:39 ----A---- C:\Windows\system32\ntdsapi.dll
2008-09-24 19:39:39 ----A---- C:\Windows\system32\NAPSTAT.EXE
2008-09-24 19:39:38 ----A---- C:\Windows\system32\prnntfy.dll
2008-09-24 19:39:38 ----A---- C:\Windows\system32\mblctr.exe
2008-09-24 19:39:37 ----A---- C:\Windows\system32\cryptsvc.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\schtasks.exe
2008-09-24 19:39:36 ----A---- C:\Windows\system32\RelMon.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\pdh.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\msfeeds.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\iasacct.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\dmdlgs.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\dhcpsapi.dll
2008-09-24 19:39:36 ----A---- C:\Windows\system32\activeds.dll
2008-09-24 19:39:35 ----A---- C:\Windows\system32\netdiagfx.dll
2008-09-24 19:39:35 ----A---- C:\Windows\system32\catsrv.dll
2008-09-24 19:39:34 ----A---- C:\Windows\system32\TSpkg.dll
2008-09-24 19:39:34 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2008-09-24 19:39:34 ----A---- C:\Windows\system32\fdWCN.dll
2008-09-24 19:39:34 ----A---- C:\Windows\system32\dfrgfat.exe
2008-09-24 19:39:33 ----A---- C:\Windows\system32\wvc.dll
2008-09-24 19:39:33 ----A---- C:\Windows\system32\winrm.vbs
2008-09-24 19:39:33 ----A---- C:\Windows\system32\qwave.dll
2008-09-24 19:39:33 ----A---- C:\Windows\system32\dot3msm.dll
2008-09-24 19:39:33 ----A---- C:\Windows\system32\AudioSes.dll
2008-09-24 19:39:32 ----A---- C:\Windows\system32\netcorehc.dll
2008-09-24 19:39:32 ----A---- C:\Windows\system32\NAPHLPR.DLL
2008-09-24 19:39:32 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2008-09-24 19:39:32 ----A---- C:\Windows\system32\ifmon.dll
2008-09-24 19:39:32 ----A---- C:\Windows\system32\dot3cfg.dll
2008-09-24 19:39:31 ----A---- C:\Windows\system32\rastapi.dll
2008-09-24 19:39:31 ----A---- C:\Windows\system32\msacm32.dll
2008-09-24 19:39:30 ----A---- C:\Windows\system32\wow32.dll
2008-09-24 19:39:30 ----A---- C:\Windows\system32\shsetup.dll
2008-09-24 19:39:30 ----A---- C:\Windows\system32\adsldp.dll
2008-09-24 19:39:28 ----A---- C:\Windows\system32\ntshrui.dll
2008-09-24 19:39:28 ----A---- C:\Windows\system32\msdt.dll
2008-09-24 19:39:28 ----A---- C:\Windows\system32\els.dll
2008-09-24 19:39:27 ----A---- C:\Windows\system32\wscntfy.dll
2008-09-24 19:39:27 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-09-24 19:39:27 ----A---- C:\Windows\system32\QUTIL.DLL
2008-09-24 19:39:27 ----A---- C:\Windows\system32\iasrecst.dll
2008-09-24 19:39:27 ----A---- C:\Windows\system32\iasdatastore.dll
2008-09-24 19:39:27 ----A---- C:\Windows\system32\clbcatq.dll
2008-09-24 19:39:26 ----A---- C:\Windows\system32\stobject.dll
2008-09-24 19:39:26 ----A---- C:\Windows\system32\sdrsvc.dll
2008-09-24 19:39:26 ----A---- C:\Windows\system32\net1.exe
2008-09-24 19:39:26 ----A---- C:\Windows\system32\ipnathlp.dll
2008-09-24 19:39:26 ----A---- C:\Windows\system32\fdSSDP.dll
2008-09-24 19:39:25 ----A---- C:\Windows\system32\dsprop.dll
2008-09-24 19:39:24 ----A---- C:\Windows\system32\wlgpclnt.dll
2008-09-24 19:39:24 ----A---- C:\Windows\system32\wlanui.dll
2008-09-24 19:39:24 ----A---- C:\Windows\system32\smss.exe
2008-09-24 19:39:24 ----A---- C:\Windows\system32\nci.dll
2008-09-24 19:39:24 ----A---- C:\Windows\system32\Defrag.exe
2008-09-24 19:39:24 ----A---- C:\Windows\system32\adsldpc.dll
2008-09-24 19:39:23 ----A---- C:\Windows\system32\upnphost.dll
2008-09-24 19:39:23 ----A---- C:\Windows\system32\systemcpl.dll
2008-09-24 19:39:23 ----A---- C:\Windows\system32\mprmsg.dll
2008-09-24 19:39:22 ----A---- C:\Windows\system32\rasman.dll
2008-09-24 19:39:22 ----A---- C:\Windows\system32\P2P.dll
2008-09-24 19:39:22 ----A---- C:\Windows\system32\msftedit.dll
2008-09-24 19:39:22 ----A---- C:\Windows\system32\CompatUI.dll
2008-09-24 19:39:22 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\t2embed.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\rascfg.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\PresentationSettings.exe
2008-09-24 19:39:21 ----A---- C:\Windows\system32\oleprn.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2008-09-24 19:39:21 ----A---- C:\Windows\system32\loghours.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\L2SecHC.dll
2008-09-24 19:39:21 ----A---- C:\Windows\system32\fde.dll
2008-09-24 19:39:20 ----A---- C:\Windows\system32\Wpc.dll
2008-09-24 19:39:20 ----A---- C:\Windows\system32\MigAutoPlay.exe
2008-09-24 19:39:20 ----A---- C:\Windows\system32\dxdiag.exe
2008-09-24 19:39:20 ----A---- C:\Windows\system32\DFDWiz.exe
2008-09-24 19:39:19 ----A---- C:\Windows\system32\wdigest.dll
2008-09-24 19:39:19 ----A---- C:\Windows\system32\setupcl.exe
2008-09-24 19:39:19 ----A---- C:\Windows\system32\mprdim.dll
2008-09-24 19:39:19 ----A---- C:\Windows\system32\gpapi.dll
2008-09-24 19:39:19 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2008-09-24 19:39:18 ----A---- C:\Windows\system32\msutb.dll
2008-09-24 19:39:17 ----A---- C:\Windows\system32\scansetting.dll
2008-09-24 19:39:17 ----A---- C:\Windows\system32\rtm.dll
2008-09-24 19:39:17 ----A---- C:\Windows\system32\devmgr.dll
2008-09-24 19:39:16 ----A---- C:\Windows\system32\wiaservc.dll
2008-09-24 19:39:16 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2008-09-24 19:39:15 ----A---- C:\Windows\system32\msihnd.dll
2008-09-24 19:39:15 ----A---- C:\Windows\system32\CertEnrollUI.dll
2008-09-24 19:39:14 ----A---- C:\Windows\system32\ifsutil.dll
2008-09-24 19:39:14 ----A---- C:\Windows\system32\dimsroam.dll
2008-09-24 19:39:14 ----A---- C:\Windows\system32\actxprxy.dll
2008-09-24 19:39:13 ----A---- C:\Windows\system32\wscapi.dll
2008-09-24 19:39:13 ----A---- C:\Windows\system32\wdi.dll
2008-09-24 19:39:13 ----A---- C:\Windows\system32\mswmdm.dll
2008-09-24 19:39:13 ----A---- C:\Windows\system32\kdusb.dll
2008-09-24 19:39:12 ----A---- C:\Windows\system32\WinFXDocObj.exe
2008-09-24 19:39:12 ----A---- C:\Windows\system32\usbmon.dll
2008-09-24 19:39:12 ----A---- C:\Windows\system32\SyncCenter.dll
2008-09-24 19:39:12 ----A---- C:\Windows\system32\spoolsv.exe
2008-09-24 19:39:12 ----A---- C:\Windows\system32\imagehlp.dll
2008-09-24 19:39:12 ----A---- C:\Windows\system32\BOOTVID.DLL
2008-09-24 19:39:12 ----A---- C:\Windows\system32\audiodg.exe
2008-09-24 19:39:11 ----A---- C:\Windows\system32\wlandlg.dll
2008-09-24 19:39:11 ----A---- C:\Windows\system32\vssadmin.exe
2008-09-24 19:39:11 ----A---- C:\Windows\system32\regapi.dll
2008-09-24 19:39:11 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2008-09-24 19:39:11 ----A---- C:\Windows\system32\mycomput.dll
2008-09-24 19:39:11 ----A---- C:\Windows\system32\msls31.dll
2008-09-24 19:39:10 ----A---- C:\Windows\system32\uudf.dll
2008-09-24 19:39:10 ----A---- C:\Windows\system32\scecli.dll
2008-09-24 19:39:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-09-24 19:39:09 ----A---- C:\Windows\system32\SCardSvr.dll
2008-09-24 19:39:09 ----A---- C:\Windows\system32\newdev.dll
2008-09-24 19:39:09 ----A---- C:\Windows\system32\mspaint.exe
2008-09-24 19:39:09 ----A---- C:\Windows\system32\kdcom.dll
2008-09-24 19:39:08 ----A---- C:\Windows\system32\sud.dll
2008-09-24 19:39:08 ----A---- C:\Windows\system32\samlib.dll
2008-09-24 19:39:08 ----A---- C:\Windows\system32\puiapi.dll
2008-09-24 19:39:08 ----A---- C:\Windows\system32\mstask.dll
2008-09-24 19:39:07 ----A---- C:\Windows\system32\termmgr.dll
2008-09-24 19:39:07 ----A---- C:\Windows\system32\ssdpsrv.dll
2008-09-24 19:39:07 ----A---- C:\Windows\system32\mtxoci.dll
2008-09-24 19:39:07 ----A---- C:\Windows\system32\duser.dll
2008-09-24 19:39:07 ----A---- C:\Windows\system32\adtschema.dll
2008-09-24 19:39:06 ----A---- C:\Windows\system32\tapisrv.dll
2008-09-24 19:39:06 ----A---- C:\Windows\system32\input.dll
2008-09-24 19:39:06 ----A---- C:\Windows\system32\inetpp.dll
2008-09-24 19:39:06 ----A---- C:\Windows\system32\cic.dll
2008-09-24 19:39:05 ----A---- C:\Windows\system32\SLUINotify.dll
2008-09-24 19:39:05 ----A---- C:\Windows\system32\Robocopy.exe
2008-09-24 19:39:05 ----A---- C:\Windows\system32\AzSqlExt.dll
2008-09-24 19:39:04 ----A---- C:\Windows\system32\wisptis.exe
2008-09-24 19:39:04 ----A---- C:\Windows\system32\iasads.dll
2008-09-24 19:39:04 ----A---- C:\Windows\system32\cscapi.dll
2008-09-24 19:39:03 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-09-24 19:39:03 ----A---- C:\Windows\system32\netiohlp.dll
2008-09-24 19:39:03 ----A---- C:\Windows\system32\authz.dll
2008-09-24 19:39:02 ----A---- C:\Windows\system32\WUDFPlatform.dll
2008-09-24 19:39:02 ----A---- C:\Windows\system32\sdshext.dll
2008-09-24 19:39:01 ----A---- C:\Windows\system32\webcheck.dll
2008-09-24 19:39:01 ----A---- C:\Windows\system32\verifier.exe
2008-09-24 19:39:01 ----A---- C:\Windows\system32\msdtclog.dll
2008-09-24 19:39:01 ----A---- C:\Windows\system32\msdt.exe
2008-09-24 19:39:01 ----A---- C:\Windows\system32\d3d8.dll
2008-09-24 19:39:01 ----A---- C:\Windows\system32\cmdial32.dll
2008-09-24 19:39:00 ----A---- C:\Windows\system32\wpcsvc.dll
2008-09-24 19:39:00 ----A---- C:\Windows\system32\themeui.dll
2008-09-24 19:39:00 ----A---- C:\Windows\system32\slcinst.dll
2008-09-24 19:39:00 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-09-24 19:38:59 ----A---- C:\Windows\system32\wintrust.dll
2008-09-24 19:38:59 ----A---- C:\Windows\system32\oledlg.dll
2008-09-24 19:38:59 ----A---- C:\Windows\system32\dxtmsft.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\wpccpl.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\vdsldr.exe
2008-09-24 19:38:58 ----A---- C:\Windows\system32\SndVol.exe
2008-09-24 19:38:58 ----A---- C:\Windows\system32\rasgcw.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\ntmarta.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\mmcbase.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\icardie.dll
2008-09-24 19:38:58 ----A---- C:\Windows\system32\clfsw32.dll
2008-09-24 19:38:57 ----A---- C:\Windows\system32\WMPhoto.dll
2008-09-24 19:38:57 ----A---- C:\Windows\system32\SnippingTool.exe
2008-09-24 19:38:57 ----A---- C:\Windows\system32\pnpsetup.dll
2008-09-24 19:38:57 ----A---- C:\Windows\system32\mlang.dll
2008-09-24 19:38:57 ----A---- C:\Windows\system32\icfupgd.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\rasqec.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\ncobjapi.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\msrd3x40.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\msaatext.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\mpr.dll
2008-09-24 19:38:56 ----A---- C:\Windows\system32\diskraid.exe
2008-09-24 19:38:55 ----A---- C:\Windows\system32\wtsapi32.dll
2008-09-24 19:38:55 ----A---- C:\Windows\system32\wpd_ci.dll
2008-09-24 19:38:55 ----A---- C:\Windows\system32\syssetup.dll
2008-09-24 19:38:55 ----A---- C:\Windows\system32\slmgr.vbs
2008-09-24 19:38:55 ----A---- C:\Windows\system32\nslookup.exe
2008-09-24 19:38:55 ----A---- C:\Windows\system32\accessibilitycpl.dll
2008-09-24 19:38:54 ----A---- C:\Windows\system32\unlodctr.exe
2008-09-24 19:38:54 ----A---- C:\Windows\system32\pnpui.dll
2008-09-24 19:38:54 ----A---- C:\Windows\system32\mscms.dll
2008-09-24 19:38:54 ----A---- C:\Windows\system32\lodctr.exe
2008-09-24 19:38:54 ----A---- C:\Windows\system32\iaspolcy.dll
2008-09-24 19:38:54 ----A---- C:\Windows\system32\extmgr.dll
2008-09-24 19:38:53 ----A---- C:\Windows\system32\ulib.dll
2008-09-24 19:38:53 ----A---- C:\Windows\system32\sethc.exe
2008-09-24 19:38:53 ----A---- C:\Windows\system32\fontsub.dll
2008-09-24 19:38:53 ----A---- C:\Windows\system32\dxdiagn.dll
2008-09-24 19:38:53 ----A---- C:\Windows\system32\cabinet.dll
2008-09-24 19:38:52 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2008-09-24 19:38:52 ----A---- C:\Windows\system32\Utilman.exe
2008-09-24 19:38:52 ----A---- C:\Windows\system32\trkwks.dll
2008-09-24 19:38:52 ----A---- C:\Windows\system32\scesrv.dll
2008-09-24 19:38:52 ----A---- C:\Windows\system32\oobefldr.dll
2008-09-24 19:38:52 ----A---- C:\Windows\system32\Mcx2Svc.dll
2008-09-24 19:38:51 ----A---- C:\Windows\system32\unattend.dll
2008-09-24 19:38:51 ----A---- C:\Windows\system32\ogldrv.dll
2008-09-24 19:38:51 ----A---- C:\Windows\system32\occache.dll
2008-09-24 19:38:51 ----A---- C:\Windows\system32\lnkstub.exe
2008-09-24 19:38:50 ----A---- C:\Windows\system32\wermgr.exe
2008-09-24 19:38:50 ----A---- C:\Windows\system32\dfdts.dll
2008-09-24 19:38:50 ----A---- C:\Windows\system32\cabview.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\wpcao.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\p2pcollab.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\msnetobj.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\iepeers.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\eappgnui.dll
2008-09-24 19:38:49 ----A---- C:\Windows\system32\bthci.dll
2008-09-24 19:38:48 ----A---- C:\Windows\system32\ieaksie.dll
2008-09-24 19:38:48 ----A---- C:\Windows\system32\drvinst.exe
2008-09-24 19:38:48 ----A---- C:\Windows\system32\DHCPQEC.DLL
2008-09-24 19:38:48 ----A---- C:\Windows\system32\basesrv.dll
2008-09-24 19:38:47 ----A---- C:\Windows\system32\dispdiag.exe
2008-09-24 19:38:46 ----A---- C:\Windows\system32\mmcss.dll
2008-09-24 19:38:46 ----A---- C:\Windows\system32\dsquery.dll
2008-09-24 19:38:45 ----A---- C:\Windows\system32\verifier.dll
2008-09-24 19:38:45 ----A---- C:\Windows\system32\RstrtMgr.dll
2008-09-24 19:38:44 ----A---- C:\Windows\system32\efsadu.dll
2008-09-24 19:38:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2008-09-24 19:38:43 ----A---- C:\Windows\system32\secproc_ssp.dll
2008-09-24 19:38:43 ----A---- C:\Windows\system32\qedit.dll
2008-09-24 19:38:43 ----A---- C:\Windows\system32\mprapi.dll
2008-09-24 19:38:42 ----A---- C:\Windows\system32\WPDSp.dll
2008-09-24 19:38:42 ----A---- C:\Windows\system32\WMVENCOD.DLL
2008-09-24 19:38:42 ----A---- C:\Windows\system32\wercplsupport.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\wiascanprofiles.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\setupugc.exe
2008-09-24 19:38:41 ----A---- C:\Windows\system32\networkmap.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\msoeacct.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\iscsiexe.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\icacls.exe
2008-09-24 19:38:41 ----A---- C:\Windows\system32\d3d10core.dll
2008-09-24 19:38:41 ----A---- C:\Windows\system32\consent.exe
2008-09-24 19:38:40 ----A---- C:\Windows\system32\wiaaut.dll
2008-09-24 19:38:40 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2008-09-24 19:38:40 ----A---- C:\Windows\system32\pnrpnsp.dll
2008-09-24 19:38:40 ----A---- C:\Windows\system32\pngfilt.dll
2008-09-24 19:38:40 ----A---- C:\Windows\system32\p2pnetsh.dll
2008-09-24 19:38:40 ----A---- C:\Windows\system32\msdmo.dll
2008-09-24 19:38:39 ----A---- C:\Windows\system32\usercpl.dll
2008-09-24 19:38:39 ----A---- C:\Windows\system32\msrdc.dll
2008-09-24 19:38:39 ----A---- C:\Windows\system32\conime.exe
2008-09-24 19:38:38 ----A---- C:\Windows\system32\xactsrv.dll
2008-09-24 19:38:38 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2008-09-24 19:38:38 ----A---- C:\Windows\system32\PNPXAssoc.dll
2008-09-24 19:38:38 ----A---- C:\Windows\system32\lsass.exe
2008-09-24 19:38:38 ----A---- C:\Windows\system32\autoplay.dll
2008-09-24 19:38:36 ----A---- C:\Windows\system32\eappprxy.dll
2008-09-24 19:38:36 ----A---- C:\Windows\system32\drmmgrtn.dll
2008-09-24 19:38:35 ----A---- C:\Windows\system32\systeminfo.exe
2008-09-24 19:38:35 ----A---- C:\Windows\system32\pcadm.dll
2008-09-24 19:38:35 ----A---- C:\Windows\system32\netcfg.exe
2008-09-24 19:38:35 ----A---- C:\Windows\system32\lpk.dll
2008-09-24 19:38:35 ----A---- C:\Windows\system32\findstr.exe
2008-09-24 19:38:35 ----A---- C:\Windows\system32\dpapimig.exe
2008-09-24 19:38:34 ----A---- C:\Windows\system32\xwizards.dll
2008-09-24 19:38:34 ----A---- C:\Windows\system32\msrating.dll
2008-09-24 19:38:34 ----A---- C:\Windows\system32\mfplat.dll
2008-09-24 19:38:34 ----A---- C:\Windows\system32\cmdl32.exe
2008-09-24 19:38:33 ----A---- C:\Windows\system32\resutils.dll
2008-09-24 19:38:33 ----A---- C:\Windows\system32\DWWIN.EXE
2008-09-24 19:38:33 ----A---- C:\Windows\system32\alg.exe
2008-09-24 19:38:32 ----A---- C:\Windows\system32\powercpl.dll
2008-09-24 19:38:32 ----A---- C:\Windows\system32\netprof.dll
2008-09-24 19:38:32 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2008-09-24 19:38:32 ----A---- C:\Windows\system32\dssec.dll
2008-09-24 19:38:32 ----A---- C:\Windows\system32\dot3ui.dll
2008-09-24 19:38:32 ----A---- C:\Windows\system32\dfrgifc.exe
2008-09-24 19:38:32 ----A---- C:\Windows\system32\dbnetlib.dll
2008-09-24 19:38:31 ----A---- C:\Windows\system32\odbc32.dll
2008-09-24 19:38:31 ----A---- C:\Windows\system32\nshhttp.dll
2008-09-24 19:38:31 ----A---- C:\Windows\system32\imm32.dll
2008-09-24 19:38:31 ----A---- C:\Windows\system32\btpanui.dll
2008-09-24 19:38:31 ----A---- C:\Windows\regedit.exe
2008-09-24 19:38:30 ----A---- C:\Windows\system32\txflog.dll
2008-09-24 19:38:30 ----A---- C:\Windows\system32\feclient.dll
2008-09-24 19:38:30 ----A---- C:\Windows\system32\apircl.dll
2008-09-24 19:38:29 ----A---- C:\Windows\system32\tbssvc.dll
2008-09-24 19:38:29 ----A---- C:\Windows\system32\taskkill.exe
2008-09-24 19:38:29 ----A---- C:\Windows\system32\iexpress.exe
2008-09-24 19:38:29 ----A---- C:\Windows\system32\dxva2.dll
2008-09-24 19:38:29 ----A---- C:\Windows\system32\dwmapi.dll
2008-09-24 19:38:29 ----A---- C:\Windows\system32\bcdprov.dll
2008-09-24 19:38:28 ----A---- C:\Windows\system32\RASMM.dll
2008-09-24 19:38:28 ----A---- C:\Windows\system32\msieftp.dll
2008-09-24 19:38:28 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-09-24 19:38:28 ----A---- C:\Windows\system32\d3d10.dll
2008-09-24 19:38:28 ----A---- C:\Windows\system32\ActionQueue.dll
2008-09-24 19:38:27 ----A---- C:\Windows\system32\svchost.exe
2008-09-24 19:38:27 ----A---- C:\Windows\system32\slwmi.dll
2008-09-24 19:38:27 ----A---- C:\Windows\system32\shwebsvc.dll
2008-09-24 19:38:27 ----A---- C:\Windows\system32\provthrd.dll
2008-09-24 19:38:27 ----A---- C:\Windows\system32\EAPQEC.DLL
2008-09-24 19:38:27 ----A---- C:\Windows\system32\dmocx.dll
2008-09-24 19:38:26 ----A---- C:\Windows\system32\syncui.dll
2008-09-24 19:38:26 ----A---- C:\Windows\system32\SLCExt.dll
2008-09-24 19:38:26 ----A---- C:\Windows\system32\slcc.dll
2008-09-24 19:38:25 ----A---- C:\Windows\system32\networkexplorer.dll
2008-09-24 19:38:25 ----A---- C:\Windows\system32\aclui.dll
2008-09-24 19:38:24 ----A---- C:\Windows\system32\WMASF.DLL
2008-09-24 19:38:24 ----A---- C:\Windows\system32\raserver.exe
2008-09-24 19:38:24 ----A---- C:\Windows\system32\PnPUnattend.exe
2008-09-24 19:38:24 ----A---- C:\Windows\system32\olepro32.dll
2008-09-24 19:38:24 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-09-24 19:38:24 ----A---- C:\Windows\system32\connect.dll
2008-09-24 19:38:24 ----A---- C:\Windows\system32\brcplsdw.dll
2008-09-24 19:38:23 ----A---- C:\Windows\system32\audiodev.dll
2008-09-24 19:38:22 ----A---- C:\Windows\system32\xcopy.exe
2008-09-24 19:38:22 ----A---- C:\Windows\system32\uxsms.dll
2008-09-24 19:38:22 ----A---- C:\Windows\system32\UIHub.dll
2008-09-24 19:38:22 ----A---- C:\Windows\system32\taskmgr.exe
2008-09-24 19:38:22 ----A---- C:\Windows\system32\ias.dll
2008-09-24 19:38:21 ----A---- C:\Windows\system32\upnp.dll
2008-09-24 19:38:21 ----A---- C:\Windows\system32\reg.exe
2008-09-24 19:38:21 ----A---- C:\Windows\system32\QCLIPROV.DLL
2008-09-24 19:38:21 ----A---- C:\Windows\system32\msoert2.dll
2008-09-24 19:38:21 ----A---- C:\Windows\system32\icsfiltr.dll
2008-09-24 19:38:21 ----A---- C:\Windows\system32\cmstp.exe
2008-09-24 19:38:21 ----A---- C:\Windows\system32\atl.dll
2008-09-24 19:38:21 ----A---- C:\Windows\system32\appinfo.dll
2008-09-24 19:38:20 ----A---- C:\Windows\system32\NapiNSP.dll
2008-09-24 19:38:20 ----A---- C:\Windows\system32\msjetoledb40.dll
2008-09-24 19:38:20 ----A---- C:\Windows\system32\mountvol.exe
2008-09-24 19:38:20 ----A---- C:\Windows\system32\mmcshext.dll
2008-09-24 19:38:19 ----A---- C:\Windows\system32\wlanext.exe
2008-09-24 19:38:19 ----A---- C:\Windows\system32\browser.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\wmpdxm.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\perfts.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\netplwiz.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\inetmib1.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\dskquoui.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\certprop.dll
2008-09-24 19:38:18 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-09-24 19:38:17 ----A---- C:\Windows\system32\WpdMtpUS.dll
2008-09-24 19:38:17 ----A---- C:\Windows\system32\WMVXENCD.DLL
2008-09-24 19:38:17 ----A---- C:\Windows\system32\PING.EXE
2008-09-24 19:38:17 ----A---- C:\Windows\system32\httpapi.dll
2008-09-24 19:38:17 ----A---- C:\Windows\system32\cewmdm.dll
2008-09-24 19:38:17 ----A---- C:\Windows\system32\bitsadmin.exe
2008-09-24 19:38:16 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2008-09-24 19:38:16 ----A---- C:\Windows\system32\SoundRecorder.exe
2008-09-24 19:38:16 ----A---- C:\Windows\system32\qcap.dll
2008-09-24 19:38:16 ----A---- C:\Windows\system32\qasf.dll
2008-09-24 19:38:16 ----A---- C:\Windows\system32\ieakeng.dll
2008-09-24 19:38:16 ----A---- C:\Windows\system32\dmusic.dll
2008-09-24 19:38:15 ----A---- C:\Windows\system32\WUDFSvc.dll
2008-09-24 19:38:15 ----A---- C:\Windows\system32\SysFxUI.dll
2008-09-24 19:38:15 ----A---- C:\Windows\system32\rekeywiz.exe
2008-09-24 19:38:15 ----A---- C:\Windows\system32\dsuiext.dll
2008-09-24 19:38:15 ----A---- C:\Windows\system32\auditpol.exe
2008-09-24 19:38:15 ----A---- C:\Windows\system32\adsmsext.dll
2008-09-24 19:38:14 ----A---- C:\Windows\system32\wmpsrcwp.dll
2008-09-24 19:38:14 ----A---- C:\Windows\system32\Sens.dll
2008-09-24 19:38:14 ----A---- C:\Windows\system32\SecEdit.exe
2008-09-24 19:38:14 ----A---- C:\Windows\system32\mtstocom.exe
2008-09-24 19:38:14 ----A---- C:\Windows\system32\mscandui.dll
2008-09-24 19:38:14 ----A---- C:\Windows\system32\lsmproxy.dll
2008-09-24 19:38:13 ----A---- C:\Windows\system32\WMVSENCD.DLL
2008-09-24 19:38:13 ----A---- C:\Windows\system32\makecab.exe
2008-09-24 19:38:13 ----A---- C:\Windows\system32\batt.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\xwtpw32.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\sppnp.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\shimgvw.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\seclogon.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\sbeio.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\printcom.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\ndfapi.dll
2008-09-24 19:38:12 ----A---- C:\Windows\system32\dot3gpclnt.dll
2008-09-24 19:38:11 ----A---- C:\Windows\system32\wzcdlg.dll
2008-09-24 19:38:11 ----A---- C:\Windows\system32\wiashext.dll
2008-09-24 19:38:11 ----A---- C:\Windows\system32\msdadiag.dll
2008-09-24 19:38:11 ----A---- C:\Windows\system32\dxtrans.dll
2008-09-24 19:38:10 ----A---- C:\Windows\system32\wscmisetup.dll
2008-09-24 19:38:10 ----A---- C:\Windows\system32\wiadefui.dll
2008-09-24 19:38:10 ----A---- C:\Windows\system32\userinit.exe
2008-09-24 19:38:10 ----A---- C:\Windows\system32\shacct.dll
2008-09-24 19:38:10 ----A---- C:\Windows\system32\p2phost.exe
2008-09-24 19:38:10 ----A---- C:\Windows\system32\msorcl32.dll
2008-09-24 19:38:10 ----A---- C:\Windows\system32\apss.dll
2008-09-24 19:38:09 ----A---- C:\Windows\system32\wpdwcn.dll
2008-09-24 19:38:09 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2008-09-24 19:38:09 ----A---- C:\Windows\system32\sxstrace.exe
2008-09-24 19:38:09 ----A---- C:\Windows\system32\perfmon.exe
2008-09-24 19:38:09 ----A---- C:\Windows\system32\napipsec.dll
2008-09-24 19:38:08 ----A---- C:\Windows\system32\winrshost.exe
2008-09-24 19:38:08 ----A---- C:\Windows\system32\tasklist.exe
2008-09-24 19:38:08 ----A---- C:\Windows\system32\rrinstaller.exe
2008-09-24 19:38:08 ----A---- C:\Windows\system32\ktmutil.exe
2008-09-24 19:38:08 ----A---- C:\Windows\system32\keymgr.dll
2008-09-24 19:38:08 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2008-09-24 19:38:08 ----A---- C:\Windows\system32\csrsrv.dll
2008-09-24 19:38:07 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2008-09-24 19:38:07 ----A---- C:\Windows\system32\prntvpt.dll
2008-09-24 19:38:07 ----A---- C:\Windows\system32\notepad.exe
2008-09-24 19:38:07 ----A---- C:\Windows\system32\MP4SDECD.DLL
2008-09-24 19:38:07 ----A---- C:\Windows\system32\ftp.exe
2008-09-24 19:38:07 ----A---- C:\Windows\notepad.exe
2008-09-24 19:38:06 ----A---- C:\Windows\system32\fmifs.dll
2008-09-24 19:38:06 ----A---- C:\Windows\system32\d3dim700.dll
2008-09-24 19:38:06 ----A---- C:\Windows\system32\colorui.dll
2008-09-24 19:38:05 ----A---- C:\Windows\system32\UIAutomationCore.dll
2008-09-24 19:38:05 ----A---- C:\Windows\system32\netiougc.exe
2008-09-24 19:38:05 ----A---- C:\Windows\system32\msiexec.exe
2008-09-24 19:38:04 ----A---- C:\Windows\system32\wscproxystub.dll
2008-09-24 19:38:04 ----A---- C:\Windows\system32\winethc.dll
2008-09-24 19:38:04 ----A---- C:\Windows\system32\pcasvc.dll
2008-09-24 19:38:04 ----A---- C:\Windows\system32\nshipsec.dll
2008-09-24 19:38:04 ----A---- C:\Windows\system32\mfps.dll
2008-09-24 19:38:04 ----A---- C:\Windows\system32\driverquery.exe
2008-09-24 19:38:04 ----A---- C:\Windows\system32\cryptdll.dll
2008-09-24 19:38:03 ----A---- C:\Windows\system32\txfw32.dll
2008-09-24 19:38:03 ----A---- C:\Windows\system32\takeown.exe
2008-09-24 19:38:03 ----A---- C:\Windows\system32\PnPutil.exe
2008-09-24 19:38:03 ----A---- C:\Windows\system32\msimtf.dll
2008-09-24 19:38:02 ----A---- C:\Windows\system32\wmiprop.dll
2008-09-24 19:38:02 ----A---- C:\Windows\system32\pots.dll
2008-09-24 19:38:02 ----A---- C:\Windows\system32\logagent.exe
2008-09-24 19:38:02 ----A---- C:\Windows\system32\inseng.dll
2008-09-24 19:38:01 ----A---- C:\Windows\system32\wpdbusenum.dll
2008-09-24 19:38:01 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-09-24 19:38:01 ----A---- C:\Windows\system32\powrprof.dll
2008-09-24 19:38:01 ----A---- C:\Windows\system32\findnetprinters.dll
2008-09-24 19:38:01 ----A---- C:\Windows\system32\capisp.dll
2008-09-24 19:38:00 ----A---- C:\Windows\system32\shrpubw.exe
2008-09-24 19:38:00 ----A---- C:\Windows\system32\rasplap.dll
2008-09-24 19:38:00 ----A---- C:\Windows\system32\mfpmp.exe
2008-09-24 19:38:00 ----A---- C:\Windows\system32\fsutil.exe
2008-09-24 19:38:00 ----A---- C:\Windows\system32\dnshc.dll
2008-09-24 19:37:59 ----A---- C:\Windows\system32\sendmail.dll
2008-09-24 19:37:59 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2008-09-24 19:37:59 ----A---- C:\Windows\system32\perfnet.dll
2008-09-24 19:37:59 ----A---- C:\Windows\system32\olecli32.dll
2008-09-24 19:37:59 ----A---- C:\Windows\system32\nsisvc.dll
2008-09-24 19:37:59 ----A---- C:\Windows\system32\luainstall.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\WLanHC.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\wextract.exe
2008-09-24 19:37:58 ----A---- C:\Windows\system32\shgina.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\sfc_os.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\RpcPing.exe
2008-09-24 19:37:58 ----A---- C:\Windows\system32\imapi.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\fdPHost.dll
2008-09-24 19:37:58 ----A---- C:\Windows\system32\cmmon32.exe
2008-09-24 19:37:57 ----A---- C:\Windows\system32\wiaacmgr.exe
2008-09-24 19:37:57 ----A---- C:\Windows\system32\TMM.dll
2008-09-24 19:37:57 ----A---- C:\Windows\system32\runonce.exe
2008-09-24 19:37:57 ----A---- C:\Windows\system32\rshx32.dll
2008-09-24 19:37:57 ----A---- C:\Windows\system32\ktmw32.dll
2008-09-24 19:37:57 ----A---- C:\Windows\system32\d3dim.dll
2008-09-24 19:37:57 ----A---- C:\Windows\system32\compstui.dll
2008-09-24 19:37:56 ----A---- C:\Windows\system32\WMADMOE.DLL
2008-09-24 19:37:56 ----A---- C:\Windows\system32\version.dll
2008-09-24 19:37:56 ----A---- C:\Windows\system32\unregmp2.exe
2008-09-24 19:37:56 ----A---- C:\Windows\system32\getmac.exe
2008-09-24 19:37:56 ----A---- C:\Windows\system32\dimsjob.dll
2008-09-24 19:37:56 ----A---- C:\Windows\system32\cmlua.dll
2008-09-24 19:37:55 ----A---- C:\Windows\system32\UI0Detect.exe
2008-09-24 19:37:55 ----A---- C:\Windows\system32\net.exe
2008-09-24 19:37:55 ----A---- C:\Windows\system32\msvfw32.dll
2008-09-24 19:37:55 ----A---- C:\Windows\system32\mdminst.dll
2008-09-24 19:37:55 ----A---- C:\Windows\system32\dsauth.dll
2008-09-24 19:37:54 ----A---- C:\Windows\system32\w32tm.exe
2008-09-24 19:37:54 ----A---- C:\Windows\system32\MPG4DECD.DLL
2008-09-24 19:37:54 ----A---- C:\Windows\system32\MP43DECD.DLL
2008-09-24 19:37:53 ----A---- C:\Windows\system32\wmpshell.dll
2008-09-24 19:37:53 ----A---- C:\Windows\system32\tscupgrd.exe
2008-09-24 19:37:53 ----A---- C:\Windows\system32\imgutil.dll
2008-09-24 19:37:52 ----A---- C:\Windows\system32\ipconfig.exe
2008-09-24 19:37:52 ----A---- C:\Windows\system32\credui.dll
2008-09-24 19:37:52 ----A---- C:\Windows\system32\ACW.exe
2008-09-24 19:37:51 ----A---- C:\Windows\system32\sdchange.exe
2008-09-24 19:37:51 ----A---- C:\Windows\system32\pnpts.dll
2008-09-24 19:37:51 ----A---- C:\Windows\system32\migisol.dll
2008-09-24 19:37:51 ----A---- C:\Windows\system32\fdeploy.dll
2008-09-24 19:37:50 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-09-24 19:37:50 ----A---- C:\Windows\system32\dispci.dll
2008-09-24 19:37:50 ----A---- C:\Windows\system32\diantz.exe
2008-09-24 19:37:50 ----A---- C:\Windows\system32\comrepl.dll
2008-09-24 19:37:50 ----A---- C:\Windows\system32\cmutil.dll
2008-09-24 19:37:49 ----A---- C:\Windows\system32\sfc.exe
2008-09-24 19:37:49 ----A---- C:\Windows\system32\dinput8.dll
2008-09-24 19:37:48 ----A---- C:\Windows\system32\TSTheme.exe
2008-09-24 19:37:48 ----A---- C:\Windows\system32\ExplorerFrame.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2008-09-24 19:37:47 ----A---- C:\Windows\system32\wmidx.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\remotepg.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\pdhui.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\nlaapi.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\fwcfg.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\expand.exe
2008-09-24 19:37:47 ----A---- C:\Windows\system32\EncDump.dll
2008-09-24 19:37:47 ----A---- C:\Windows\system32\cfgbkend.dll
2008-09-24 19:37:46 ----A---- C:\Windows\system32\vdmredir.dll
2008-09-24 19:37:46 ----A---- C:\Windows\system32\utildll.dll
2008-09-24 19:37:46 ----A---- C:\Windows\system32\softkbd.dll
2008-09-24 19:37:46 ----A---- C:\Windows\system32\hlink.dll
2008-09-24 19:37:46 ----A---- C:\Windows\system32\colbact.dll
2008-09-24 19:37:45 ----A---- C:\Windows\system32\TpmInit.exe
2008-09-24 19:37:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2008-09-24 19:37:45 ----A---- C:\Windows\system32\modemui.dll
2008-09-24 19:37:45 ----A---- C:\Windows\system32\McxDriv.dll
2008-09-24 19:37:45 ----A---- C:\Windows\system32\iernonce.dll
2008-09-24 19:37:45 ----A---- C:\Windows\system32\bridgeunattend.exe
2008-09-24 19:37:45 ----A---- C:\Windows\system32\amstream.dll
2008-09-24 19:37:44 ----A---- C:\Windows\system32\wmvdspa.dll
2008-09-24 19:37:44 ----A---- C:\Windows\system32\sti_ci.dll
2008-09-24 19:37:44 ----A---- C:\Windows\system32\rdrleakdiag.exe
2008-09-24 19:37:44 ----A---- C:\Windows\system32\esentutl.exe
2008-09-24 19:37:44 ----A---- C:\Windows\system32\bootcfg.exe
2008-09-24 19:37:43 ----A---- C:\Windows\system32\wsnmp32.dll
2008-09-24 19:37:43 ----A---- C:\Windows\system32\vds_ps.dll
2008-09-24 19:37:43 ----A---- C:\Windows\system32\cmcfg32.dll
2008-09-24 19:37:43 ----A---- C:\Windows\system32\admparse.dll
2008-09-24 19:37:42 ----A---- C:\Windows\system32\waitfor.exe
2008-09-24 19:37:42 ----A---- C:\Windows\system32\tabcal.exe
2008-09-24 19:37:42 ----A---- C:\Windows\system32\qdv.dll
2008-09-24 19:37:42 ----A---- C:\Windows\system32\osblprov.dll
2008-09-24 19:37:42 ----A---- C:\Windows\system32\odbccp32.dll
2008-09-24 19:37:42 ----A---- C:\Windows\system32\logman.exe
2008-09-24 19:37:42 ----A---- C:\Windows\system32\iscsium.dll
2008-09-24 19:37:42 ----A---- C:\Windows\system32\dpnet.dll
2008-09-24 19:37:41 ----A---- C:\Windows\system32\WsmCl.dll
2008-09-24 19:37:41 ----A---- C:\Windows\system32\wfapigp.dll
2008-09-24 19:37:41 ----A---- C:\Windows\system32\shutdown.exe
2008-09-24 19:37:41 ----A---- C:\Windows\system32\cacls.exe
2008-09-24 19:37:40 ----A---- C:\Windows\system32\wmpcm.dll
2008-09-24 19:37:40 ----A---- C:\Windows\system32\olesvr32.dll
2008-09-24 19:37:40 ----A---- C:\Windows\system32\msdtc.exe
2008-09-24 19:37:40 ----A---- C:\Windows\system32\DpiScaling.exe
2008-09-24 19:37:40 ----A---- C:\Windows\system32\dmsynth.dll
2008-09-24 19:37:39 ----A---- C:\Windows\system32\wpnpinst.exe
2008-09-24 19:37:39 ----A---- C:\Windows\system32\rasauto.dll
2008-09-24 19:37:39 ----A---- C:\Windows\system32\olethk32.dll
2008-09-24 19:37:39 ----A---- C:\Windows\system32\mfvdsp.dll
2008-09-24 19:37:39 ----A---- C:\Windows\system32\COLORCNV.DLL
2008-09-24 19:37:38 ----A---- C:\Windows\system32\werdiagcontroller.dll
2008-09-24 19:37:38 ----A---- C:\Windows\system32\iscsiwmi.dll
2008-09-24 19:37:37 ----A---- C:\Windows\system32\wavemsp.dll
2008-09-24 19:37:37 ----A---- C:\Windows\system32\mstext40.dll
2008-09-24 19:37:36 ----A---- C:\Windows\system32\ufat.dll
2008-09-24 19:37:36 ----A---- C:\Windows\system32\sxproxy.dll
2008-09-24 19:37:36 ----A---- C:\Windows\system32\SLLUA.exe
2008-09-24 19:37:35 ----A---- C:\Windows\system32\odbctrac.dll
2008-09-24 19:37:35 ----A---- C:\Windows\system32\networkitemfactory.dll
2008-09-24 19:37:35 ----A---- C:\Windows\system32\msctfui.dll
2008-09-24 19:37:35 ----A---- C:\Windows\system32\at.exe
2008-09-24 19:37:34 ----A---- C:\Windows\system32\WpdConns.dll
2008-09-24 19:37:34 ----A---- C:\Windows\system32\rgb9rast.dll
2008-09-24 19:37:34 ----A---- C:\Windows\system32\mshta.exe
2008-09-24 19:37:33 ----A---- C:\Windows\system32\xmlprovi.dll
2008-09-24 19:37:33 ----A---- C:\Windows\system32\ucsvc.exe
2008-09-24 19:37:33 ----A---- C:\Windows\system32\RegCtrl.dll
2008-09-24 19:37:33 ----A---- C:\Windows\system32\mobsync.exe
2008-09-24 19:37:33 ----A---- C:\Windows\system32\licmgr10.dll
2008-09-24 19:37:33 ----A---- C:\Windows\system32\itss.dll
2008-09-24 19:37:33 ----A---- C:\Windows\system32\csrstub.exe
2008-09-24 19:37:33 ----A---- C:\Windows\system32\convert.exe
2008-09-24 19:37:33 ----A---- C:\Windows\system32\bitsigd.dll
2008-09-24 19:37:32 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2008-09-24 19:37:32 ----A---- C:\Windows\system32\prevhost.exe
2008-09-24 19:37:32 ----A---- C:\Windows\system32\AuthFWGP.dll
2008-09-24 19:37:31 ----A---- C:\Windows\system32\netbtugc.exe
2008-09-24 19:37:31 ----A---- C:\Windows\system32\iscsied.dll
2008-09-24 19:37:31 ----A---- C:\Windows\system32\dskquota.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\unattendedjoin.exe
2008-09-24 19:37:30 ----A---- C:\Windows\system32\tbs.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\setupcln.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\rasdiag.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\ocsetup.exe
2008-09-24 19:37:30 ----A---- C:\Windows\system32\GuidedHelp.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\fphc.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\cscdll.dll
2008-09-24 19:37:30 ----A---- C:\Windows\system32\AtBroker.exe
2008-09-24 19:37:29 ----A---- C:\Windows\system32\winnsi.dll
2008-09-24 19:37:29 ----A---- C:\Windows\system32\mydocs.dll
2008-09-24 19:37:29 ----A---- C:\Windows\system32\l2gpstore.dll
2008-09-24 19:37:29 ----A---- C:\Windows\system32\dmime.dll
2008-09-24 19:37:29 ----A---- C:\Windows\system32\cmpbk32.dll
2008-09-24 19:37:28 ----A---- C:\Windows\system32\regini.exe
2008-09-24 19:37:28 ----A---- C:\Windows\system32\dsdmo.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\odbccu32.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\odbccr32.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\napdsnap.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\msdart.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\dot3dlg.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\devenum.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\apilogen.dll
2008-09-24 19:37:27 ----A---- C:\Windows\system32\amxread.dll
2008-09-24 19:37:26 ----A---- C:\Windows\system32\VIDRESZR.DLL
2008-09-24 19:37:26 ----A---- C:\Windows\system32\usbui.dll
2008-09-24 19:37:26 ----A---- C:\Windows\system32\msident.dll
2008-09-24 19:37:26 ----A---- C:\Windows\system32\cmstplua.dll
2008-09-24 19:37:25 ----A---- C:\Windows\system32\wpclsp.dll
2008-09-24 19:37:25 ----A---- C:\Windows\system32\WINSRPC.DLL
2008-09-24 19:37:25 ----A---- C:\Windows\system32\RacAgent.exe
2008-09-24 19:37:25 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2008-09-24 19:37:25 ----A---- C:\Windows\system32\gpupdate.exe
2008-09-24 19:37:25 ----A---- C:\Windows\system32\avrt.dll
2008-09-24 19:37:24 ----A---- C:\Windows\system32\vss_ps.dll
2008-09-24 19:37:24 ----A---- C:\Windows\system32\upnpcont.exe
2008-09-24 19:37:24 ----A---- C:\Windows\system32\nsi.dll
2008-09-24 19:37:24 ----A---- C:\Windows\system32\nbtstat.exe
2008-09-24 19:37:24 ----A---- C:\Windows\system32\mtxlegih.dll
2008-09-24 19:37:24 ----A---- C:\Windows\system32\mtxdm.dll
2008-09-24 19:37:23 ----A---- C:\Windows\system32\srwmi.dll
2008-09-24 19:37:23 ----A---- C:\Windows\system32\mfcsubs.dll
2008-09-24 19:37:23 ----A---- C:\Windows\system32\graftabl.com
2008-09-24 19:37:22 ----A---- C:\Windows\system32\syskey.exe
2008-09-24 19:37:22 ----A---- C:\Windows\system32\rasphone.exe
2008-09-24 19:37:22 ----A---- C:\Windows\system32\netevent.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\wsock32.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\wiarpc.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\WavDest.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\vfwwdm32.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\odbcbcp.dll
2008-09-24 19:37:21 ----A---- C:\Windows\system32\msexcl40.dll
2008-09-24 19:37:20 ----A---- C:\Windows\system32\ROUTE.EXE
2008-09-24 19:37:20 ----A---- C:\Windows\system32\ndfetw.dll
2008-09-24 19:37:20 ----A---- C:\Windows\system32\MP3DMOD.DLL
2008-09-24 19:37:20 ----A---- C:\Windows\system32\extrac32.exe
2008-09-24 19:37:20 ----A---- C:\Windows\system32\eventcls.dll
2008-09-24 19:37:19 ----A---- C:\Windows\system32\procinst.dll
2008-09-24 19:37:19 ----A---- C:\Windows\system32\csrss.exe
2008-09-24 19:37:18 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-09-24 19:37:18 ----A---- C:\Windows\system32\wiadss.dll
2008-09-24 19:37:18 ----A---- C:\Windows\system32\TabbtnEx.dll
2008-09-24 19:37:18 ----A---- C:\Windows\system32\inetppui.dll
2008-09-24 19:37:18 ----A---- C:\Windows\system32\dmscript.dll
2008-09-24 19:37:18 ----A---- C:\Windows\system32\d3dxof.dll
2008-09-24 19:37:18 ----A---- C:\Windows\system32\atmfd.dll
2008-09-24 19:37:17 ----A---- C:\Windows\system32\WlanMmHC.dll
2008-09-24 19:37:17 ----A---- C:\Windows\system32\Tabbtn.dll
2008-09-24 19:37:17 ----A---- C:\Windows\system32\psbase.dll
2008-09-24 19:37:16 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2008-09-24 19:37:16 ----A---- C:\Windows\fveupdate.exe
2008-09-24 19:37:15 ----A---- C:\Windows\system32\msxbde40.dll
2008-09-24 19:37:15 ----A---- C:\Windows\system32\dmloader.dll
2008-09-24 19:37:14 ----A---- C:\Windows\system32\credssp.dll
2008-09-24 19:37:13 ----A---- C:\Windows\system32\wshcon.dll
2008-09-24 19:37:13 ----A---- C:\Windows\system32\Netplwiz.exe
2008-09-24 19:37:13 ----A---- C:\Windows\system32\msltus40.dll
2008-09-24 19:37:12 ----A---- C:\Windows\system32\mspbde40.dll
2008-09-24 19:37:12 ----A---- C:\Windows\system32\icsunattend.exe
2008-09-24 19:37:11 ----A---- C:\Windows\system32\WsmRes.dll
2008-09-24 19:37:11 ----A---- C:\Windows\system32\PlaySndSrv.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2008-09-24 19:37:10 ----A---- C:\Windows\system32\wship6.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\sxsstore.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\msvidc32.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\lltdapi.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2008-09-24 19:37:10 ----A---- C:\Windows\system32\ComputerDefaults.exe
2008-09-24 19:37:09 ----A---- C:\Windows\system32\setupSNK.exe
2008-09-24 19:37:09 ----A---- C:\Windows\system32\localui.dll
2008-09-24 19:37:09 ----A---- C:\Windows\system32\icaapi.dll
2008-09-24 19:37:08 ----A---- C:\Windows\system32\slwga.dll
2008-09-24 19:37:08 ----A---- C:\Windows\system32\OptionalFeatures.exe
2008-09-24 19:37:08 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2008-09-24 19:37:06 ----A---- C:\Windows\system32\sbunattend.exe
2008-09-24 19:37:06 ----A---- C:\Windows\system32\dmutil.dll
2008-09-24 19:37:04 ----A---- C:\Windows\system32\usbperf.dll
2008-09-24 19:37:04 ----A---- C:\Windows\system32\spopk.dll
2008-09-24 19:37:04 ----A---- C:\Windows\system32\serialui.dll
2008-09-24 19:37:04 ----A---- C:\Windows\system32\NcdProp.dll
2008-09-24 19:37:02 ----A---- C:\Windows\system32\odbcconf.dll
2008-09-24 19:37:02 ----A---- C:\Windows\system32\cofiredm.dll
2008-09-24 19:37:01 ----A---- C:\Windows\system32\msfeedssync.exe
2008-09-24 19:37:01 ----A---- C:\Windows\system32\hbaapi.dll
2008-09-24 19:36:59 ----A---- C:\Windows\system32\rasctrs.dll
2008-09-24 19:36:59 ----A---- C:\Windows\system32\msobjs.dll
2008-09-24 19:36:59 ----A---- C:\Windows\system32\ieencode.dll
2008-09-24 19:36:58 ----A---- C:\Windows\system32\corpol.dll
2008-09-24 19:36:57 ----A---- C:\Windows\system32\hnetmon.dll
2008-09-24 19:36:56 ----A---- C:\Windows\system32\midimap.dll
2008-09-24 19:36:55 ----A---- C:\Windows\system32\vdmdbg.dll
2008-09-24 19:36:55 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2008-09-24 19:36:55 ----A---- C:\Windows\system32\esentprf.dll
2008-09-24 19:36:54 ----A---- C:\Windows\system32\url.dll
2008-09-24 19:36:54 ----A---- C:\Windows\system32\nlsbres.dll
2008-09-24 19:36:54 ----A---- C:\Windows\system32\LogonUI.exe
2008-09-24 19:36:54 ----A---- C:\Windows\system32\iprtprio.dll
2008-09-24 19:36:49 ----A---- C:\Windows\system32\sdspres.dll
2008-09-24 19:36:46 ----A---- C:\Windows\system32\osbaseln.dll
2008-09-24 19:36:46 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-09-24 19:36:42 ----A---- C:\Windows\system32\msisip.dll
2008-09-24 19:36:41 ----A---- C:\Windows\system32\msmmsp.dll
2008-09-24 19:36:38 ----A---- C:\Windows\system32\dispex.dll
2008-09-24 19:36:37 ----A---- C:\Windows\system32\winusb.dll
2008-09-24 19:36:36 ----A---- C:\Windows\system32\rdpcfgex.dll
2008-09-24 19:36:28 ----A---- C:\Windows\system32\Nlsdl.dll
2008-09-24 19:36:26 ----A---- C:\Windows\system32\riched32.dll
2008-09-24 19:36:26 ----A---- C:\Windows\system32\msidle.dll
2008-09-24 19:36:26 ----A---- C:\Windows\system32\idndl.dll
2008-09-24 19:36:25 ----A---- C:\Windows\system32\spwmp.dll
2008-09-24 19:36:23 ----A---- C:\Windows\system32\KBDKOR.DLL
2008-09-24 19:36:22 ----A---- C:\Windows\system32\KBDJPN.DLL
2008-09-24 19:36:20 ----A---- C:\Windows\system32\iscsilog.dll
2008-09-24 19:36:15 ----A---- C:\Windows\system32\wmploc.DLL
2008-09-24 19:36:15 ----A---- C:\Windows\system32\vga256.dll
2008-09-24 19:36:15 ----A---- C:\Windows\system32\tsddd.dll
2008-09-24 19:36:15 ----A---- C:\Windows\system32\framebuf.dll
2008-09-24 19:36:15 ----A---- C:\Windows\system32\dxmasf.dll
2008-09-24 19:36:14 ----A---- C:\Windows\system32\vga64k.dll
2008-09-24 19:36:12 ----A---- C:\Windows\system32\vga.dll
2008-09-24 19:36:12 ----A---- C:\Windows\system32\bootstr.dll
2008-09-24 19:36:11 ----A---- C:\Windows\system32\dmdskres2.dll
2008-09-24 19:36:09 ----A---- C:\Windows\system32\spwizres.dll
2008-09-24 19:36:09 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-09-24 19:36:03 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2008-09-24 19:36:01 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2008-09-24 19:36:00 ----A---- C:\Windows\system32\fsmgmt.msc
2008-09-24 19:35:44 ----A---- C:\Windows\system32\perfmon.msc
2008-09-24 19:35:42 ----A---- C:\Windows\system32\vsp1cln.exe
2008-09-24 19:34:36 ----A---- C:\Windows\system32\xmllite.dll
2008-09-24 19:34:35 ----A---- C:\Windows\system32\wbemcomn.dll
2008-09-24 19:34:30 ----A---- C:\Windows\system32\SmiInstaller.dll
2008-09-24 19:34:29 ----A---- C:\Windows\system32\SmiEngine.dll
2008-09-24 19:34:23 ----A---- C:\Windows\system32\wdscore.dll
2008-09-24 19:34:23 ----A---- C:\Windows\system32\PkgMgr.exe
2008-09-24 19:34:09 ----A---- C:\Windows\system32\drvstore.dll
2008-09-24 19:34:08 ----A---- C:\Windows\system32\mspatcha.dll
2008-09-24 19:34:08 ----A---- C:\Windows\system32\msdelta.dll
2008-09-24 19:34:08 ----A---- C:\Windows\system32\dpx.dll

======List of files/folders modified in the last 1 months======

2008-10-21 19:36:31 ----D---- C:\Windows\Prefetch
2008-10-21 19:36:28 ----D---- C:\Windows\Temp
2008-10-21 19:29:31 ----D---- C:\Users\Marko\AppData\Roaming\DNA
2008-10-21 16:09:53 ----D---- C:\Windows\system32\drivers
2008-10-21 16:09:32 ----D---- C:\Users\Marko\AppData\Roaming\Xfire
2008-10-21 16:04:29 ----D---- C:\Windows\System32
2008-10-21 16:04:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-21 16:04:28 ----D---- C:\Windows\inf
2008-10-21 16:00:20 ----SHD---- C:\Windows\Installer
2008-10-20 19:59:31 ----D---- C:\Windows\system32\catroot2
2008-10-20 18:33:01 ----SHD---- C:\System Volume Information
2008-10-20 17:03:41 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-20 17:03:41 ----HD---- C:\ProgramData
2008-10-20 17:00:21 ----D---- C:\Program Files\Google
2008-10-20 16:34:30 ----D---- C:\Windows
2008-10-20 16:25:38 ----HD---- C:\Program Files\Uninstall Information
2008-10-20 16:24:46 ----RD---- C:\Program Files
2008-10-19 22:23:23 ----D---- C:\Users\Marko\AppData\Roaming\FrostWire
2008-10-19 21:22:57 ----D---- C:\Program Files\Mozilla Firefox
2008-10-17 08:25:31 ----D---- C:\Program Files\World of Warcraft
2008-10-17 03:23:55 ----D---- C:\Windows\winsxs
2008-10-17 03:13:45 ----D---- C:\Windows\system32\catroot
2008-10-17 03:11:14 ----D---- C:\Program Files\Windows Mail
2008-10-17 03:11:11 ----D---- C:\Windows\system32\migration
2008-10-17 03:05:20 ----A---- C:\Windows\win.ini
2008-10-14 21:28:37 ----D---- C:\Windows\system32\Tasks
2008-10-14 20:58:36 ----D---- C:\Windows\system32\LogFiles
2008-10-14 15:38:56 ----D---- C:\Program Files\BitTorrent
2008-10-13 17:28:14 ----D---- C:\Program Files\Common Files
2008-10-12 19:24:57 ----D---- C:\Users\Marko\AppData\Roaming\Apple Computer
2008-10-12 19:13:54 ----D---- C:\Windows\system32\WDI
2008-10-08 06:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-09-26 10:37:31 ----D---- C:\Windows\rescache
2008-09-26 10:18:30 ----D---- C:\Windows\system32\en-US
2008-09-26 10:18:30 ----D---- C:\Windows\PolicyDefinitions
2008-09-25 13:11:35 ----D---- C:\Windows\Logs
2008-09-25 12:35:20 ----D---- C:\Windows\Microsoft.NET
2008-09-25 12:35:15 ----RSD---- C:\Windows\assembly
2008-09-25 12:28:11 ----SHD---- C:\Boot
2008-09-25 12:27:50 ----ASH---- C:\Program Files\desktop.ini
2008-09-25 12:19:49 ----D---- C:\Program Files\Windows Sidebar
2008-09-25 12:19:49 ----D---- C:\Program Files\Windows Calendar
2008-09-25 12:19:49 ----D---- C:\Program Files\Movie Maker
2008-09-25 12:19:47 ----D---- C:\Program Files\Windows Media Player
2008-09-25 12:19:47 ----D---- C:\Program Files\Internet Explorer
2008-09-25 12:19:46 ----D---- C:\Program Files\Windows Collaboration
2008-09-25 12:19:45 ----D---- C:\Program Files\Windows Photo Gallery
2008-09-25 12:19:45 ----D---- C:\Program Files\Windows Journal
2008-09-25 12:19:38 ----D---- C:\Program Files\Windows Defender
2008-09-25 12:19:38 ----D---- C:\Program Files\Common Files\System
2008-09-25 12:19:37 ----D---- C:\Windows\servicing
2008-09-25 12:19:36 ----D---- C:\Windows\ehome
2008-09-25 12:19:23 ----D---- C:\Windows\MSAgent
2008-09-25 12:19:21 ----D---- C:\Windows\DigitalLocker
2008-09-25 12:19:20 ----D---- C:\Windows\L2Schemas
2008-09-25 12:19:20 ----D---- C:\Windows\IME
2008-09-25 12:19:19 ----D---- C:\Windows\system32\XPSViewer
2008-09-25 12:19:19 ----D---- C:\Windows\system32\ko-KR
2008-09-25 12:19:19 ----D---- C:\Windows\system32\da-DK
2008-09-25 12:19:19 ----D---- C:\Windows\system32\com
2008-09-25 12:19:08 ----D---- C:\Windows\system32\oobe
2008-09-25 12:19:08 ----D---- C:\Windows\system32\it-IT
2008-09-25 12:19:08 ----D---- C:\Windows\system32\el-GR
2008-09-25 12:19:08 ----D---- C:\Windows\system32\de-DE
2008-09-25 12:19:07 ----D---- C:\Windows\system32\sysprep
2008-09-25 12:19:01 ----D---- C:\Windows\system32\AdvancedInstallers
2008-09-25 12:19:00 ----D---- C:\Windows\system32\sv-SE
2008-09-25 12:19:00 ----D---- C:\Windows\system32\setup
2008-09-25 12:19:00 ----D---- C:\Windows\system32\ru-RU
2008-09-25 12:19:00 ----D---- C:\Windows\system32\ias
2008-09-25 12:19:00 ----D---- C:\Windows\system32\he-IL
2008-09-25 12:19:00 ----D---- C:\Windows\system32\fr-FR
2008-09-25 12:18:59 ----D---- C:\Windows\system32\SLUI
2008-09-25 12:18:59 ----D---- C:\Windows\system32\pt-PT
2008-09-25 12:18:59 ----D---- C:\Windows\system32\hu-HU
2008-09-25 12:18:59 ----D---- C:\Windows\system32\fi-FI
2008-09-25 12:18:59 ----D---- C:\Windows\system32\cs-CZ
2008-09-25 12:18:56 ----D---- C:\Windows\system32\zh-TW
2008-09-25 12:18:56 ----D---- C:\Windows\system32\zh-CN
2008-09-25 12:18:56 ----D---- C:\Windows\system32\pl-PL
2008-09-25 12:18:56 ----D---- C:\Windows\system32\manifeststore
2008-09-25 12:18:56 ----D---- C:\Windows\system32\ja-JP
2008-09-25 12:18:56 ----D---- C:\Windows\system32\es-ES
2008-09-25 12:18:56 ----D---- C:\Windows\system32\en
2008-09-25 12:18:55 ----D---- C:\Windows\system32\ro-RO
2008-09-25 12:18:49 ----D---- C:\Windows\system32\tr-TR
2008-09-25 12:18:48 ----D---- C:\Windows\system32\wbem
2008-09-25 12:18:45 ----D---- C:\Windows\system32\nl-NL
2008-09-25 12:18:45 ----D---- C:\Windows\system32\nb-NO
2008-09-25 12:18:45 ----D---- C:\Windows\system32\ar-SA
2008-09-25 12:18:41 ----D---- C:\Windows\system32\migwiz
2008-09-25 12:18:39 ----D---- C:\Windows\system32\pt-BR
2008-09-25 12:17:02 ----RSD---- C:\Windows\Fonts
2008-09-25 12:17:02 ----D---- C:\Windows\AppPatch
2008-09-25 12:16:55 ----D---- C:\Windows\Boot
2008-09-25 12:16:50 ----D---- C:\Windows\system32\Boot
2008-09-25 11:40:04 ----A---- C:\Windows\system32\ifxcardm.dll
2008-09-25 11:40:02 ----A---- C:\Windows\system32\axaltocm.dll
2008-09-22 21:55:53 ----D---- C:\Program Files\PP5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 dsunidrv;dsunidrv; \??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys [2006-08-17 7424]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [2006-10-05 4736]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-19 986624]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2006-10-19 258048]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-20 4456416]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\Windows\system32\DRIVERS\wg111v2.sys [2007-02-09 213216]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-02-08 647680]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-19 659968]
S3 A5AGU;D-Link USB Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\A5AGU.sys [2006-05-08 347648]
S3 ATHFMWDL;D-Link predator Bootloader driver; C:\Windows\System32\Drivers\ATHFMWDL.sys [2005-03-22 43392]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 dump_wmimmc;dump_wmimmc; \??\C:\ijji\ENGLISH\u_sf\GameGuard\dump_wmimmc.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-03 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2008-01-19 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-09-29 81920]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2002-12-17 7520337]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2002-12-17 311872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2006-11-07 70656]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [2007-04-04 81408]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-20 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------





...And my other list:

info.txt logfile of random's system information tool 1.04 2008-10-21 19:36:42

======Uninstall list======

-->MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Active@ UNERASER Demo-->"C:\Users\Marko\Desktop\Active UNERASER Demo\UNWISE.EXE" "C:\Users\Marko\Desktop\Active UNERASER Demo\INSTALL.LOG"
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~2\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~2\Install.log
Advanced Text To Speech V3.60 Build 020122-->"C:\Program Files\atts\unins000.exe"
AGEIA PhysX v7.09.13-->MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Panorama Maker 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F68DC8-0278-4AD8-B413-861509B5F25B}\Setup.exe" -l0x9
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
AVS Video Converter 6-->"C:\Users\Marko\Desktop\This Folder Has Stuff In It\Special Stuff & Games\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Battlefield 2142-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x9 -removeonly
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant D850 PCI V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -IDel200fz.inf
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x9
Crashday-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}\setup.exe" -l0x9 -removeonly
Dawn of War - Dark Crusade-->C:\Program Files\InstallShield Installation Information\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}\setup.exe -runfromtemp -l0x0009 -removeonly
Dawn of War - Soulstorm-->"C:\Program Files\InstallShield Installation Information\{20533183-D42D-4261-A125-956736FBEA8C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Dawn Of War - Winter Assault-->MsiExec.exe /X{DD8408E9-9421-484F-979D-DB6361E3E828}
Dawn Of War-->MsiExec.exe /X{83F12F73-D52E-40C0-93B1-463C311C4E17}
Dell System Customization Wizard-->MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\Setup.exe -runfromtemp -l0x0009 -removeonly
ExtractNow-->"C:\Program Files\ExtractNow\unins000.exe"
File Recover 7.0-->"C:\Users\Marko\Desktop\File Recover\unins000.exe"
FlatOut-->MsiExec.exe /I{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}
Free Natural Text to Speech Reader 2007-->MsiExec.exe /I{3E5DA526-F420-45A6-9F27-D2B5246D6823}
FrostWire 4.17.0-->C:\Program Files\FrostWire\Uninstall.exe
Game Cam v1.4-->MsiExec.exe /I{EBE7050B-7988-4BC3-BBFD-5C6828859483}
Game Maker 6.1-->C:\Users\Marko\Desktop\Sams Folder\Uninstal.exe
Game Maker 7.0-->C:\Program Files\Game_Maker7\Uninstal.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Growler Guncam-->MsiExec.exe /I{9B743536-28E5-4A48-A1CC-8600A18386C3}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
ijji Auto Installer-->"C:\Program Files\InstallShield Installation Information\{1DCC7418-2089-4BDD-B321-3771956160FC}\setup.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
InvestmentLink Import Wizard-->C:\PP5\ILImport\ILIMPO~1\UNWISE.EXE C:\PP5\ILImport\ILIMPO~1\INSTALL.LOG
iPodWizard v1.3-->"C:\Program Files\iPodWizard\unins000.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash MX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x9 UNINSTALL
Macromedia Flash Player 8 Plugin-->MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Macromedia Flash Player 8-->MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine-->MsiExec.exe /X{2B5EE14F-39EC-4a51-888F-B5A698823B2A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Modem Diagnostic Tool-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Motorola Driver Installation-->MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
Mozilla Firefox (2.0.0.17)-->C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Navman NavDesk 2008-->C:\Program Files\InstallShield Installation Information\{9C8732C3-32DE-4569-9E90-30040D76DABC}\Setup.exe -runfromtemp -l0x0009 -removeonly
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\Program Files\InstallShield Installation Information\{E0F252A6-DE85-4E93-A93B-DFC3537B3965}\setup.exe -runfromtemp -l0x0409
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Nikon Message Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite-->C:\ProgramData\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_APAC.exe
Nokia PC Suite-->MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Pb Vocoder 1.0-->"C:\Program Files\Pb Vocoder\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PictureProject-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
PlanTech XML Export-->C:\PP5\XMLifE\UNWISE.EXE C:\PP5\XMLifE\XMLIFE~1.LOG
Power MP3 WMA Converter 1.14-->C:\PROGRA~1\POWERC~1\UNWISE.EXE C:\PROGRA~1\POWERC~1\INSTALL.LOG
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
Pro-Planner 5.0-->C:\PP5\\PP5UNI~1\UNWISE.EXE C:\PP5\\PP5UNI~1\INSTALL.LOG
ProPlanner Import Wizard for Morningstar Data-->C:\PP5\MSImport\MSIMPO~1\UNWISE.EXE C:\PP5\MSImport\MSIMPO~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Recover Data for FAT & NTFS-->"C:\Program Files\Recover Data for FAT & NTFS\unins000.exe"
Recover My Files-->"C:\Users\Marko\Desktop\Recover My Files\unins000.exe"
Redtube Video Downloader 3.14-->"C:\Users\Marko\Desktop\This Folder Has Stuff In It\Schoolwork\French\Projects\redtube\Redtube Video Downloader\unins000.exe"
Risk Researcher Installation/Upgrade - February 2006 (v5.5.602)-->C:\PP5\RRUNIN~1\UNWISE.EXE C:\PP5\RRUNIN~1\INSTALL.LOG
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
Shockwave-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\INSTALL.LOG
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Soldier Front-->"C:\Program Files\InstallShield Installation Information\{8ADE24B2-DCA4-4A1E-8B52-A5B435522D9E}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
SpyHunter-->"C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
The Suffering-->C:\Program Files\InstallShield Installation Information\{05D30DBE-4EF3-477E-BCB0-8B5E3D9580AD}\setup.exe -runfromtemp -l0x0009 -removeonly
Unreal Tournament 3-->MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Ventrilo Server-->MsiExec.exe /I{1D46A3A0-B37D-423A-91C2-101A49E2FF80}
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Driver Package - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_ce5ad925\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_674398ba\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
Worms World Party-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A200E68-D5F4-4E70-910F-2871753A0E2B}\setup.exe"
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

======Security center information======

AS: Windows Defender (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\MSSQL7\BINN;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
jINX
Active Member
 
Posts: 5
Joined: October 14th, 2008, 6:43 am

Re: Help me out please possible keylogger >_<!!

Unread postby jINX » October 21st, 2008, 4:50 am

umm sorry I removed BitTorrent but I didn't remove BitTorrent DNA, its gone now though.. SORRY FOR THE TROUBLE!
jINX
Active Member
 
Posts: 5
Joined: October 14th, 2008, 6:43 am

Re: Help me out please possible keylogger >_<!!

Unread postby Katana » October 21st, 2008, 9:22 am

Your log also shows FrostWire 4.17.0 and Vuze installed, you must uninstall all P2P programs




Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)

NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.



Please post the Kaspersky log along with a fresh HJT log in your reply
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Help me out please possible keylogger >_<!!

Unread postby jINX » October 22nd, 2008, 5:27 am

Ok here they are, very sorry about the delays! Kapersky took its time, and before school I started the online scan not knowing that you had to initilize the scan after installing the updates! The scan as a result took 3 hours in total :(. Not to worry though, here they are :D

Kapersky Log:


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, October 22, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, October 21, 2008 21:43:22
Records in database: 1332764
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 154609
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 03:03:12

No malware has been detected. The scan area is clean.

The selected area was scanned.





HijackThis Log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:24:28 PM, on 22/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Marko\AppData\Local\Temp\jkos-Marko\binaries\ScanningProcess.exe
C:\Users\Marko\AppData\Local\Temp\jkos-Marko\binaries\ScanningProcess.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [StartDbServices] WSCRIPT "\JOBS\StartDbServices.vbs"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11783 bytes
jINX
Active Member
 
Posts: 5
Joined: October 14th, 2008, 6:43 am

Re: Help me out please possible keylogger >_<!!

Unread postby Katana » October 22nd, 2008, 9:50 am

Information

There is nothing obvious showing, but I would like some more information on StartDbServices.vbs so I will run a couple more scans.

----------------------------------------------------------- -----------------------------------------------------------

Step 1

Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper



----------------------------------------------------------- -----------------------------------------------------------
Step 2

Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Please go to this site Link >> ActiveScan << LINK
  • Click the Scan Now button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.



----------------------------------------------------------- -----------------------------------------------------------
Step 3

Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • ComboFix Log
  • Active Scan Log

----------------------------------------------------------- -----------------------------------------------------------

Additional Notes

Remove Programs

Now click Start---Control Panel. Double click Add or Remove Programs (XP) / Programs and Features (Vista) . If any of the following programs are listed there,
click on the program to highlight it, and click on remove.
  • Java(TM) 6 Update 5
    Java(TM) SE Runtime Environment 6
Now close the Control Panel.



Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 2.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended

There is a newer version of Adobe Acrobat Reader available.
  • Please go to this link Adobe Acrobat Reader Download Link
  • Click Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

When the installation is complete go to Add/Remove Programs and uninstall all previous versions.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Help me out please possible keylogger >_<!!

Unread postby NonSuch » October 29th, 2008, 2:15 pm

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 297 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware