Free Malware Removal Forum

by **VgRt6** » November 29th, 2008, 3:46 am

The pop-ups started this past Monday and I've been dealing with this since.

I was able to get rid of the Antivirus 2009 files with Malwarebytes' Anti-Malware ... or so I thought.

One of the offending files was hobovoro.dll. MAM got rid of the file, but it's still called out in the registry. Everytime I restart, I get a message that hobovoro.dll could not be found. If I run MAM, I get a infected registry entry associated with "dovimosuku". The registry entry that I found using HijackThis is:

O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s

No matter what I've tried to do to delete the entry, it comes back almost immediately.

Anyone have an idea of what I can do to get rid of this. It's driving me nuts. My HijackThis log follows.

Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:21:50 AM, on 11/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {f3c85dca-ca1d-4413-838f-25dd4266f58e} - C:\WINDOWS\system32\wemozobi.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7808013078
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\jevomomi.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 14457 bytes

by **mz30** » November 29th, 2008, 7:08 am

Hi
I'm Mz30
I will be helping you with your malware issue's.
I am currently reviewing your hjt log and will post back soon with instructions.
As I am still in training, everything that I post to you, must be checked by an Admin or Moderator. Therefore there could be a delay between posts, but it shouldn't be too long.

The fixes i post, are for fixing your issues only and by no means should be used on another computer.
Continue to respond to this thread until I give you the All Clean,as even if you appear clean the chances are you are not.
Please bookmark or favourite this page. In case you need it as reference.
Please remember that all the staff here are volunteers and help in our free time and you will sometimes have to wait for a reply.

Important
Please do not attempt to remove anything or fix anything unless i ask,This includes running any sort of anti-virus/spyware programs as they may make thing's harder to remove.

by **VgRt6** » November 29th, 2008, 12:15 pm

Thank you!

If it helps, I ran a scan this morning using AdAware 2008. It came up clean. I then ran a scan with Malwarebytes' Ani-Malware. It came up with one infection, dovimosuku. It didn't find this until the very end when it scanned "extras and heuristics." The Ad-Aware scan was done with heuristics scanning disabled, only because it will not let me enable it (I'm not sure why).

Edit, I didn't see your comment about not running any spywear programs until after I had run them this morning. Nothing was deleted, so I'm guessing my HJT log should be the same. In case it's not, below is a log from after this morning's scans. I won't do anything else unless you instruct me to.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:44 AM, on 11/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {f3c85dca-ca1d-4413-838f-25dd4266f58e} - C:\WINDOWS\system32\wemozobi.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7808013078
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\jevomomi.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 14729 bytes

by **VgRt6** » November 29th, 2008, 10:46 pm

FYI, I'm using a Linksys wireless router with the default login settings. I just read the sticky thread regarding Zlob's ability to hijack the router.

by **mz30** » November 30th, 2008, 8:50 pm

RSIT

Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)

by **VgRt6** » December 1st, 2008, 12:26 am

Done.

Contents of LOG ...

Logfile of random's system information tool 1.04 (written by random/random)
Run by Gary at 2008-11-30 23:19:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 40 GB (37%) free of 110 GB
Total RAM: 1022 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:16 PM, on 11/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Documents and Settings\Gary\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Gary.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=del ... channel=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {f3c85dca-ca1d-4413-838f-25dd4266f58e} - C:\WINDOWS\system32\wemozobi.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s
O4 - HKLM\..\Run: [70ffad67] rundll32.exe "C:\WINDOWS\system32\puhafewu.dll",b
O4 - HKLM\..\Run: [CPM73cc9efb] Rundll32.exe "c:\windows\system32\gitalobo.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7808013078
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\jevomomi.dll c:\windows\system32\gitalobo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gitalobo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gitalobo.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 15362 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41D68ED8-4CFF-4115-88A6-6EBB8AF19000}]
McAfee AntiPhishing Filter - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll [2005-11-03 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar5.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-19 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-07-26 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3c85dca-ca1d-4413-838f-25dd4266f58e}]
C:\WINDOWS\system32\wemozobi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar5.dll [2007-01-19 2403392]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-02-10 282624]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2005-06-17 139264]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064]
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2005-10-05 94208]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2004-12-13 58992]
"Norton Ghost 10.0"=C:\Program Files\Norton Ghost\Agent\GhostTray.exe [2005-08-16 1531904]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"MSKDetectorExe"=C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe [2005-08-12 1121792]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2006-08-24 169984]
"MSKAGENTEXE"=C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe [2005-09-26 110592]
"MPFExe"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [2005-11-11 1005096]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-09 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"VX3000"=C:\WINDOWS\vVX3000.exe [2006-10-13 707376]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2006-10-13 277296]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"dovimosuku"=C:\WINDOWS\system32\hobovoro.dll []
"70ffad67"=C:\WINDOWS\system32\puhafewu.dll [2008-11-29 88116]
"CPM73cc9efb"=c:\windows\system32\gitalobo.dll [2008-11-29 95284]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-08 68856]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]
"DellTransferAgent"=C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe [2007-11-13 135168]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\jevomomi.dll c:\windows\system32\gitalobo.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gitalobo.dll [2008-11-29 95284]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\gitalobo.dll [2008-11-29 95284]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=C:\WINDOWS\system32\jevomomi.dll
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\vVX3000.exe"="C:\WINDOWS\vVX3000.exe:*:Enabled:vVX3000"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\Program Files\McAfee.com\VSO\McShield.exe"="C:\Program Files\McAfee.com\VSO\McShield.exe:*:Enabled:mcshield"
"C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe"="C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe:*:Enabled:MpfService"
"C:\Program Files\iPod\bin\iPodService.exe"="C:\Program Files\iPod\bin\iPodService.exe:*:Enabled:iPodService"
"C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe"="C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe:*:Enabled:WUSB54GC"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Disabled:America Online 9.0"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"C:\WINDOWS\system32\dllhost.exe"="C:\WINDOWS\system32\dllhost.exe:*:Disabled:dllhost"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe

======List of files/folders created in the last 1 months======

2008-11-30 23:19:06 ----D---- C:\rsit
2008-11-30 06:06:33 ----SH---- C:\WINDOWS\system32\siziwaki.exe
2008-11-29 12:05:23 ----SH---- C:\WINDOWS\system32\uwefahup.ini
2008-11-29 02:20:37 ----D---- C:\Program Files\Trend Micro
2008-11-29 02:08:45 ----D---- C:\Program Files\Lavasoft
2008-11-29 02:08:44 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-29 02:07:17 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-28 23:18:05 ----A---- C:\WINDOWS\system32\dunzip32.dll
2008-11-28 23:14:51 ----D---- C:\Program Files\Common Files\McAfee
2008-11-28 21:50:55 ----D---- C:\WINDOWS\Prefetch
2008-11-28 21:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-28 21:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-28 21:45:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-28 21:45:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-28 21:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-28 21:44:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-28 21:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-28 21:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-28 21:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-28 21:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-28 21:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-28 21:43:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-28 21:43:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-11-28 21:43:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-28 21:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-28 21:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-28 21:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-28 21:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-28 21:34:59 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-28 21:28:43 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-28 18:03:53 ----D---- C:\Documents and Settings\All Users\Application Data\Dell
2008-11-28 17:59:25 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-28 17:59:25 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-28 17:56:57 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-11-28 17:53:44 ----SHD---- C:\Config.Msi
2008-11-28 15:26:42 ----SH---- C:\WINDOWS\system32\sasoresi.exe
2008-11-27 21:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-27 21:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-27 20:49:30 ----D---- C:\WINDOWS\system32\appmgmt
2008-11-27 14:11:27 ----D---- C:\WINDOWS\system32\scripting
2008-11-27 14:11:26 ----D---- C:\WINDOWS\l2schemas
2008-11-27 14:11:25 ----D---- C:\WINDOWS\system32\en
2008-11-27 14:11:25 ----D---- C:\WINDOWS\system32\bits
2008-11-27 14:03:44 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-11-27 14:03:44 ----A---- C:\WINDOWS\system32\secedit.exe
2008-11-27 14:03:44 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-11-27 14:03:43 ----A---- C:\WINDOWS\system32\bthci.dll
2008-11-27 14:03:43 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-11-27 14:03:43 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-27 14:03:43 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-27 14:03:43 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\encapi.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-11-27 14:03:42 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\mssap.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-11-27 14:03:41 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\verclsid.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\twext.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\p2p.dll
2008-11-27 14:03:40 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-11-27 14:03:39 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-11-27 14:03:35 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-11-27 14:03:35 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-27 14:03:34 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-11-27 14:03:34 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-11-27 14:03:31 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-11-27 14:03:31 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-11-27 14:03:31 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-27 14:03:30 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-11-27 14:03:30 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-11-27 14:03:30 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-11-27 14:03:30 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\logman.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\gptext.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\getmac.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\fde.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\cipher.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-11-27 14:03:29 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-11-27 14:03:28 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqise.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-11-27 14:03:27 ----A---- C:\WINDOWS\system32\mqad.dll
2008-11-27 14:03:12 ----A---- C:\WINDOWS\explorer.exe
2008-11-27 14:03:11 ----A---- C:\WINDOWS\winhlp32.exe
2008-11-27 14:03:11 ----A---- C:\WINDOWS\twain_32.dll
2008-11-27 14:03:11 ----A---- C:\WINDOWS\regedit.exe
2008-11-27 14:03:11 ----A---- C:\WINDOWS\hh.exe
2008-11-27 14:03:10 ----A---- C:\WINDOWS\system32\aclui.dll
2008-11-27 14:03:10 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-27 14:03:10 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\attrib.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\atl.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\at.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\amstream.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\alg.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\ahui.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-11-27 14:03:09 ----A---- C:\WINDOWS\system32\activeds.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\camocx.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\cabview.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\browseui.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\browser.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\browselc.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\authz.dll
2008-11-27 14:03:08 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cic.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\certcli.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-27 14:03:07 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comres.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\compstui.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\compatui.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-11-27 14:03:06 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\csrss.exe
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cscui.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cscript.exe
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\credui.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\corpol.dll
2008-11-27 14:03:05 ----A---- C:\WINDOWS\system32\conime.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\devenum.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\defrag.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\datime.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\danim.dll
2008-11-27 14:03:04 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmime.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmband.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dispex.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\dinput.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\digest.dll
2008-11-27 14:03:03 ----A---- C:\WINDOWS\system32\diantz.exe
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\drprov.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-11-27 14:03:02 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\els.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\duser.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dswave.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dssec.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dsound.dll
2008-11-27 14:03:01 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fxscomex.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fxscom.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fxsclnt.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fxsapi.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fontview.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fontext.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\findstr.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\feclient.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\exts.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\esent.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\es.dll
2008-11-27 14:03:00 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\glu32.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsxp32.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxswzrd.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsui.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxstiff.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxst30.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxssvc.exe
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsst.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsres.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsperf.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsmon.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsext32.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsevent.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxsdrv.dll
2008-11-27 14:02:59 ----A---- C:\WINDOWS\system32\fxscover.exe
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\icmp.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\icm32.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\htui.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hlink.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hid.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\help.exe
2008-11-27 14:02:58 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\input.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\initpki.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\imm32.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\imapi.exe
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-11-27 14:02:57 ----A---- C:\WINDOWS\system32\idq.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\jgpl400.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\jgdw400.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\itss.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\itircl.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-11-27 14:02:56 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\logonui.exe
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\localui.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\localsec.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\licdll.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-11-27 14:02:55 ----A---- C:\WINDOWS\system32\jscript.dll
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\makecab.exe
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\magnify.exe
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\lsass.exe
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-11-27 14:02:54 ----A---- C:\WINDOWS\system32\lpk.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-11-27 14:02:53 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-11-27 14:02:52 ----A---- C:\WINDOWS\system32\mmc.exe
2008-11-27 14:02:52 ----A---- C:\WINDOWS\system32\mlang.dll
2008-11-27 14:02:52 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-11-27 14:02:52 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-11-27 14:02:52 ----A---- C:\WINDOWS\system32\midimap.dll
2008-11-27 14:02:51 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-27 14:02:51 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-11-27 14:02:51 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-11-27 14:02:51 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\moricons.dll
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\more.com
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\modemui.dll
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-27 14:02:50 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-27 14:02:49 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-11-27 14:02:49 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-11-27 14:02:49 ----A---- C:\WINDOWS\system32\mpr.dll
2008-11-27 14:02:49 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-27 14:02:49 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2008-11-27 14:02:48 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-11-27 14:02:48 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-11-27 14:02:48 ----A---- C:\WINDOWS\system32\msafd.dll
2008-11-27 14:02:48 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-11-27 14:02:47 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-11-27 14:02:47 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-27 14:02:47 ----A---- C:\WINDOWS\system32\mscms.dll
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\msdart.dll
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\msctf.dll
2008-11-27 14:02:46 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msidle.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msident.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msi.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msgina.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-27 14:02:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msisip.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msimsg.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-11-27 14:02:44 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\msutb.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-11-27 14:02:43 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\net1.exe
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\net.exe
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\narrator.exe
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-11-27 14:02:42 ----A---- C:\WINDOWS\system32\msxml.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netui1.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netui0.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netstat.exe
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netshell.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netsh.exe
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netrap.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netman.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netid.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netdde.exe
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-11-27 14:02:41 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\oakley.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\npptools.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\notepad.exe
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\system32\newdev.dll
2008-11-27 14:02:40 ----A---- C:\WINDOWS\notepad.exe
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\ole32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-11-27 14:02:39 ----A---- C:\WINDOWS\system32\objsel.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\polstore.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\ping.exe
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\pid.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\perfos.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\pdh.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\packager.exe
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\osk.exe
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-11-27 14:02:38 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\raschap.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\query.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\quartz.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qedit.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qdv.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\qcap.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\psbase.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\psapi.dll
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\proquota.exe
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\progman.exe
2008-11-27 14:02:37 ----A---- C:\WINDOWS\system32\profmap.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\riched20.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rexec.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\resutils.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\regapi.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\reg.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rcp.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rastls.dll
2008-11-27 14:02:36 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sens.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\security.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\secur32.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\scecli.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\runonce.exe
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-11-27 14:02:35 ----A---- C:\WINDOWS\system32\rsh.exe
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\sfc.dll
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\setup.exe
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\sethc.exe
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-27 14:02:34 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shgina.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shell32.dll
2008-11-27 14:02:33 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\sort.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\skeys.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-11-27 14:02:32 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\sti.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-27 14:02:31 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\telnet.exe
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\syncui.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\synceng.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\sxs.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\svchost.exe
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\stobject.dll
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\stimon.exe
2008-11-27 14:02:30 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\usp10.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\userenv.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\user32.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\ups.exe
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\upnp.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\txflog.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\tree.com
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\tracert.exe
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\themeui.dll
2008-11-27 14:02:29 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wextract.exe
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\webvw.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\w32time.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\version.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\verifier.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-11-27 14:02:28 ----A---- C:\WINDOWS\system32\utilman.exe
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wmi.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winver.exe
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winsta.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winscard.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winmm.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-11-27 14:02:27 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wship6.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wshext.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wscript.exe
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-11-27 14:02:26 ----A---- C:\WINDOWS\system32\wow32.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003512_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003511_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003510_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003509_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003506_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003505_.tmp.dll
2008-11-27 14:02:25 ----N---- C:\WINDOWS\system32\_003504_.tmp.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\ftp.exe
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\format.com
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\cmd.exe
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\cacls.exe
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\autochk.exe
2008-11-27 14:02:25 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003503_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003502_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003500_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003497_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003495_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003494_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003490_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003489_.tmp.dll
2008-11-27 14:02:24 ----N---- C:\WINDOWS\system32\_003486_.tmp.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\printui.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\locator.exe
2008-11-27 14:02:24 ----A---- C:\WINDOWS\system32\localspl.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003484_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003483_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003482_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003480_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003479_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003476_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003475_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003473_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003472_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003471_.tmp.dll
2008-11-27 14:02:23 ----N---- C:\WINDOWS\system32\_003470_.tmp.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\smss.exe
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\services.exe
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\schannel.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\savedump.exe
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\samlib.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\rasman.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-11-27 14:02:23 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-11-27 14:02:22 ----N---- C:\WINDOWS\system32\_003463_.tmp.dll
2008-11-27 14:02:22 ----N---- C:\WINDOWS\system32\_003462_.tmp.dll
2008-11-27 14:02:22 ----N---- C:\WINDOWS\system32\_003461_.tmp.dll
2008-11-27 14:02:22 ----N---- C:\WINDOWS\system32\_003460_.tmp.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\userinit.exe
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\untfs.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\ulib.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-11-27 14:02:22 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-11-27 14:02:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-11-27 14:02:17 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-11-27 14:02:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-11-27 13:29:16 ----D---- C:\WINDOWS\ie7updates
2008-11-27 13:28:54 ----D---- C:\WINDOWS\WBEM
2008-11-27 13:28:53 ----D---- C:\WINDOWS\system32\en-US
2008-11-27 13:28:36 ----HDC---- C:\WINDOWS\ie7
2008-11-27 13:28:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-27 13:27:51 ----D---- C:\ebe7ec1642308c5c675c2a2a
2008-11-27 13:27:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-27 13:27:07 ----D---- C:\dd970aff94af54940d1dcf2745f4
2008-11-27 13:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-27 13:26:49 ----D---- C:\WINDOWS\network diagnostic
2008-11-27 13:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-27 13:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-27 13:26:31 ----A---- C:\WINDOWS\system32\SET15.tmp
2008-11-26 20:12:20 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-25 22:59:33 ----D---- C:\Documents and Settings\Gary\Application Data\Malwarebytes
2008-11-25 22:59:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-25 22:59:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 21:41:37 ----D---- C:\WINDOWS\McAfee.com
2008-11-25 13:40:22 ----SH---- C:\WINDOWS\system32\lisuhufu.exe
2008-11-13 03:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-13 03:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

======List of files/folders modified in the last 1 months======

2008-11-30 23:19:17 ----D---- C:\WINDOWS\Temp
2008-11-30 23:09:39 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2008-11-30 06:45:03 ----D---- C:\WINDOWS\system32
2008-11-29 12:05:20 ----ASH---- C:\WINDOWS\system32\gitalobo.dll
2008-11-29 12:05:19 ----ASH---- C:\WINDOWS\system32\puhafewu.dll
2008-11-29 10:39:42 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-29 10:38:59 ----D---- C:\WINDOWS\Registration
2008-11-29 10:38:23 ----D---- C:\WINDOWS
2008-11-29 10:37:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-29 02:20:37 ----D---- C:\Program Files
2008-11-29 02:09:21 ----SHD---- C:\WINDOWS\Installer
2008-11-29 02:08:44 ----D---- C:\WINDOWS\system32\drivers
2008-11-29 02:07:17 ----D---- C:\Program Files\Common Files
2008-11-29 01:35:03 ----HD---- C:\WINDOWS\inf
2008-11-29 01:35:02 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-29 01:32:04 ----D---- C:\Program Files\McAfee
2008-11-28 23:19:57 ----D---- C:\Program Files\McAfee.com
2008-11-28 23:19:57 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-11-28 23:19:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-11-28 23:15:25 ----SD---- C:\WINDOWS\Tasks
2008-11-28 22:16:18 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-28 22:16:16 ----RSD---- C:\WINDOWS\assembly
2008-11-28 22:05:14 ----D---- C:\WINDOWS\system32\dllcache
2008-11-28 22:03:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-28 22:03:52 ----D---- C:\WINDOWS\WinSxS
2008-11-28 22:03:25 ----D---- C:\Program Files\Internet Explorer
2008-11-28 22:01:52 ----A---- C:\WINDOWS\imsins.BAK
2008-11-28 21:53:43 ----RASH---- C:\boot.ini
2008-11-28 21:53:43 ----A---- C:\WINDOWS\win.ini
2008-11-28 21:53:43 ----A---- C:\WINDOWS\system.ini
2008-11-28 21:53:06 ----D---- C:\Program Files\MSN Messenger
2008-11-28 21:51:49 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-28 21:51:31 ----A---- C:\WINDOWS\setuplog.txt
2008-11-28 21:50:17 ----D---- C:\WINDOWS\system32\wbem
2008-11-28 21:50:17 ----D---- C:\WINDOWS\system32\Setup
2008-11-28 21:50:17 ----D---- C:\WINDOWS\ime
2008-11-28 21:50:17 ----D---- C:\WINDOWS\AppPatch
2008-11-28 21:50:17 ----D---- C:\Program Files\Messenger
2008-11-28 21:50:16 ----RSD---- C:\WINDOWS\Fonts
2008-11-28 21:42:08 ----D---- C:\WINDOWS\security
2008-11-28 21:38:48 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-28 21:38:47 ----D---- C:\WINDOWS\Help
2008-11-28 21:38:32 ----D---- C:\WINDOWS\system32\usmt
2008-11-28 21:38:29 ----D---- C:\WINDOWS\PeerNet
2008-11-28 21:38:29 ----D---- C:\Program Files\Movie Maker
2008-11-28 21:34:46 ----D---- C:\WINDOWS\system32\Restore
2008-11-28 21:34:46 ----D---- C:\WINDOWS\system32\npp
2008-11-28 21:34:45 ----D---- C:\WINDOWS\mui
2008-11-28 21:34:44 ----D---- C:\WINDOWS\msagent
2008-11-28 21:34:43 ----D---- C:\WINDOWS\srchasst
2008-11-28 21:34:42 ----D---- C:\Program Files\NetMeeting
2008-11-28 21:34:40 ----D---- C:\WINDOWS\system32\Com
2008-11-28 21:34:37 ----D---- C:\Program Files\Windows NT
2008-11-28 21:34:37 ----D---- C:\Program Files\Outlook Express
2008-11-28 21:34:33 ----D---- C:\Program Files\Common Files\System
2008-11-28 21:34:19 ----D---- C:\WINDOWS\system32\oobe
2008-11-28 21:34:17 ----D---- C:\WINDOWS\system
2008-11-28 21:31:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-28 21:28:40 ----D---- C:\WINDOWS\ehome
2008-11-28 21:06:33 ----D---- C:\Program Files\Microsoft Silverlight
2008-11-28 18:03:52 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-28 18:03:50 ----HD---- C:\Documents and Settings\Gary\Application Data\Gtek
2008-11-28 17:53:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-27 21:04:12 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-27 13:29:01 ----D---- C:\WINDOWS\system32\config
2008-11-27 13:28:50 ----D---- C:\WINDOWS\Media
2008-11-27 12:46:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-27 11:44:42 ----D---- C:\WINDOWS\pss
2008-11-26 21:18:31 ----SHD---- C:\System Volume Information
2008-11-24 23:12:30 ----D---- C:\Documents and Settings\Gary\Application Data\McAfee.com Personal Firewall
2008-11-24 23:10:07 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
2008-11-11 08:56:35 ----A---- C:\WINDOWS\IE4 Error Log.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFIREWL;MPFIREWL; C:\WINDOWS\System32\Drivers\MpFirewall.sys [2005-11-11 80640]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 V2IMount;V2IMount; C:\WINDOWS\system32\drivers\V2IMount.sys [2005-08-16 56200]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-18 20747]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-08-24 8552]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-02-10 1107224]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2006-10-13 1966384]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SDDMI2;SDDMI2; \??\C:\WINDOWS\system32\DDMI2.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-09-09 102400]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2004-04-07 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2004-12-13 198256]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2004-12-13 165488]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2005-08-16 53248]
R2 IAANTMon;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [2005-06-17 86140]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MpfService;McAfee Personal Firewall Service; C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe [2005-11-11 548864]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2005-08-16 2061928]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2006-08-24 822424]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 MskService;McAfee SpamKiller Server; C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe [2005-07-12 963072]
S2 WUSB54GCSVC;WUSB54GCSVC; C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [2005-07-04 53307]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2004-12-13 79472]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-06 138168]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]

-----------------EOF-----------------

by **VgRt6** » December 1st, 2008, 12:27 am

Contents of INFO ...

info.txt logfile of random's system information tool 1.04 2008-11-30 23:19:52

======Uninstall list======

-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
-->c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mpf /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpfrem.ui::uninstall.htm
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{3B55590C-8A9B-4BD6-B489-744B63026A2A}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->MsiExec.exe /I{C98E5F1B-5C2B-4FD1-BDF9-F3779DCAAA16}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Acrobat 6.0 Standard-->MsiExec.exe /I{AC76BA86-1033-0000-BA7E-000000000001}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Photoshop Elements 4.0-->msiexec /I {EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
America Online (Choose which version to remove)-->C:\Program Files\Common Files\aolshare\Aolunins_us.exe
AOL Coach Version 1.0(Build:20040229.1 en)-->C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Connectivity Services-->C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
AOLIcon-->MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Bentley Publishers - eBahn®-->C:\PROGRA~1\eBahn C:\Program Files\eBahn\eBahn\install.log
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Compact Wireless-G USB Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}\setup.exe" -l0x9
Conexant D850 56K V.9x DFVc Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Corel Photo Album 6-->MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell DataSafe-->MsiExec.exe /X{C89588E4-A151-489E-A393-066E503FC549}
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console-->"C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal-->MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Documentation & Support Launcher-->MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EarthLink setup files-->MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}
eBahn - Volkswagen Passat: 1998-2005-->"C:\WINDOWS\eBahn\VW B5\uninstall.exe" "/U:C:\Program Files\eBahn\Uninstall\VW B5\uninstall.xml"
EducateU-->MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon-->MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
Games, Music, & Photos Launcher-->MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
Get High Speed Internet!-->MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar5.dll"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel Matrix Storage Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\setup.exe" -l0409 -INTELUNINST
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet for Wired Connections-->MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher-->MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jesterware DVD to iPod-->"C:\Documents and Settings\All Users\Application Data\{7B21C8EB-B6D2-4C65-AD88-60E95EFE928C}\dvdriptoipod-full.exe" REMOVE=TRUE MODIFY=FALSE
Jesterware DVD to iPod-->C:\Documents and Settings\All Users\Application Data\{7B21C8EB-B6D2-4C65-AD88-60E95EFE928C}\dvdriptoipod-full.exe
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSETUP.EXE /REMOVE
LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
McAfee Uninstaller-->C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Internet Explorer 5 Web Accessories-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\IE5WA.inf, Uninstall
Microsoft LifeCam-->MsiExec.exe /X{8CFC7570-DD90-486E-A239-E31D455BDE93}
Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
NetZeroInstallers-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Norton Ghost 10.0-->MsiExec.exe /X{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Search Assist-->MsiExec.exe /X{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WebCyberCoach 3.2 Dell-->"C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

=====HijackThis Backups=====

O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s
O4 - HKLM\..\Run: [dovimosuku] Rundll32.exe "C:\WINDOWS\system32\hobovoro.dll",s

======Security center information======

AV: McAfee VirusScan

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------

by **mz30** » December 1st, 2008, 5:00 pm

Backup Your Registry with ERUNT

Please use the following link to download ERUNT
Use the setup program to install ERUNT on your computer

Click Erunt.exe to backup your registry to the folder of your choice.

Download and Run OTMoveIt3

Download OTMoveIt3 by Old Timer and save it to your Desktop.

Double-click OTMoveIt3.exe. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
Copy the lines in the codebox below.

Code: Select all

:files
C:\WINDOWS\system32\hobovoro.dll
C:\WINDOWS\system32\puhafewu.dll
c:\windows\system32\gitalobo.dll
C:\WINDOWS\system32\jevomomi.dll

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3c85dca-ca1d-4413-838f-25dd4266f58e}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dovimosuku"=-
"70ffad67"=-
"CPM73cc9efb"=-
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa] 
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}=-

Return to OTMoveIt3, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar), and paste it in your next reply.
Close OTMoveIt3

Please also post a fresh hijack this log taken after the above instructions.

by **VgRt6** » December 3rd, 2008, 7:25 pm

Thanks again for the reply. Unfortunately, I was sent out of town and won't have access to my computer until 12/14. If possible, I'd like to continue this then. Can I PM you when I have access to my computer again. I apologize for the hassle.

Gary

by **mz30** » December 10th, 2008, 11:36 am

Please follow the instructions above when you return.

by **NonSuch** » December 20th, 2008, 1:34 am

Due to lack of activity, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.

Free Malware Removal Forum

It all started with Antivirus 2009

It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Re: It all started with Antivirus 2009

Who is online