think i may have a very bad virus

Unknown

I am not 100% sure if it is a virus or not but something is terribly wrong with it. I have reformatted the computer 3 times and it is still giving me tons of problems. The situations : (sorry for the wall of text)

When i first reformatted it, it would go to a blue screen of death and the error said "bad_config_file" or something to that effect. I completely formatted the hard drive (it had a recovery partition on it), and then reinstalled windows xp. That got rid of that problem, but now whenever i try to install something, and i mean anything, it doesnt install.

Then I got the "One of the files in your registry database had to be recovered by the use of a log or alternate copy, the recovery was successful". Even after reformatting I get it. I am scared that I have a virus on the memory or on some other hardware on the motherboard. I have tried installing windows sp2 and when it is extracting the files, the computer reboots.

Also once i start up Internet explorer it sometimes crashes to the desktop and prompts the "Send error report", and when i do it sends it but doesnt do anything after it (usually with IE it takes me to the microsoft help page with something that caused it).

Also on another unrelated problem, I have a home network, and just recently my internet drops every couple minutes for a couple seconds. For instance, when im trying to play a game online, it will disconnect me. I checked it out and every couple minutes in the tray the "network cable unplugged" message pops up and then dissappears. This happens on my other computer too. That may be related to this situation, so thats why I put it on here.

ps: I tried to download the Hijack This program, but once again I can't install it. I have tried to get into safe mode but it wont give me the option to go into safe mode. Is there a way to do it when you are in windows?

If anyone can help with this, it would be greatly appreciated.

Katana

Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

1. Please Read All Instructions Carefully
2. If you don't understand something, stop and ask! Don't keep going on.
3. Please do not run any other tools or scans whilst I am helping you
4. Failure to reply within 5 days will result in the topic being closed.
5. Please continue to respond until I give you the "All Clear"
   (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

---

I have tried to get into safe mode but it wont give me the option to go into safe mode.

What options does it give you ?



Download and Run RSIT

• Please download Random's System Information Tool by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open:
  
  • log.txt will be opened maximized.
  • info.txt will be opened minimized.
• Please post the contents of both log.txt and info.txt.

aareaux

So do you want me to copy and paste the text in the files or just upload the actual files? I uploaded them just incase, because they are both kind of lengthy and would take up alot of space.

Katana wrote:

What options does it give you ?

The only thing it allows me to do is start windows normally. It doesnt even give me options to chose.

aareaux

info.txt logfile of random's system information tool 1.06 2009-07-18 17:34:54
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914906)-->"C:\WINDOWS\$NtUninstallKB914906$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Security Update for Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
======System event log======
Computer Name: VERONICA
Event Code: 58
Message: Syntax error in manifest or policy file "C:\cabs\D20067-001-001\Bin\Microsoft.VC80.MFCLOC.MANIFEST" on line 5.
Record Number: 26
Source Name: SideBySide
Time Written: 20090718015751.000000-240
Event Type: error
User:
Computer Name: VERONICA
Event Code: 34
Message: Component identity found in manifest does not match the identity of the component requested
Record Number: 25
Source Name: SideBySide
Time Written: 20090718015751.000000-240
Event Type: error
User:
Computer Name: VERONICA
Event Code: 59
Message: Generate Activation Context failed for C:\cabs\D20067-001-001\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
Record Number: 24
Source Name: SideBySide
Time Written: 20090718015750.000000-240
Event Type: error
User:
Computer Name: VERONICA
Event Code: 58
Message: Syntax error in manifest or policy file "C:\cabs\D20067-001-001\Microsoft.VC80.MFCLOC.MANIFEST" on line 5.
Record Number: 23
Source Name: SideBySide
Time Written: 20090718015750.000000-240
Event Type: error
User:
Computer Name: VERONICA
Event Code: 34
Message: Component identity found in manifest does not match the identity of the component requested
Record Number: 22
Source Name: SideBySide
Time Written: 20090718015750.000000-240
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

---

EOF

---

aareaux

Logfile of random's system information tool 1.06 (written by random/random)
Run by V at 2009-07-18 17:34:41
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 71 GB (93%) free of 76 GB
Total RAM: 1406 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:34:50 PM, on 7/18/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\V\Desktop\RSIT.exe
C:\Program Files\trend micro\V.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 1202 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-07-18 17:34:41 ----D---- C:\rsit
2009-07-18 17:34:41 ----D---- C:\Program Files\trend micro
2009-07-18 11:02:29 ----D---- C:\WINDOWS\Minidump
2009-07-18 11:01:36 ----D---- C:\5a8e91fd052e2d79b2f63d
2009-07-18 06:53:06 ----SHD---- C:\RECYCLER
2009-07-18 06:47:31 ----SHD---- C:\System Volume Information
2009-07-18 06:40:40 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2009-07-18 06:40:37 ----A---- C:\WINDOWS\system32\wowfax.dll
2009-07-18 06:40:31 ----A---- C:\WINDOWS\system32\usrvpa.dll
2009-07-18 06:40:28 ----A---- C:\WINDOWS\system32\usrvoica.dll
2009-07-18 06:40:25 ----A---- C:\WINDOWS\system32\usrv80a.dll
2009-07-18 06:40:22 ----A---- C:\WINDOWS\system32\usrv42a.dll
2009-07-18 06:40:18 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2009-07-18 06:40:15 ----A---- C:\WINDOWS\system32\usrshuta.exe
2009-07-18 06:40:12 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2009-07-18 06:40:09 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2009-07-18 06:40:06 ----A---- C:\WINDOWS\system32\usrprbda.exe
2009-07-18 06:40:03 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2009-07-18 06:40:00 ----A---- C:\WINDOWS\system32\usrlbva.dll
2009-07-18 06:39:57 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2009-07-18 06:39:54 ----A---- C:\WINDOWS\system32\usrdtea.dll
2009-07-18 06:39:51 ----A---- C:\WINDOWS\system32\usrdpa.dll
2009-07-18 06:39:48 ----A---- C:\WINDOWS\system32\usrcoina.dll
2009-07-18 06:39:45 ----A---- C:\WINDOWS\system32\usrcntra.dll
2009-07-18 06:39:45 ----A---- C:\WINDOWS\system32\usbui.dll
2009-07-18 06:39:41 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2009-07-18 06:39:38 ----A---- C:\WINDOWS\system32\streamci.dll
2009-07-18 06:39:38 ----A---- C:\WINDOWS\system32\storprop.dll
2009-07-18 06:39:35 ----A---- C:\WINDOWS\system32\sprio800.dll
2009-07-18 06:39:32 ----A---- C:\WINDOWS\system32\sprio600.dll
2009-07-18 06:39:27 ----A---- C:\WINDOWS\system32\spnike.dll
2009-07-18 06:39:24 ----A---- C:\WINDOWS\system32\pjlmon.dll
2009-07-18 06:39:24 ----A---- C:\WINDOWS\system32\pid.dll
2009-07-18 06:39:21 ----A---- C:\WINDOWS\system32\paqsp.dll
2009-07-18 06:39:17 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-07-18 06:39:12 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2009-07-18 06:39:10 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2009-07-18 06:39:08 ----A---- C:\WINDOWS\system32\hid.dll
2009-07-18 06:39:07 ----A---- C:\WINDOWS\system32\dvdplay.exe
2009-07-18 06:38:26 ----A---- C:\WINDOWS\system32\dmutil.dll
2009-07-18 06:38:24 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2009-07-18 06:37:32 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-07-18 06:37:29 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-07-18 06:37:29 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2009-07-18 06:37:29 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-07-18 06:37:28 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2009-07-18 06:37:28 ----A---- C:\WINDOWS\system32\xmlprov.dll
2009-07-18 06:37:28 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-07-18 06:37:28 ----A---- C:\WINDOWS\system32\xcopy.exe
2009-07-18 06:37:28 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wups.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-07-18 06:37:27 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wsock32.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\WshRm.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wship6.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshext.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshcon.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshbth.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wscript.exe
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wscntfy.exe
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\ws2help.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\ws2_32.dll
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\write.exe
2009-07-18 06:37:26 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2009-07-18 06:37:25 ----A---- C:\WINDOWS\system32\wpabaln.exe
2009-07-18 06:37:25 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-07-18 06:37:25 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-07-18 06:37:25 ----A---- C:\WINDOWS\system32\wow32.dll
2009-07-18 06:37:23 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-07-18 06:37:22 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-07-18 06:37:15 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-07-18 06:37:14 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-07-18 06:37:14 ----A---- C:\WINDOWS\system32\wmi.dll
2009-07-18 06:37:14 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\winver.exe
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-07-18 06:37:13 ----A---- C:\WINDOWS\system32\winsta.dll
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winspool.exe
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winsock.dll
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winshfhc.dll
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winscard.dll
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winrnr.dll
2009-07-18 06:37:12 ----A---- C:\WINDOWS\system32\winntbbu.dll
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winnls.dll
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winmm.dll
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winmine.exe
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winlogon.exe
2009-07-18 06:37:08 ----A---- C:\WINDOWS\system32\winipsec.dll
2009-07-18 06:37:07 ----A---- C:\WINDOWS\winhlp32.exe
2009-07-18 06:37:07 ----A---- C:\WINDOWS\winhelp.exe
2009-07-18 06:37:07 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-07-18 06:37:07 ----A---- C:\WINDOWS\system32\winhlp32.exe
2009-07-18 06:37:07 ----A---- C:\WINDOWS\system32\winfax.dll
2009-07-18 06:37:06 ----A---- C:\WINDOWS\system32\winchat.exe
2009-07-18 06:37:05 ----A---- C:\WINDOWS\system32\winbrand.dll
2009-07-18 06:37:05 ----A---- C:\WINDOWS\system32\win87em.dll
2009-07-18 06:37:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\win.com
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiavideo.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiashext.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiascr.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiadefui.dll
2009-07-18 06:37:04 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2009-07-18 06:37:03 ----A---- C:\WINDOWS\system32\wextract.exe
2009-07-18 06:37:03 ----A---- C:\WINDOWS\system32\webvw.dll
2009-07-18 06:37:03 ----A---- C:\WINDOWS\system32\webhits.dll
2009-07-18 06:37:02 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-07-18 06:37:02 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-07-18 06:36:57 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\vmmreg32.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\w3ssl.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\w32time.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\vssvc.exe
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-07-18 06:36:56 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\vga256.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\vga.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\version.dll
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\verifier.exe
2009-07-18 06:36:55 ----A---- C:\WINDOWS\system32\verifier.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\ver.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\vbajet32.dll
2009-07-18 06:36:54 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-07-18 06:36:53 ----A---- C:\WINDOWS\system32\utilman.exe
2009-07-18 06:36:53 ----A---- C:\WINDOWS\system32\utildll.dll
2009-07-18 06:36:53 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-07-18 06:36:53 ----A---- C:\WINDOWS\system32\usp10.dll
2009-07-18 06:36:53 ----A---- C:\WINDOWS\system32\userinit.exe
2009-07-18 06:36:52 ----A---- C:\WINDOWS\system32\userenv.dll
2009-07-18 06:36:52 ----A---- C:\WINDOWS\system32\user.exe
2009-07-18 06:36:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2009-07-18 06:36:52 ----A---- C:\WINDOWS\system32\url.dll
2009-07-18 06:36:52 ----A---- C:\WINDOWS\system32\ureg.dll
2009-07-18 06:36:51 ----A---- C:\WINDOWS\system32\ups.exe
2009-07-18 06:36:51 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-07-18 06:36:51 ----A---- C:\WINDOWS\system32\upnphost.dll
2009-07-18 06:36:51 ----A---- C:\WINDOWS\system32\upnpcont.exe
2009-07-18 06:36:51 ----A---- C:\WINDOWS\system32\upnp.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\untfs.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\uniplat.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\unimdmat.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-07-18 06:36:50 ----A---- C:\WINDOWS\system32\ulib.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\twunk_32.exe
2009-07-18 06:36:49 ----A---- C:\WINDOWS\twunk_16.exe
2009-07-18 06:36:49 ----A---- C:\WINDOWS\twain_32.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\twain.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\system32\ufat.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\system32\typelib.dll
2009-07-18 06:36:49 ----A---- C:\WINDOWS\system32\twext.dll
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tskill.exe
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tsddd.dll
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tscon.exe
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-07-18 06:36:48 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-07-18 06:36:47 ----A---- C:\WINDOWS\system32\tree.com
2009-07-18 06:36:47 ----A---- C:\WINDOWS\system32\traffic.dll
2009-07-18 06:36:47 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-07-18 06:36:47 ----A---- C:\WINDOWS\system32\tracert.exe
2009-07-18 06:36:47 ----A---- C:\WINDOWS\system32\tourstart.exe
2009-07-18 06:36:44 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tftp.exe
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\termmgr.dll
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tcpmon.ini
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-07-18 06:36:40 ----A---- C:\WINDOWS\system32\tcpmib.dll
2009-07-18 06:36:39 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\taskman.exe
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tapi3.dll
2009-07-18 06:36:39 ----A---- C:\WINDOWS\system32\tapi.dll
2009-07-18 06:36:38 ----A---- C:\WINDOWS\system32\systray.exe
2009-07-18 06:36:38 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-07-18 06:36:37 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2009-07-18 06:36:37 ----A---- C:\WINDOWS\system32\syskey.exe
2009-07-18 06:36:37 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-07-18 06:36:36 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-07-18 06:36:36 ----A---- C:\WINDOWS\system32\syncui.dll
2009-07-18 06:36:36 ----A---- C:\WINDOWS\system32\synceng.dll
2009-07-18 06:36:36 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\sxs.dll
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\swprv.dll
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\svchost.exe
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\subst.exe
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-07-18 06:36:35 ----A---- C:\WINDOWS\system32\storage.dll
2009-07-18 06:36:34 ----A---- C:\WINDOWS\system32\stobject.dll
2009-07-18 06:36:34 ----A---- C:\WINDOWS\system32\stimon.exe
2009-07-18 06:36:34 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-07-18 06:36:34 ----A---- C:\WINDOWS\system32\sti.dll
2009-07-18 06:36:34 ----A---- C:\WINDOWS\system32\stclient.dll
2009-07-18 06:36:33 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2009-07-18 06:36:33 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-07-18 06:36:32 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-07-18 06:36:32 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-07-18 06:36:32 ----A---- C:\WINDOWS\system32\srclient.dll
2009-07-18 06:36:31 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-07-18 06:36:31 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-07-18 06:36:31 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2009-07-18 06:36:31 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-07-18 06:36:30 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-07-18 06:36:30 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-07-18 06:36:30 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-07-18 06:36:30 ----A---- C:\WINDOWS\system32\spnpinst.exe
2009-07-18 06:36:29 ----A---- C:\WINDOWS\system32\spider.exe
2009-07-18 06:36:27 ----A---- C:\WINDOWS\system32\sort.exe
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\sol.exe
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\softpub.dll
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-07-18 06:36:26 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-07-18 06:36:25 ----A---- C:\WINDOWS\system32\smss.exe
2009-07-18 06:36:25 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-07-18 06:36:25 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-07-18 06:36:25 ----A---- C:\WINDOWS\system32\smbinst.exe
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\slbiop.dll
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\slbcsp.dll
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\skeys.exe
2009-07-18 06:36:24 ----A---- C:\WINDOWS\system32\skdll.dll
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\sisbkup.dll
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\shutdown.exe
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\shsvcs.dll
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\shscrap.dll
2009-07-18 06:36:23 ----A---- C:\WINDOWS\system32\shrpubw.exe
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shmedia.dll
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shgina.dll
2009-07-18 06:36:22 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-07-18 06:36:20 ----A---- C:\WINDOWS\system32\shell.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\shdoclc.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\share.exe
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\shadow.exe
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\sfmapi.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\sfc.exe
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\sfc.dll
2009-07-18 06:36:19 ----A---- C:\WINDOWS\system32\setver.exe
2009-07-18 06:36:18 ----A---- C:\WINDOWS\system32\setupdll.dll
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\setup.exe
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\sethc.exe
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\services.msc
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\services.exe
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-07-18 06:36:17 ----A---- C:\WINDOWS\system32\serialui.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\senscfg.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sens.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sendmail.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\security.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\secur32.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\seclogon.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sdpblb.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\scrrun.dll
2009-07-18 06:36:16 ----A---- C:\WINDOWS\system32\scrobj.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scredir.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\schannel.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scecli.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scardssp.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\scarddlg.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sc.exe
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sbeio.dll
2009-07-18 06:36:15 ----A---- C:\WINDOWS\system32\sbe.dll
2009-07-18 06:36:14 ----A---- C:\WINDOWS\system32\savedump.exe
2009-07-18 06:36:14 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-07-18 06:36:13 ----A---- C:\WINDOWS\system32\samlib.dll
2009-07-18 06:36:12 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-07-18 06:36:12 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-07-18 06:36:12 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-07-18 06:36:12 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\runonce.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rundll32.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\runas.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rtutils.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rtm.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rtcshare.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsvp.ini
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsvp.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsmui.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsmsink.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsmps.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsm.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsh.exe
2009-07-18 06:36:11 ----A---- C:\WINDOWS\system32\rsaenh.dll
2009-07-18 06:36:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-07-18 06:36:10 ----A---- C:\WINDOWS\system32\rpcns4.dll
2009-07-18 06:36:09 ----A---- C:\WINDOWS\system32\routetab.dll
2009-07-18 06:36:09 ----A---- C:\WINDOWS\system32\routemon.exe
2009-07-18 06:36:09 ----A---- C:\WINDOWS\system32\route.exe
2009-07-18 06:36:09 ----A---- C:\WINDOWS\system32\rnr20.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\riched32.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\riched20.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\rexec.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\resutils.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\reset.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\replace.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\rend.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regwizc.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regwiz.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regsvr32.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regsvc.dll
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regini.exe
2009-07-18 06:36:08 ----A---- C:\WINDOWS\system32\regedt32.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\regapi.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\reg.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\redir.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\recover.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rcp.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\system32\rcimlby.exe
2009-07-18 06:36:07 ----A---- C:\WINDOWS\regedit.exe
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rastls.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasser.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rassapi.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasrad.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasppp.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasphone.exe
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasmxs.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasmontr.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasman.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasdial.exe
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasctrs.ini
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasctrs.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\raschap.dll
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasautou.exe
2009-07-18 06:36:06 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-07-18 06:36:05 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-07-18 06:36:05 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2009-07-18 06:36:05 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-07-18 06:36:05 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-07-18 06:36:04 ----A---- C:\WINDOWS\system32\query.dll
2009-07-18 06:36:04 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-07-18 06:36:04 ----A---- C:\WINDOWS\system32\qosname.dll
2009-07-18 06:36:04 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-07-18 06:36:04 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qedit.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qdv.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qcap.dll
2009-07-18 06:36:02 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\pubprn.vbs
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\pstorec.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\psnppagn.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\pschdprf.ini
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\pschdprf.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\psbase.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\psapi.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\proxycfg.exe
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\proquota.exe
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\progman.exe
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\profmap.dll
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\prodspec.ini
2009-07-18 06:36:01 ----A---- C:\WINDOWS\system32\printui.dll
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\print.exe
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\powrprof.dll
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\powercfg.exe
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\polstore.dll
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2009-07-18 06:36:00 ----A---- C:\WINDOWS\system32\pmspl.dll
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\plustab.dll
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\ping6.exe
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\ping.exe
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\pifmgr.dll
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\pidgen.dll
2009-07-18 06:35:59 ----A---- C:\WINDOWS\system32\photowiz.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfwci.ini
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfts.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfproc.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfos.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfnet.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfmon.msc
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfmon.exe
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perffilt.ini
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfdisk.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-07-18 06:35:48 ----A---- C:\WINDOWS\system32\perfci.ini
2009-07-18 06:35:47 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-07-18 06:35:46 ----A---- C:\WINDOWS\system32\pdh.dll
2009-07-18 06:35:44 ----A---- C:\WINDOWS\system32\pautoenr.dll
2009-07-18 06:35:44 ----A---- C:\WINDOWS\system32\pathping.exe
2009-07-18 06:35:44 ----A---- C:\WINDOWS\system32\panmap.dll
2009-07-18 06:35:43 ----A---- C:\WINDOWS\system32\packager.exe
2009-07-18 06:35:43 ----A---- C:\WINDOWS\system32\p2psvc.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\p2p.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\osuninst.dll
2009-07-18 06:35:42 ----A---- C:\WINDOWS\system32\osk.exe
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\opengl32.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\olethk32.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\olesvr32.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\olesvr.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\olepro32.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\oleprn.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\oledlg.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\olecli.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-07-18 06:35:41 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2009-07-18 06:35:40 ----A---- C:\WINDOWS\system32\oleacc.dll
2009-07-18 06:35:40 ----A---- C:\WINDOWS\system32\ole2nls.dll
2009-07-18 06:35:40 ----A---- C:\WINDOWS\system32\ole2disp.dll
2009-07-18 06:35:40 ----A---- C:\WINDOWS\system32\ole2.dll
2009-07-18 06:35:40 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-07-18 06:35:28 ----A---- C:\WINDOWS\system32\odtext32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odpdx32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odfox32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odexl32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\oddbse32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbctrac.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcji32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcint.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbccu32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbccr32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcconf.exe
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcconf.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbcad32.exe
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\ocmanage.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-18 06:35:27 ----A---- C:\WINDOWS\system32\objsel.dll
2009-07-18 06:35:26 ----A---- C:\WINDOWS\system32\oakley.dll
2009-07-18 06:35:26 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-07-18 06:35:25 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2009-07-18 06:35:25 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-07-18 06:35:25 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-07-18 06:35:25 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2009-07-18 06:35:24 ----A---- C:\WINDOWS\system32\ntsd.exe
2009-07-18 06:35:23 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntmarta.dll
2009-07-18 06:35:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-07-18 06:35:20 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2009-07-18 06:35:20 ----A---- C:\WINDOWS\system32\ntlanui.dll
2009-07-18 06:35:20 ----A---- C:\WINDOWS\system32\ntlanman.dll
2009-07-18 06:35:18 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2009-07-18 06:35:18 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-07-18 06:35:15 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-07-18 06:35:15 ----A---- C:\WINDOWS\system32\npptools.dll
2009-07-18 06:35:15 ----A---- C:\WINDOWS\system32\notepad.exe
2009-07-18 06:35:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-07-18 06:35:15 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-07-18 06:35:14 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-07-18 06:35:14 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2009-07-18 06:35:13 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-07-18 06:35:12 ----A---- C:\WINDOWS\system32\newdev.dll
2009-07-18 06:35:11 ----A---- C:\WINDOWS\system32\netui2.dll
2009-07-18 06:35:11 ----A---- C:\WINDOWS\system32\netui1.dll
2009-07-18 06:35:11 ----A---- C:\WINDOWS\system32\netui0.dll
2009-07-18 06:35:11 ----A---- C:\WINDOWS\system32\netstat.exe
2009-07-18 06:35:10 ----A---- C:\WINDOWS\system32\netsh.exe
2009-07-18 06:35:10 ----A---- C:\WINDOWS\system32\netsetup.exe
2009-07-18 06:35:10 ----A---- C:\WINDOWS\system32\netrap.dll
2009-07-18 06:35:10 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-07-18 06:35:10 ----A---- C:\WINDOWS\system32\netmsg.dll
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\netlogon.dll
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\netid.dll
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\neth.dll
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\netevent.dll
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\netdde.exe
2009-07-18 06:35:09 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-07-18 06:35:08 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-07-18 06:35:08 ----A---- C:\WINDOWS\system32\netapi.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\net1.exe
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\net.exe
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\nddeapir.exe
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\nddeapi.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\nbtstat.exe
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\narrhook.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\narrator.exe
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\mydocs.dll
2009-07-18 06:35:07 ----A---- C:\WINDOWS\system32\mycomput.dll
2009-07-18 06:35:03 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-07-18 06:35:03 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-07-18 06:35:03 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-07-18 06:35:03 ----A---- C:\WINDOWS\system32\msxmlr.dll
2009-07-18 06:35:03 ----A---- C:\WINDOWS\system32\msxml3r.dll
2009-07-18 06:35:02 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-18 06:35:02 ----A---- C:\WINDOWS\system32\msxml2r.dll
2009-07-18 06:35:02 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-07-18 06:35:02 ----A---- C:\WINDOWS\system32\msxml.dll
2009-07-18 06:35:01 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-07-18 06:35:01 ----A---- C:\WINDOWS\system32\mswstr10.dll
2009-07-18 06:35:01 ----A---- C:\WINDOWS\system32\mswsock.dll
2009-07-18 06:35:01 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\mswdat10.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msw3prt.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvideo.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvidc32.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2009-07-18 06:35:00 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-07-18 06:34:59 ----A---- C:\WINDOWS\system32\msvcrt.dll
2009-07-18 06:34:59 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-07-18 06:34:59 ----A---- C:\WINDOWS\system32\msvcp50.dll
2009-07-18 06:34:59 ----A---- C:\WINDOWS\system32\msvcirt.dll
2009-07-18 06:34:59 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2009-07-18 06:34:58 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2009-07-18 06:34:58 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-07-18 06:34:58 ----A---- C:\WINDOWS\system32\msutb.dll

aareaux

2009-07-18 06:34:58 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mstask.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\msswchx.exe
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\msswch.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mssip32.dll
2009-07-18 06:34:57 ----A---- C:\WINDOWS\system32\mssign32.dll
2009-07-18 06:34:56 ----A---- C:\WINDOWS\system32\mssap.dll
2009-07-18 06:34:56 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-07-18 06:34:56 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-07-18 06:34:56 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-07-18 06:34:56 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msratelc.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msprivs.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msports.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\mspatcha.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msorc32r.dll
2009-07-18 06:34:55 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-07-18 06:34:54 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-07-18 06:34:53 ----A---- C:\WINDOWS\system32\msobjs.dll
2009-07-18 06:34:52 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msls31.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msjter40.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msjint40.dll
2009-07-18 06:34:36 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-07-18 06:34:35 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-07-18 06:34:35 ----A---- C:\WINDOWS\system32\MSIMTF.dll
2009-07-18 06:34:35 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-07-18 06:34:34 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-07-18 06:34:34 ----A---- C:\WINDOWS\system32\msidntld.dll
2009-07-18 06:34:34 ----A---- C:\WINDOWS\system32\msidle.dll
2009-07-18 06:34:34 ----A---- C:\WINDOWS\system32\msident.dll
2009-07-18 06:34:34 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-07-18 06:34:32 ----A---- C:\WINDOWS\system32\mshta.exe
2009-07-18 06:34:32 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-07-18 06:34:32 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-07-18 06:34:31 ----A---- C:\WINDOWS\system32\msgina.dll
2009-07-18 06:34:31 ----A---- C:\WINDOWS\system32\msg.exe
2009-07-18 06:34:30 ----A---- C:\WINDOWS\system32\msftedit.dll
2009-07-18 06:34:30 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-07-18 06:34:30 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-07-18 06:34:30 ----A---- C:\WINDOWS\system32\msencode.dll
2009-07-18 06:34:30 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-07-18 06:34:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-07-18 06:34:29 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-07-18 06:34:29 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-07-18 06:34:29 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-07-18 06:34:29 ----A---- C:\WINDOWS\system32\msdart.dll
2009-07-18 06:34:29 ----A---- C:\WINDOWS\msdfmap.ini
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\msdadiag.dll
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\MSCTFP.dll
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\MSCTF.dll
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\mscpxl32.dLL
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\mscpx32r.dLL
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\msconf.dll
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\mscat32.dll
2009-07-18 06:34:28 ----A---- C:\WINDOWS\system32\msaudite.dll
2009-07-18 06:34:27 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-07-18 06:34:27 ----A---- C:\WINDOWS\system32\msapsspc.dll
2009-07-18 06:34:27 ----A---- C:\WINDOWS\system32\msafd.dll
2009-07-18 06:34:26 ----A---- C:\WINDOWS\system32\msacm32.dll
2009-07-18 06:34:26 ----A---- C:\WINDOWS\system32\msacm.dll
2009-07-18 06:34:26 ----A---- C:\WINDOWS\system32\msaatext.dll
2009-07-18 06:34:25 ----A---- C:\WINDOWS\system32\mrinfo.exe
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mprui.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mprmsg.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mprdim.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mprddm.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mprapi.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mpr.dll
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mpnotify.exe
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-07-18 06:34:24 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2009-07-18 06:34:23 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2009-07-18 06:34:23 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2009-07-18 06:34:21 ----A---- C:\WINDOWS\system32\mountvol.exe
2009-07-18 06:34:21 ----A---- C:\WINDOWS\system32\moricons.dll
2009-07-18 06:34:21 ----A---- C:\WINDOWS\system32\more.com
2009-07-18 06:34:21 ----A---- C:\WINDOWS\system32\modex.dll
2009-07-18 06:34:21 ----A---- C:\WINDOWS\system32\modemui.dll
2009-07-18 06:34:20 ----A---- C:\WINDOWS\system32\mode.com
2009-07-18 06:34:20 ----A---- C:\WINDOWS\system32\mobsync.exe
2009-07-18 06:34:20 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-07-18 06:34:19 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-07-18 06:34:19 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-07-18 06:34:19 ----A---- C:\WINDOWS\system32\mmutilse.dll
2009-07-18 06:34:19 ----A---- C:\WINDOWS\system32\mmsystem.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmdrv.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmcshext.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmcbase.dll
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mmc.exe
2009-07-18 06:34:18 ----A---- C:\WINDOWS\system32\mll_qic.dll
2009-07-18 06:34:17 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2009-07-18 06:34:17 ----A---- C:\WINDOWS\system32\mll_hp.dll
2009-07-18 06:34:17 ----A---- C:\WINDOWS\system32\mlang.dll
2009-07-18 06:34:17 ----A---- C:\WINDOWS\system32\mimefilt.dll
2009-07-18 06:34:16 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-07-18 06:34:16 ----A---- C:\WINDOWS\system32\miglibnt.dll
2009-07-18 06:34:16 ----A---- C:\WINDOWS\system32\midimap.dll
2009-07-18 06:34:16 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-07-18 06:34:16 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2009-07-18 06:34:15 ----A---- C:\WINDOWS\system32\mfc42u.dll
2009-07-18 06:34:15 ----A---- C:\WINDOWS\system32\mfc42.dll
2009-07-18 06:34:15 ----A---- C:\WINDOWS\system32\mfc40u.dll
2009-07-18 06:34:14 ----A---- C:\WINDOWS\system32\mfc40.dll
2009-07-18 06:34:14 ----A---- C:\WINDOWS\system32\mf3216.dll
2009-07-18 06:34:12 ----A---- C:\WINDOWS\system32\mem.exe
2009-07-18 06:34:11 ----A---- C:\WINDOWS\system32\mdminst.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mdhcp.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciwave.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciseq.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciole32.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciole16.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mcicda.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mciavi32.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mcd32.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mcastmib.dll
2009-07-18 06:34:10 ----A---- C:\WINDOWS\system32\mapistub.dll
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\makecab.exe
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\magnify.exe
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\mag_hook.dll
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\lzexpand.dll
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\lz32.dll
2009-07-18 06:34:09 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2009-07-18 06:34:08 ----A---- C:\WINDOWS\system32\lsass.exe
2009-07-18 06:34:08 ----A---- C:\WINDOWS\system32\lprmonui.dll
2009-07-18 06:34:08 ----A---- C:\WINDOWS\system32\lprhelp.dll
2009-07-18 06:34:08 ----A---- C:\WINDOWS\system32\lpr.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lpq.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lpk.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\logonui.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\logoff.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\logman.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\loghours.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lodctr.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\locator.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\localui.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\localspl.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\localsec.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\loadperf.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\loadfix.com
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\lights.exe
2009-07-18 06:34:07 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-07-18 06:34:06 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-07-18 06:34:06 ----A---- C:\WINDOWS\system32\licdll.dll
2009-07-18 06:34:05 ----A---- C:\WINDOWS\system32\langwrbk.dll
2009-07-18 06:32:29 ----A---- C:\WINDOWS\system32\label.exe
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\krnl386.exe
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\keymgr.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kdcom.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kbdycc.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kbduzb.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kbdusx.dll
2009-07-18 06:32:28 ----A---- C:\WINDOWS\system32\kbdusr.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdusl.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdus.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdur.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdukx.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbduk.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdtat.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsw.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsp.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsg.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdsf.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdru1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdru.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdpo.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdno1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdno.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdnec.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdne.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdmon.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdmac.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdlv.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdlt.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdla.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdit142.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdit.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdir.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdinben.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdic.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhept.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdhe.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdgr.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdgae.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdfr.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdfo.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdfi.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdfc.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdest.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdes.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbddv.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdda.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdcz.dll
2009-07-18 06:32:27 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdcan.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdca.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdbu.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdbr.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdblr.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdbene.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdbe.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdazel.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kbdaze.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\kb16.com
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jobexec.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jgsh400.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jgsd400.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jgmd400.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jgaw400.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\jet500.dll
2009-07-18 06:32:26 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\isign32.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\irclass.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2009-07-18 06:32:25 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ir50_32.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ir32_32.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxwan.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxsap.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxroute.exe
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxrip.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2009-07-18 06:32:24 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ipsec6.exe
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\iprtprio.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\iprop.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ipmontr.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-07-18 06:32:23 ----A---- C:\WINDOWS\system32\iologmsg.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\input.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\initpki.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\infosoft.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\inetres.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\inetppui.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\inetpp.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\inetmib1.dll
2009-07-18 06:32:21 ----A---- C:\WINDOWS\system32\inetcplc.dll
2009-07-18 06:32:20 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\imm32.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\imapi.exe
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\ils.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\ifsutil.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\ifmon.dll
2009-07-18 06:32:19 ----A---- C:\WINDOWS\system32\iexpress.exe
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-18 06:32:18 ----A---- C:\WINDOWS\system32\idq.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icmui.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icmp.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iccvid.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iassvcs.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iassdo.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iassam.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iasrecst.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iasrad.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iasnap.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iashlpr.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iasads.dll
2009-07-18 06:32:17 ----A---- C:\WINDOWS\system32\iasacct.dll
2009-07-18 06:32:16 ----A---- C:\WINDOWS\system32\htui.dll
2009-07-18 06:32:16 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-07-18 06:32:15 ----A---- C:\WINDOWS\system32\hticons.dll
2009-07-18 06:32:14 ----A---- C:\WINDOWS\system32\hotplug.dll
2009-07-18 06:32:14 ----A---- C:\WINDOWS\system32\hostname.exe
2009-07-18 06:32:13 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2009-07-18 06:32:13 ----A---- C:\WINDOWS\system32\hnetmon.dll
2009-07-18 06:32:13 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-07-18 06:32:11 ----A---- C:\WINDOWS\system32\help.exe
2009-07-18 06:32:10 ----A---- C:\WINDOWS\system32\hccoin.dll
2009-07-18 06:32:09 ----A---- C:\WINDOWS\system32\h323msp.dll
2009-07-18 06:32:08 ----A---- C:\WINDOWS\system32\grpconv.exe
2009-07-18 06:32:08 ----A---- C:\WINDOWS\system32\graphics.com
2009-07-18 06:32:08 ----A---- C:\WINDOWS\system32\graftabl.com
2009-07-18 06:32:08 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2009-07-18 06:32:08 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2009-07-18 06:32:05 ----A---- C:\WINDOWS\system32\glu32.dll
2009-07-18 06:32:04 ----A---- C:\WINDOWS\system32\glmf32.dll
2009-07-18 06:32:04 ----A---- C:\WINDOWS\system32\getuname.dll
2009-07-18 06:32:04 ----A---- C:\WINDOWS\system32\gdi.exe
2009-07-18 06:32:04 ----A---- C:\WINDOWS\system32\gcdef.dll
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\fwcfg.dll
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\ftsrch.dll
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\ftp.exe
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\fsutil.exe
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\fsusd.dll
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\fsquirt.exe
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2009-07-18 06:32:02 ----A---- C:\WINDOWS\system32\freecell.exe
2009-07-18 06:32:01 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-07-18 06:32:00 ----A---- C:\WINDOWS\system32\format.com
2009-07-18 06:32:00 ----A---- C:\WINDOWS\system32\forcedos.exe
2009-07-18 06:32:00 ----A---- C:\WINDOWS\system32\fontview.exe
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fontext.dll
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fmifs.dll
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\fixmapi.exe
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\finger.exe
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\findstr.exe
2009-07-18 06:31:59 ----A---- C:\WINDOWS\system32\find.exe
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\filemgmt.dll
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\feclient.dll
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\fc.exe
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\fastopen.exe
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\exts.dll
2009-07-18 06:31:58 ----A---- C:\WINDOWS\system32\extrac32.exe
2009-07-18 06:31:57 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-07-18 06:31:57 ----A---- C:\WINDOWS\system32\expand.exe
2009-07-18 06:31:57 ----A---- C:\WINDOWS\explorer.exe
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\exe2bin.exe
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eventvwr.msc
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eventvwr.exe
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eventlog.dll
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eventcls.dll
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eula.txt
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\esentutl.exe
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\esentprf.ini
2009-07-18 06:31:55 ----A---- C:\WINDOWS\system32\esentprf.dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\esent97.dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\encdec.dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\encapi.dll
2009-07-18 06:31:54 ----A---- C:\WINDOWS\system32\els.dll
2009-07-18 06:31:53 ----A---- C:\WINDOWS\system32\edlin.exe
2009-07-18 06:31:53 ----A---- C:\WINDOWS\system32\edit.com
2009-07-18 06:31:52 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-07-18 06:31:51 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-07-18 06:31:51 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-07-18 06:31:51 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\duser.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dswave.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dsuiext.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dssec.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dsprpres.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-07-18 06:31:50 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dsound.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dskquoui.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dskquota.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\dsauth.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2009-07-18 06:31:49 ----A---- C:\WINDOWS\system32\drwatson.exe
2009-07-18 06:31:47 ----A---- C:\WINDOWS\system32\drprov.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpwsock.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpserial.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-07-18 06:30:49 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dplay.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dosx.exe
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\doskey.exe
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\docprop.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmserver.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-07-18 06:30:48 ----A---- C:\WINDOWS\system32\dmremote.exe
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmocx.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmintf.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmime.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmdskres.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmconfig.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmband.dll
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dmadmin.exe
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2009-07-18 06:30:47 ----A---- C:\WINDOWS\system32\dllhost.exe
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\dispex.dll
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskperf.exe
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskpart.exe
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskcopy.dll
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskcopy.com
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\diskcomp.com
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-07-18 06:30:46 ----A---- C:\WINDOWS\system32\dinput.dll
2009-07-18 06:30:45 ----A---- C:\WINDOWS\system32\dimap.dll
2009-07-18 06:30:45 ----A---- C:\WINDOWS\system32\digest.dll
2009-07-18 06:30:44 ----A---- C:\WINDOWS\system32\diantz.exe
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\diactfrm.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrgres.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\dfrg.msc
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\devmgmt.msc
2009-07-18 06:30:43 ----A---- C:\WINDOWS\system32\devenum.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\deskperf.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\deskmon.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\deskadp.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\defrag.exe
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\debug.exe
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\ddeshare.exe
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\ddeml.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\dciman32.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-07-18 06:30:42 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-07-18 06:30:41 ----A---- C:\WINDOWS\system32\dbghelp.dll
2009-07-18 06:30:41 ----A---- C:\WINDOWS\system32\dbgeng.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\davclnt.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\datime.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\dataclen.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\d3dxof.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\d3drm.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-07-18 06:30:40 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2009-07-18 06:30:39 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-07-18 06:30:39 ----A---- C:\WINDOWS\system32\d3dim.dll
2009-07-18 06:30:39 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-07-18 06:30:39 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-07-18 06:30:38 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\ctl3dv2.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\ctfmon.exe
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\csseqchk.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\csrss.exe
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cscui.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cscript.exe
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cscdll.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cryptnet.dll
2009-07-18 06:30:36 ----A---- C:\WINDOWS\system32\cryptext.dll
2009-07-18 06:30:35 ----A---- C:\WINDOWS\system32\cryptdll.dll
2009-07-18 06:30:35 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-07-18 06:30:35 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-07-18 06:30:35 ----A---- C:\WINDOWS\system32\crtdll.dll
2009-07-18 06:30:35 ----A---- C:\WINDOWS\system32\credui.dll
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\corpol.dll
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\convert.exe
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\control.exe
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\console.dll
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\conime.exe
2009-07-18 06:30:33 ----A---- C:\WINDOWS\system32\confmsp.dll
2009-07-18 06:30:32 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-07-18 06:30:31 ----A---- C:\WINDOWS\system32\comres.dll
2009-07-18 06:30:31 ----A---- C:\WINDOWS\system32\compstui.dll
2009-07-18 06:30:31 ----A---- C:\WINDOWS\system32\compobj.dll
2009-07-18 06:30:31 ----A---- C:\WINDOWS\system32\compmgmt.msc
2009-07-18 06:30:26 ----A---- C:\WINDOWS\system32\compatUI.dll
2009-07-18 06:30:26 ----A---- C:\WINDOWS\system32\compact.exe
2009-07-18 06:30:26 ----A---- C:\WINDOWS\system32\comp.exe
2009-07-18 06:30:26 ----A---- C:\WINDOWS\system32\commdlg.dll
2009-07-18 06:30:26 ----A---- C:\WINDOWS\system32\command.com
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\comcat.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cnvfat.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cmutil.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cmstp.exe
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cmsetACL.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-07-18 06:30:25 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cmmon32.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cmd.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\clipsrv.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cliconfg.exe
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cliconfg.dll
2009-07-18 06:30:24 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2009-07-18 06:30:23 ----A---- C:\WINDOWS\system32\shellstyle.dll
2009-07-18 06:30:23 ----A---- C:\WINDOWS\system32\clb.dll
2009-07-18 06:30:23 ----A---- C:\WINDOWS\system32\ckcnv.exe
2009-07-18 06:30:23 ----A---- C:\WINDOWS\system32\cisvc.exe
2009-07-18 06:30:23 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\cidaemon.exe
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\cic.dll
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\ciadv.msc
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\ciadmin.dll
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\chkntfs.exe
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\chkdsk.exe
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\chcp.com
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\charmap.exe
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-07-18 06:30:22 ----A---- C:\WINDOWS\system32\certmgr.msc
2009-07-18 06:30:21 ----A---- C:\WINDOWS\system32\certmgr.dll
2009-07-18 06:30:21 ----A---- C:\WINDOWS\system32\certcli.dll
2009-07-18 06:30:21 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-07-18 06:30:21 ----A---- C:\WINDOWS\system32\cdm.dll
2009-07-18 06:30:21 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\cards.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\capesnpn.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\camocx.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\calc.exe
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\cacls.exe
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\cabview.dll
2009-07-18 06:30:20 ----A---- C:\WINDOWS\system32\cabinet.dll
2009-07-18 06:30:19 ----A---- C:\WINDOWS\system32\btpanui.dll
2009-07-18 06:30:19 ----A---- C:\WINDOWS\system32\bthserv.dll
2009-07-18 06:30:19 ----A---- C:\WINDOWS\system32\bthci.dll
2009-07-18 06:30:19 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-07-18 06:30:19 ----A---- C:\WINDOWS\system32\browser.dll
2009-07-18 06:30:18 ----A---- C:\WINDOWS\system32\browselc.dll
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\bootvid.dll
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\bootok.exe
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\blastcln.exe
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-07-18 06:30:17 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-07-18 06:30:16 ----A---- C:\WINDOWS\system32\bidispl.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\batt.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\batmeter.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\basesrv.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avwav.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avifile.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avicap32.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\avicap.dll
2009-07-18 06:30:15 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-07-18 06:30:14 ----A---- C:\WINDOWS\system32\autofmt.exe
2009-07-18 06:30:14 ----A---- C:\WINDOWS\system32\autodisc.dll
2009-07-18 06:30:14 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\autochk.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\auditusr.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\attrib.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atrace.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atmlib.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atmfd.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atmadm.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\atkctrs.dll
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\at.exe
2009-07-18 06:30:13 ----A---- C:\WINDOWS\system32\asycfilt.dll
2009-07-18 06:30:00 ----A---- C:\WINDOWS\system32\arp.exe
2009-07-18 06:29:58 ----D---- C:\WINDOWS\SMINST
2009-07-18 06:29:58 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-07-18 06:29:58 ----A---- C:\WINDOWS\system32\append.exe
2009-07-18 06:29:58 ----A---- C:\WINDOWS\system32\apcups.dll
2009-07-18 06:29:57 ----A---- C:\WINDOWS\system32\amstream.dll
2009-07-18 06:29:57 ----A---- C:\WINDOWS\system32\alrsvc.dll
2009-07-18 06:29:57 ----A---- C:\WINDOWS\system32\alg.exe
2009-07-18 06:29:57 ----A---- C:\WINDOWS\system32\ahui.exe
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\advpack.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\adptif.dll
2009-07-18 06:29:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-07-18 06:29:55 ----A---- C:\WINDOWS\system32\actxprxy.dll
2009-07-18 06:29:55 ----A---- C:\WINDOWS\system32\actmovie.exe
2009-07-18 06:29:55 ----A---- C:\WINDOWS\system32\activeds.dll
2009-07-18 06:29:55 ----A---- C:\WINDOWS\system32\aclui.dll
2009-07-18 06:29:55 ----A---- C:\WINDOWS\system32\acledit.dll
2009-07-18 06:29:54 ----D---- C:\WINDOWS\I386
2009-07-18 06:29:54 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-07-18 06:29:54 ----A---- C:\WINDOWS\system32\acctres.dll
2009-07-18 06:29:54 ----A---- C:\WINDOWS\system32\aaaamon.dll
2009-07-18 06:29:54 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-07-18 01:58:18 ----D---- C:\Program Files\ATI Technologies
2009-07-18 01:58:16 ----D---- C:\Program Files\ATI
2009-07-18 01:08:42 ----D---- C:\Program Files\Intel
2009-07-18 01:07:16 ----D---- C:\cabs
2009-07-18 01:02:21 ----D---- C:\SYSPREP
2009-07-18 01:02:16 ----SD---- C:\Documents and Settings\V\Application Data\Microsoft
2009-07-18 01:02:16 ----D---- C:\Documents and Settings\V\Application Data\Identities
2009-07-18 01:02:16 ----ASH---- C:\Documents and Settings\V\Application Data\desktop.ini
2009-07-18 01:00:52 ----D---- C:\WINDOWS\system32\SoftwareDistribution
======List of files/folders modified in the last 1 months======
2009-07-18 17:34:44 ----D---- C:\WINDOWS\Prefetch
2009-07-18 17:34:41 ----RD---- C:\Program Files
2009-07-18 11:04:11 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-18 11:02:47 ----D---- C:\WINDOWS\Temp
2009-07-18 11:02:47 ----D---- C:\WINDOWS
2009-07-18 07:00:45 ----D---- C:\WINDOWS\Registration
2009-07-18 06:54:41 ----A---- C:\WINDOWS\system.ini
2009-07-18 06:52:50 ----D---- C:\WINDOWS\OPTIONS
2009-07-18 06:50:58 ----D---- C:\WINDOWS\system32\drivers
2009-07-18 06:40:52 ----RSH---- C:\boot.ini
2009-07-18 06:40:50 ----D---- C:\Program Files\Windows NT
2009-07-18 06:40:49 ----D---- C:\Program Files\Windows Media Player
2009-07-18 06:40:49 ----D---- C:\Program Files\Outlook Express
2009-07-18 06:40:49 ----D---- C:\Program Files\NetMeeting
2009-07-18 06:40:48 ----D---- C:\Program Files\Movie Maker
2009-07-18 06:40:48 ----D---- C:\Program Files\Messenger
2009-07-18 06:40:46 ----D---- C:\Program Files\Internet Explorer
2009-07-18 06:40:46 ----D---- C:\Program Files\Common Files\System
2009-07-18 06:40:45 ----D---- C:\Program Files\Common Files\Services
2009-07-18 06:40:44 ----D---- C:\WINDOWS\twain_32
2009-07-18 06:40:44 ----D---- C:\WINDOWS\system
2009-07-18 06:40:36 ----D---- C:\WINDOWS\system32\wbem
2009-07-18 06:39:45 ----D---- C:\WINDOWS\system32\usmt
2009-07-18 06:39:25 ----D---- C:\WINDOWS\system32\ras
2009-07-18 06:39:21 ----D---- C:\WINDOWS\system32\oobe
2009-07-18 06:39:18 ----D---- C:\WINDOWS\system32\npp
2009-07-18 06:39:09 ----D---- C:\WINDOWS\system32\icsxml
2009-07-18 06:39:09 ----D---- C:\WINDOWS\system32\ias
2009-07-18 06:38:23 ----D---- C:\WINDOWS\system32\Setup
2009-07-18 06:38:20 ----D---- C:\WINDOWS\system32\Com
2009-07-18 06:38:20 ----D---- C:\WINDOWS\system32\1033
2009-07-18 06:38:20 ----D---- C:\WINDOWS\srchasst
2009-07-18 06:38:19 ----D---- C:\WINDOWS\msagent
2009-07-18 06:38:13 ----RD---- C:\WINDOWS\Web
2009-07-18 06:38:13 ----D---- C:\WINDOWS\ime
2009-07-18 06:38:11 ----D---- C:\WINDOWS\PeerNet
2009-07-18 06:38:11 ----D---- C:\WINDOWS\Media
2009-07-18 06:38:03 ----RSD---- C:\WINDOWS\Fonts
2009-07-18 06:37:58 ----D---- C:\WINDOWS\Cursors
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB916281$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB914906$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB910728$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB906569$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2009-07-18 06:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-07-18 06:37:56 ----D---- C:\WINDOWS\AppPatch
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896688$
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-07-18 06:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-07-18 06:29:50 ----D---- C:\Program Files\Online Services
2009-07-18 06:28:23 ----RSD---- C:\WINDOWS\assembly
2009-07-18 06:28:15 ----SD---- C:\WINDOWS\Tasks
2009-07-18 06:27:52 ----RD---- C:\WINDOWS\Offline Web Pages
2009-07-18 06:26:26 ----D---- C:\WINDOWS\Debug
2009-07-18 06:26:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-18 06:24:32 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-07-18 06:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2009-07-18 06:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2009-07-18 06:24:17 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-07-18 06:24:15 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-07-18 06:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB905915$
2009-07-18 06:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
2009-07-18 06:23:37 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-07-18 06:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2009-07-18 06:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
2009-07-18 06:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-07-18 06:23:15 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-07-18 06:22:53 ----D---- C:\WINDOWS\system32\config
2009-07-18 06:22:49 ----D---- C:\WINDOWS\system32\URTTemp
2009-07-18 06:22:47 ----D---- C:\WINDOWS\system32\MsDtc
2009-07-18 02:23:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-18 01:04:49 ----D---- C:\WINDOWS\system32
2009-07-18 01:04:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-18 01:03:35 ----SHD---- C:\WINDOWS\Installer
2009-07-18 01:03:31 ----A---- C:\WINDOWS\OEWABLog.txt
2009-07-18 01:03:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-18 01:02:24 ----D---- C:\WINDOWS\security
2009-07-18 01:02:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-18 01:02:15 ----D---- C:\Documents and Settings
2009-07-18 01:02:04 ----A---- C:\WINDOWS\setuplog.txt
2009-07-18 01:02:01 ----D---- C:\WINDOWS\system32\Restore
2009-07-18 01:00:59 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-18 01:00:59 ----D---- C:\WINDOWS\Help
2009-07-18 01:00:55 ----HD---- C:\WINDOWS\inf

aareaux

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
S3 el575nd5;3Com Megahertz 10/100 LAN CardBus PC Card Driver; C:\WINDOWS\system32\DRIVERS\el575nd5.sys [2001-08-17 69692]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 PrismXL;PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [2006-06-30 65536]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

---

EOF

---

aareaux

Thats everything in the files. Thanks for helping :-D

Katana

aareaux wrote:

Thanks for helping :-D

Don't speak too soon, I'm not sure that I can help.
There is nothing untoward showing in those logs, so it may be a bad HDD that is the problem.

Let's try a different scan and see what that shows.



Download and Run ComboFix (by sUBs)

Please download Commbofix from HERE

• You must download it to and run it from your Desktop
  
• Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  
• Double click combofix.exe & follow the prompts.
  
• When finished, it will produce a log. Please save that log to post in your next reply
  
• Re-enable all the programs that were disabled during the running of ComboFix..

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

For instructions on how to disable your security programs, please see this topic
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
For a full tutorial on using Combofix, please see this topic
Bleeping Computer ComboFix Tutorial

aareaux

So, i downloaded ComboFix, and installed it, and I don't know weither or not it was done installing cause the comp restarted itself, and now when its starting up it says, "A disk read Error occured"
based on that, im going to assume that its completely fried. I guess now all that is left is to get a new HD :-\.

Katana

aareaux wrote:

I guess now all that is left is to get a new HD :-\.

Yup.
It sounds like it may have been the bad HDD that caused you to format in the first place.
Performing 3 formats in quick succession won't have done it any good if it was failing.

---

---

The following is some info to help you stay safe and clean when you are back up and running


( Vista users must ensure that any programs are Vista compatible BEFORE installing )

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partner/71706/kavwebscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware

• AntiSpyware is not the same thing as Antivirus.
  Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
  You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
  Most of the programs in this list have a free (for Home Users ) and paid versions,
  it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
• Spybot - Search & Destroy <<< A must have program
  • It includes host protection and registry protection
  • A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
• MalwareBytes Anti-malware <<< A New and effective program
• a-squared Free <<< A good "realtime" or "on demand" scanner
• superantispyware <<< A good "realtime" or "on demand" scanner

Prevention

• These programs don't detect malware, they help stop it getting on your machine in the first place.
  Each does a different job, so you can have more than one
• Winpatrol
  • An excellent startup manager and then some !!
  • Notifies you if programs are added to startup
  • Allows delayed startup
  • A must have addition
• SpywareBlaster 4.0
  • SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
• SpywareGuard 2.2
  • SpywareGuard provides real-time protection against spyware.
  • Not required if you have other "realtime" antispyware or Winpatrol
• ZonedOut
  • Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
• MVPS HOSTS
  • This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
  • For information on how to download and install, please read this tutorial by WinHelp2002.
  • Not required if you are using other host file protections

Internet Browsers

• Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
  Using a different web browser can help stop malware getting on your machine.
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
       • Change the Download signed ActiveX controls to Prompt
       • Change the Download unsigned ActiveX controls to Disable
       • Change the Initialise and script ActiveX controls not marked as safe to Disable
       • Change the Installation of desktop items to Prompt
       • Change the Launching programs and files in an IFRAME to Prompt
       • Change the Navigate sub-frames across different domains to Prompt
       • When all these settings have been made, click on the OK button.
       • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.
  
  If you are still using IE6 then either update, or get one of the following.
  • FireFox
    • With many addons available that make customization easy this is a very popular choice
    • NoScript and AdBlockPlus addons are essential
  • Opera
    • Another popular alternative
  • Netscape
    • Another popular alternative
    • Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies

• Temporary Internet Files are mainly the files that are downloaded when you open a web page.
  Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
  It is a good idea to empty the Temporary Internet Files folder on a regular basis.
  
  Tracking Cookies are files that websites use to monitor which sites you visit and how often.
  A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
  CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords
  
  Both of these can be cleaned manually, but a quicker option is to use a program
• ATF Cleaner
  • Free and very simple to use
• CCleaner
  • Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'

aareaux

Yeah i know all the precautions to take. Unfortunately my girlfriend is computer illiterate. I think what cause the whole problem was the song she downloaded that was 37kb's. lol a person who knows about a computer would realize that a song is atleast 3 mb, but she didn't. Thank you for trying to help though Katana

Katana

I doubt that any infection would trash the HDD, it was more likely just faulty.

aareaux

So after putting a new harddrive in (with windows already installed on it), it was giving me the same errors that I was getting before. So i took out the memory sticks and put one of them back in.... Same problem. Took that memory stick back out and put the other one in, and it worked! So i am assuming that something had corrupted one of my memory sticks, or the memory stick just went bad.

Katana

aareaux wrote:

the memory stick just went bad.

Probably this option.

I'm glad you got it sorted,

Stay safe

K'

aareaux

Ok so i am having more problems so i don't think it was just the memory. I downloaded combofix and ran it. I have the log which I will post after this.

ComboFix 09-07-19.04 - Veronica 07/20/2009 1:25.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.894.621 [GMT -4:00]
Running from: c:\documents and settings\Veronica\Desktop\Combo-Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-1061551637-226716081-1324635058-1003
.
((((((((((((((((((((((((( Files Created from 2009-06-20 to 2009-07-20 )))))))))))))))))))))))))))))))
.
2009-07-20 04:12 . 2001-08-17 20:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-07-20 04:12 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-07-20 04:11 . 2004-08-04 05:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2009-07-20 04:11 . 2004-08-04 06:08 17024 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-07-20 03:31 . 2001-08-17 22:37 61508 ----a-w- c:\windows\system32\usrprbda.exe
2009-07-20 03:30 . 2001-08-17 22:36 147968 ----a-w- c:\windows\system32\mdwmdmsp.dll
2009-07-20 03:29 . 2004-09-02 05:27 209280 ----a-w- c:\windows\system32\drivers\update.sys
2009-07-20 03:27 . 2004-08-04 19:00 73472 ----a-w- c:\windows\system32\drivers\sr.sys
2009-07-20 03:26 . 2004-08-04 19:00 20511 ----a-w- c:\windows\system32\odtext32.dll
2009-07-20 03:25 . 2004-08-04 19:00 33792 ----a-w- c:\windows\system32\msgsvc.dll
2009-07-20 03:23 . 2004-08-04 19:00 9728 ----a-w- c:\windows\system32\label.exe
2009-07-20 03:22 . 2004-08-04 19:00 57344 ----a-w- c:\windows\system32\dpwsockx.dll
2009-07-20 03:21 . 2004-08-04 19:00 8192 ----a-w- c:\windows\system32\control.exe
2009-07-19 13:08 . 2009-07-19 13:08 12328 ----a-w- c:\documents and settings\Veronica\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-19 13:07 . 2009-07-19 13:07

---

d

---

w- c:\documents and settings\Veronica\Local Settings\Application Data\ATI
2009-07-19 13:07 . 2009-07-19 13:07

---

d

---

w- c:\documents and settings\Veronica\Application Data\ATI
2009-07-19 13:07 . 2009-07-19 13:07

---

d

---

w- c:\documents and settings\All Users\Application Data\ATI
2009-07-19 13:07 . 2009-07-19 13:07

---

d

---

w- c:\windows\system32\Lang
2009-07-19 13:07 . 2009-07-19 13:07 0 ----a-w- c:\windows\ativpsrm.bin
2009-07-19 13:04 . 2009-04-28 01:20 593920

---

w- c:\windows\system32\ati2sgag.exe
2009-07-19 13:03 . 2009-07-19 13:03

---

d

---

w- C:\ATI
2009-07-19 12:49 . 2009-07-19 12:50

---

d

---

w- c:\program files\WinAce
2009-07-19 12:46 . 2004-08-04 02:58 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys
2009-07-19 12:46 . 2004-08-04 02:58 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2009-07-19 12:46 . 2004-08-04 02:58 4992 -c--a-w- c:\windows\system32\dllcache\mspqm.sys
2009-07-19 12:46 . 2004-08-04 02:58 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys
2009-07-19 12:46 . 2004-08-04 02:58 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys
2009-07-19 12:46 . 2004-08-04 02:58 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys
2009-07-19 12:46 . 2006-08-01 17:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2009-07-19 12:46 . 2009-07-19 12:46

---

d

---

w- c:\windows\system32\RTCOM
2009-07-19 12:46 . 2004-08-04 04:56 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2009-07-19 12:46 . 2004-08-04 04:56 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-07-19 12:46 . 2004-08-04 03:08 60288 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2009-07-19 12:46 . 2004-08-04 03:08 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-07-19 12:31 . 2009-07-19 12:44

---

d

---

w- c:\windows\system32\CatRoot_bak
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 05:19 . 2009-07-20 05:18

---

d

---

w- c:\documents and settings\All Users\Application Data\avg8
2009-07-20 05:18 . 2009-07-20 05:18

---

d

---

w- c:\program files\AVG
2009-07-20 05:04 . 2009-07-20 05:04

---

d

---

w- c:\documents and settings\Veronica\Application Data\AVG8
2009-07-20 04:26 . 2009-07-20 04:26

---

d

---

w- c:\program files\Panda Security
2009-07-20 03:32 . 2009-07-20 03:32 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2009-07-19 13:05 . 2009-07-19 12:47

---

d

---

w- c:\program files\ATI Technologies
2009-07-19 13:04 . 2009-07-19 12:45

---

d--h--w- c:\program files\InstallShield Installation Information
2009-07-19 13:04 . 2009-07-19 12:45

---

d

---

w- c:\program files\Common Files\InstallShield
2009-07-19 12:45 . 2009-07-19 12:45

---

d

---

w- c:\program files\Realtek
2009-04-28 06:13 . 2009-04-28 06:13 3565568 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-04-28 05:12 . 2009-04-28 05:12 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-04-28 04:41 . 2009-04-28 04:41 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-04-28 04:40 . 2009-04-28 04:40 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-04-28 04:32 . 2009-04-28 04:32 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-04-28 04:32 . 2009-04-28 04:32 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-04-28 04:31 . 2009-04-28 04:31 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-04-28 04:31 . 2009-04-28 04:31 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-04-28 04:31 . 2009-04-28 04:31 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-04-28 04:31 . 2009-04-28 04:31 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-04-28 04:30 . 2009-04-28 04:30 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-04-28 04:28 . 2009-04-28 04:28 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-04-28 04:21 . 2009-04-28 04:21 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-04-28 04:08 . 2009-04-28 04:08 2670720 ----a-w- c:\windows\system32\ativvaxx.dll
2009-04-28 04:08 . 2009-04-28 04:08 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-04-28 04:08 . 2009-04-28 04:08 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-04-28 03:58 . 2009-04-28 03:58 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-04-28 03:55 . 2009-04-28 03:55 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-04-28 03:51 . 2009-04-28 03:51 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-04-28 03:50 . 2009-04-28 03:50 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-04-28 03:49 . 2009-04-28 03:49 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-04-28 03:49 . 2009-04-28 03:49 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-04-28 03:44 . 2009-04-28 03:44 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-04-28 01:58 . 2009-04-28 01:58 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-04-28 01:58 . 2009-04-28 01:58 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-04-28 01:56 . 2009-04-28 01:56 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-04-23 21:29 . 2009-04-23 21:29 189051 ----a-w- c:\windows\system32\atiicdxx.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [7/20/2009 12:26 AM 28544]
S3 el575nd5;3Com Megahertz 10/100 LAN CardBus PC Card Driver;c:\windows\system32\drivers\el575ND5.sys [7/19/2009 11:30 PM 69692]
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-20 01:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.

---

DLLs Loaded Under Running Processes

---

- - - - - - - > 'winlogon.exe'(544)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-20 1:28
ComboFix-quarantined-files.txt 2009-07-20 05:28
Pre-Run: 73,231,097,856 bytes free
Post-Run: 73,304,326,144 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
124 --- E O F --- 2009-07-20 04:23

Katana

aareaux wrote:

Ok so i am having more problems so i don't think it was just the memory.

There is nothing showing there, what problems do you have ?

Katana

Whilst we appreciate that you may be busy, it has been 4 days or more since we heard from you. This topic is now closed.

Infections can change and fresh instructions will now need to be given. If you wish to reopen your topic, please send a Private Message (PM) to Trogan with a link to your thread.

If you are not the user who started this thread, you must start your own Thread instead