Adware.virtumonde won't go away [RESOLVED]

Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis™ Logs Go Here

2 Pages

1 2 >

Adware.virtumonde won't go away [RESOLVED], I ran vundofix and Virtumundo and my desktop still has that message

Options

Diux23 View Member Profile	Oct 4 2008, 01:33 PM Post #1
Member Posts: 12 OS: XP	Hello you guys, It all started yesterday when all the sudden the background of my desktop changed to this message, a window saying Warning Spyware detected the message goes Win32/Adware.virtumonde Win32/ PrivacyRemover.M64 I have Kaspersky Internet Security, but yesterday I had turned it off by mistake, I ran the antivirus it detects but does not clean. I also ran the other tu spyware removers and nothing. I downloaded Hijackthis and have a log. Please help me , I dont know what to do. I have windows xp!!! I would appreciate your help! THANK YOUUUUUUUU

fenzodahl512 View Member Profile	Oct 4 2008, 08:48 PM Post #2
Trusted Helper Posts: 4,397 OS: Windows XP	Hello, my name is fenzodahl512 and welcome to Geekstogo.. Please have a read at this topic and do all the preliminary steps given. If you are using Windows Vista, or if you are using XP and already have Service Pack 1a or later, please ignore Step Three: Windows Updates and continue with Step Four: Reboot - Test It should handle about 70% of your malware problem.. Should the problem still exist, please post a fresh HijackThis log here as shown in the Step Five: Posting a Hijack This Log.. Thank you Regards fenzodahl512

Diux23 View Member Profile	Oct 5 2008, 08:19 PM Post #3
Member Posts: 12 OS: XP	Here's what I got from Hijack Is this what I was suppost to post here??? Not sure!! Thak You fenzodahl512 Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe F:\Maxtor backup\DESKTOP\C\Documents and Settings\Ivan\My Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Portrait Displays\Pivot Software\floater.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dlcxcoms.exe C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HPW O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Maxtor backup\DESKTOP\C\Documents and Settings\Ivan\My Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1219261638623 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- End of file - 7218 bytes

fenzodahl512 View Member Profile	Oct 5 2008, 08:32 PM Post #4
Trusted Helper Posts: 4,397 OS: Windows XP	Please download RSIT by random/random and save it to your Desktop. Double click on RSIT.exe to run RSIT Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months Click Continue at the disclaimer screen. Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.

Diux23 View Member Profile	Oct 5 2008, 08:36 PM Post #5
Member Posts: 12 OS: XP	Thanks for your help, here are the logs, THANKS AGAIN Logfile of random's system information tool 1.04 (written by random/random) Run by Ivan at 2008-10-05 22:34:47 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 17 GB (45%) free of 38 GB Total RAM: 767 MB (50% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:34:56 PM, on 10/5/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe F:\Maxtor backup\DESKTOP\C\Documents and Settings\Ivan\My Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\dlcxcoms.exe C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Portrait Displays\Pivot Software\floater.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Ivan\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Ivan.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HPW O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] F:\Maxtor backup\DESKTOP\C\Documents and Settings\Ivan\My Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1219261638623 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- End of file - 7262 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-09-07 62728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264] "PivotSoftware"=C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [2007-02-09 694008] "DT HPW"=C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2008-07-14 81920] "ISUSPM Startup"=c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920] "DLCXCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll [] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-04-25 201992] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-04-24 149040] "SUPERAntiSpyware"=F:\Maxtor backup\DESKTOP\C\Documents and Settings\Ivan\My Documents\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [2008-07-07 1506544] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-09-19 289088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [2005-08-31 106496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe [2007-01-12 292336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe [2006-11-03 312200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe [2006-11-03 304008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-15 153136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2007-05-11 40048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-11 738968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2007-08-13 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-04-25 206088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoDispBackgroundPage"=1 "NoDispScrSavPage"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe::Enabled:uTorrent" "C:\WINDOWS\system32\dlcxcoms.exe"="C:\WINDOWS\system32\dlcxcoms.exe::Enabled:Lexmark Communications System" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe::Enabled:Nero ProductSetup" "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\English\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\English\setup.exe::Enabled:Kaspersky Internet Security 2009 Setup" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe::Enabled:DNA" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe::Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe::Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe ======List of files/folders created in the last 3 months====== 2008-10-05 22:34:47 ----D---- C:\rsit 2008-10-04 15:22:27 ----D---- C:\Program Files\Trend Micro 2008-10-04 14:46:04 ----D---- C:\VundoFix Backups 2008-10-04 14:46:04 ----A---- C:\VundoFix.txt 2008-10-03 23:03:12 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-10-03 22:17:48 ----D---- C:\Program Files\Enigma Software Group 2008-10-03 18:43:24 ----A---- C:\WINDOWS\ntbtlog.txt 2008-09-22 14:30:00 ----D---- C:\Program Files\iPod 2008-09-22 14:29:58 ----D---- C:\Program Files\iTunes 2008-09-22 14:29:58 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-09-22 14:28:55 ----D---- C:\Program Files\Bonjour 2008-09-22 14:27:43 ----D---- C:\Program Files\QuickTime 2008-09-19 19:53:51 ----D---- C:\Program Files\DNA 2008-09-19 19:53:51 ----D---- C:\Documents and Settings\Ivan\Application Data\DNA 2008-09-18 03:00:51 ----SHD---- C:\Config.Msi 2008-09-16 20:59:18 ----D---- C:\Documents and Settings\Ivan\Application Data\ATI 2008-09-16 20:59:18 ----D---- C:\Documents and Settings\All Users\Application Data\ATI 2008-09-16 20:53:54 ----N---- C:\WINDOWS\system32\ati2sgag.exe 2008-09-16 20:30:52 ----D---- C:\ATI 2008-09-16 20:16:27 ----RSD---- C:\WINDOWS\assembly 2008-09-16 20:15:42 ----D---- C:\WINDOWS\Microsoft.NET 2008-09-15 21:16:57 ----D---- C:\Program Files\Common Files\Adobe 2008-09-15 21:16:57 ----D---- C:\Program Files\Adobe 2008-09-15 19:51:55 ----A---- C:\WINDOWS\system32\wpfb_ati2dvag.dll 2008-09-15 19:31:58 ----D---- C:\Program Files\ATI Technologies 2008-09-15 19:31:19 ----A---- C:\WINDOWS\system32\Oemdspif.dll 2008-09-15 19:31:17 ----A---- C:\WINDOWS\system32\ativcoxx.dll 2008-09-15 19:31:17 ----A---- C:\WINDOWS\system32\atitvo32.dll 2008-09-15 19:31:17 ----A---- C:\WINDOWS\system32\atipdlxx.dll 2008-09-15 19:31:17 ----A---- C:\WINDOWS\system32\atiok3x2.dll 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\atioglx2.dll 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\ATIODE.exe 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\ATIODCLI.exe 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\atikvmag.dll 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll 2008-09-15 19:31:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL 2008-09-15 19:31:15 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe 2008-09-15 19:31:15 ----A---- C:\WINDOWS\system32\ati2evxx.exe 2008-09-15 19:31:15 ----A---- C:\WINDOWS\system32\ati2evxx.dll 2008-09-15 19:31:15 ----A---- C:\WINDOWS\system32\ati2edxx.dll 2008-09-12 21:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-09-12 21:13:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-09-12 16:55:12 ----D---- C:\WINDOWS\Prefetch 2008-09-12 06:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-09-12 06:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2008-09-12 06:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-09-12 06:45:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-09-12 06:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-09-12 06:44:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-09-12 06:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-09-12 06:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-09-12 06:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-12 06:34:43 ----D---- C:\Program Files\Messenger 2008-09-12 06:33:49 ----D---- C:\WINDOWS\system32\scripting 2008-09-12 06:33:47 ----D---- C:\WINDOWS\l2schemas 2008-09-12 06:33:45 ----D---- C:\WINDOWS\system32\en 2008-09-11 03:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$ 2008-09-11 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-09-09 23:52:10 ----A---- C:\WINDOWS\AviSplitter.INI 2008-09-07 22:50:30 ----D---- C:\Program Files\Kaspersky Lab 2008-09-07 22:50:30 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-09-07 22:46:25 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-09-05 22:40:14 ----D---- C:\Program Files\XP Codec Pack 2008-09-05 21:08:29 ----D---- C:\Documents and Settings\Ivan\Application Data\Media Player Classic 2008-09-05 03:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-09-05 03:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-09-04 17:22:30 ----A---- C:\WINDOWS\iun6002.exe 2008-09-04 17:22:24 ----D---- C:\Program Files\Codec Pack - All In 1 2008-09-04 00:12:20 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-09-03 23:55:46 ----D---- C:\DECCHECK 2008-09-03 18:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2008-09-03 17:34:33 ----D---- C:\WINDOWS\ie7updates 2008-09-03 17:32:11 ----D---- C:\WINDOWS\WBEM 2008-09-03 17:32:07 ----D---- C:\WINDOWS\system32\en-US 2008-09-03 17:29:30 ----HDC---- C:\WINDOWS\ie7 2008-09-03 17:29:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-09-03 17:28:23 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-09-03 17:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$ 2008-09-03 17:27:38 ----N---- C:\WINDOWS\system32\xmllite.dll 2008-09-03 17:25:38 ----D---- C:\WINDOWS\network diagnostic 2008-09-03 17:25:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$ 2008-09-03 17:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$ 2008-09-02 20:02:46 ----N---- C:\WINDOWS\system32\wlanapi.dll 2008-09-02 20:02:41 ----N---- C:\WINDOWS\system32\verclsid.exe 2008-09-02 20:02:35 ----N---- C:\WINDOWS\system32\tspkg.dll 2008-09-02 20:02:35 ----N---- C:\WINDOWS\system32\tsgqec.dll 2008-09-02 20:02:22 ----N---- C:\WINDOWS\system32\setupn.exe 2008-09-02 20:02:18 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2008-09-02 20:02:17 ----N---- C:\WINDOWS\system32\rasqec.dll 2008-09-02 20:02:16 ----N---- C:\WINDOWS\system32\qutil.dll 2008-09-02 20:02:14 ----N---- C:\WINDOWS\system32\qcliprov.dll 2008-09-02 20:02:14 ----N---- C:\WINDOWS\system32\qagentrt.dll 2008-09-02 20:02:14 ----N---- C:\WINDOWS\system32\qagent.dll 2008-09-02 20:02:09 ----N---- C:\WINDOWS\system32\onex.dll 2008-09-02 20:01:58 ----N---- C:\WINDOWS\system32\napstat.exe 2008-09-02 20:01:58 ----N---- C:\WINDOWS\system32\napmontr.dll 2008-09-02 20:01:58 ----N---- C:\WINDOWS\system32\napipsec.dll 2008-09-02 20:01:55 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2008-09-02 20:01:55 ----N---- C:\WINDOWS\system32\mssha.dll 2008-09-02 20:01:40 ----N---- C:\WINDOWS\system32\mmcperf.exe 2008-09-02 20:01:40 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2008-09-02 20:01:40 ----N---- C:\WINDOWS\system32\mmcex.dll 2008-09-02 20:01:39 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2008-09-02 20:01:27 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2008-09-02 20:01:27 ----N---- C:\WINDOWS\system32\kmsvc.dll 2008-09-02 20:01:26 ----N---- C:\WINDOWS\system32\kbdpash.dll 2008-09-02 20:01:26 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2008-09-02 20:01:26 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2008-09-02 20:01:26 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2008-09-02 20:01:12 ----A---- C:\WINDOWS\005270_.tmp 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eapsvc.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eapqec.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eappprxy.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eapphost.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eappgnui.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eappcfg.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2008-09-02 20:01:09 ----N---- C:\WINDOWS\system32\eapolqec.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3ui.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3svc.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3msm.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2008-09-02 20:01:06 ----N---- C:\WINDOWS\system32\dot3api.dll 2008-09-02 20:01:04 ----N---- C:\WINDOWS\system32\dimsroam.dll 2008-09-02 20:01:04 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2008-09-02 20:01:03 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2008-09-02 20:00:59 ----N---- C:\WINDOWS\system32\credssp.dll 2008-09-02 20:00:53 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2008-09-02 20:00:52 ----N---- C:\WINDOWS\system32\azroles.dll 2008-09-02 20:00:44 ----N---- C:\WINDOWS\system32\aaclient.dll 2008-09-02 19:42:42 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-08-29 20:03:45 ----D---- C:\Documents and Settings\Ivan\Application Data\DellFaxCtr 2008-08-29 19:52:19 ----D---- C:\Documents and Settings\Ivan\Application Data\Corel Photo Album 2008-08-29 19:42:28 ----D---- C:\Program Files\Dl_cats 2008-08-29 19:41:42 ----A---- C:\WINDOWS\system32\dlcxvs.dll 2008-08-29 19:41:40 ----A---- C:\WINDOWS\system32\dlcxcoin.dll 2008-08-29 19:41:10 ----A---- C:\WINDOWS\system32\wiafbdrv.dll 2008-08-29 19:41:02 ----A---- C:\WINDOWS\system32\dlcxdrs.dll 2008-08-29 19:41:02 ----A---- C:\WINDOWS\system32\dlcxcaps.dll 2008-08-29 19:41:01 ----A---- C:\WINDOWS\system32\dlcxcnv4.dll 2008-08-29 19:40:24 ----D---- C:\Documents and Settings\Ivan\Application Data\Corel 2008-08-29 19:39:02 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-08-29 19:38:23 ----D---- C:\Program Files\Corel 2008-08-29 19:38:23 ----D---- C:\Program Files\Common Files\Corel 2008-08-29 19:36:38 ----A---- C:\WINDOWS\system32\DLPRMON.DLL 2008-08-29 19:36:38 ----A---- C:\WINDOWS\system32\DLPMONUI.DLL 2008-08-29 19:36:18 ----A---- C:\WINDOWS\system32\IMHOST32.DLL 2008-08-29 19:36:18 ----A---- C:\WINDOWS\system32\IMGMAN32.DLL 2008-08-29 19:36:11 ----D---- C:\Documents and Settings\All Users\Application Data\DellFaxCtr 2008-08-29 19:36:03 ----D---- C:\Program Files\Dell PC Fax 2008-08-29 19:35:59 ----D---- C:\Program Files\Dell Photo AIO Printer 926 2008-08-29 19:35:41 ----A---- C:\WINDOWS\system32\dlcxinst.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxutil.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxusb1.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxserv.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxinpa.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxiesc.dll 2008-08-29 19:35:40 ----A---- C:\WINDOWS\system32\dlcxhcp.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxprox.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxpplc.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxpmui.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxlmpm.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxjswr.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxinsr.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxinsb.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxins.dll 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxih.exe 2008-08-29 19:35:39 ----A---- C:\WINDOWS\system32\dlcxhbn3.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxgrd.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxgf.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcur.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcub.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcu.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcoms.exe 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcomm.dll 2008-08-29 19:35:38 ----A---- C:\WINDOWS\system32\dlcxcomc.dll 2008-08-29 19:35:37 ----A---- C:\WINDOWS\system32\dlcxcfg.exe 2008-08-29 19:35:37 ----A---- C:\WINDOWS\system32\DLCXcfg.dll 2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe 2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll 2008-08-27 18:37:03 ----D---- C:\Program Files\Microsoft Works 2008-08-27 18:36:49 ----D---- C:\Program Files\Common Files\DESIGNER 2008-08-27 18:33:10 ----D---- C:\WINDOWS\SHELLNEW 2008-08-27 18:32:33 ----D---- C:\Program Files\Microsoft Office 2008-08-27 18:32:32 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-27 18:31:42 ----RHD---- C:\MSOCache 2008-08-26 23:55:56 ----D---- C:\WINDOWS\pss 2008-08-26 23:37:43 ----A---- C:\WINDOWS\IE4 Error Log.txt 2008-08-26 20:18:36 ----D---- C:\Documents and Settings\Ivan\Application Data\SUPERAntiSpyware.com 2008-08-26 20:18:36 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-08-26 17:52:19 ----D---- C:\Documents and Settings\Ivan\Application Data\WinRAR 2008-08-26 17:51:46 ----D---- C:\Program Files\WinRAR 2008-08-26 15:11:42 ----A---- C:\WINDOWS\system32\VSFilter.dll 2008-08-25 23:34:40 ----D---- C:\Program Files\uTorrent 2008-08-25 23:34:34 ----D---- C:\Documents and Settings\Ivan\Application Data\uTorrent 2008-08-25 20:24:54 ----D---- C:\Program Files\Dell 2008-08-25 20:24:53 ----D---- C:\WINDOWS\system32\Dell 2008-08-23 03:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2008-08-23 03:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-08-22 03:33:16 ----D---- C:\WINDOWS\Minidump 2008-08-22 03:19:24 ----D---- C:\Documents and Settings\Ivan\Application Data\DivX 2008-08-22 03:19:18 ----A---- C:\WINDOWS\NeroDigital.ini 2008-08-22 03:12:32 ----D---- C:\Documents and Settings\Ivan\Application Data\Ahead 2008-08-22 03:07:59 ----D---- C:\Program Files\Nero 2008-08-22 03:07:59 ----D---- C:\Program Files\Common Files\Ahead 2008-08-22 03:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-08-22 03:06:58 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-08-22 03:06:57 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-08-22 03:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2008-08-22 03:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2008-08-22 03:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-08-22 03:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2008-08-22 03:02:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$ 2008-08-22 03:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2008-08-22 03:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-08-22 03:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2008-08-22 03:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2008-08-22 03:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-08-22 03:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2008-08-22 03:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-08-22 03:00:49 ----D---- C:\Program Files\MSXML 4.0 2008-08-22 03:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\vxblock.dll 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxwave.dll 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxsfs.dll 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxmas.dll 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxinsi64.exe 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxdrv.dll 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxcpyi64.exe 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2008-08-22 02:43:59 ----N---- C:\WINDOWS\system32\pxafs.dll 2008-08-22 02:43:58 ----N---- C:\WINDOWS\system32\px.dll 2008-08-22 02:43:33 ----D---- C:\Program Files\DivX 2008-08-22 02:06:22 ----D---- C:\MDT 2008-08-22 02:03:56 ----D---- C:\Documents and Settings\Ivan\Application Data\CyberLink 2008-08-22 02:03:56 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2008-08-22 02:02:23 ----D---- C:\Documents and Settings\All Users\Application Data\Dell 2008-08-22 02:02:08 ----A---- C:\WINDOWS\system32\msxml4a.dll 2008-08-22 02:01:47 ----D---- C:\Program Files\CyberLink 2008-08-22 02:01:47 ----A---- C:\WINDOWS\system32\msvcr71.dll 2008-08-22 02:01:47 ----A---- C:\WINDOWS\system32\msvcp71.dll 2008-08-22 02:01:47 ----A---- C:\WINDOWS\system32\MFC71u.dll 2008-08-22 02:01:47 ----A---- C:\WINDOWS\system32\MFC71.dll 2008-08-22 02:01:47 ----A---- C:\WINDOWS\system32\atl71.dll 2008-08-22 01:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2008-08-22 01:53:54 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-08-22 01:53:24 ----D---- C:\Program Files\Windows Media Connect 2 2008-08-22 01:51:11 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-08-22 01:50:26 ----D---- C:\WINDOWS\system32\LogFiles 2008-08-22 01:50:19 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-08-22 00:17:42 ----A---- C:\WINDOWS\system32\wpfb_ati2dvaa.dll 2008-08-22 00:17:39 ----A---- C:\WINDOWS\system32\WPFB.DLL 2008-08-21 23:28:44 ----D---- C:\Documents and Settings\Ivan\Application Data\DisplayTune 2008-08-21 23:19:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvcr80.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvcr70.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvcp80.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvcp70.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvcm80.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\msvbvm60.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\mfcm80u.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\mfcm80.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\mfc80u.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\mfc80.dll 2008-08-21 23:12:45 ----A---- C:\WINDOWS\mfc70.dll 2008-08-21 23:12:44 ----A---- C:\WINDOWS\ijl15.dll 2008-08-21 23:12:44 ----A---- C:\WINDOWS\atl80.dll 2008-08-21 23:12:42 ----D---- C:\Program Files\Portrait Displays 2008-08-21 23:12:42 ----D---- C:\Program Files\Common Files\Portrait Displays 2008-08-21 19:40:24 ----D---- C:\WINDOWS\system32\PreInstall 2008-08-21 19:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-08-21 19:40:22 ----HD---- C:\WINDOWS\$hf_mig$ 2008-08-21 19:23:22 ----A---- C:\WINDOWS\system32\muweb.dll 2008-08-21 19:23:22 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-08-21 19:23:22 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-08-20 17:49:18 ----D---- C:\Program Files\Maxtor 2008-08-20 17:49:18 ----D---- C:\Documents and Settings\All Users\Application Data\Maxtor 2008-08-20 17:48:07 ----D---- C:\WINDOWS\Downloaded Installations 2008-08-20 17:47:27 ----D---- C:\Program Files\MSXML 6.0 2008-08-20 17:47:07 ----SHD---- C:\WINDOWS\ftpcache 2008-08-20 17:35:32 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-08-20 17:34:59 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2008-08-20 17:31:23 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-20 17:31:18 ----D---- C:\Program Files\Windows Live 2008-08-20 17:31:09 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-08-20 17:26:06 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2008-08-20 17:21:56 ----SHD---- C:\RECYCLER 2008-08-20 17:19:43 ----D---- C:\Documents and Settings\Ivan\Application Data\Apple Computer 2008-08-20 17:18:03 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-08-20 17:17:36 ----D---- C:\Program Files\Apple Software Update 2008-08-20 17:17:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-08-20 17:17:04 ----D---- C:\Program Files\Common Files\Apple 2008-08-20 17:17:04 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2008-08-20 16:26:51 ----A---- C:\WINDOWS\system32\MRT.exe 2008-08-20 16:19:14 ----SD---- C:\WINDOWS\system32\Microsoft 2008-08-20 16:14:15 ----D---- C:\WINDOWS\peernet 2008-08-20 16:14:14 ----D---- C:\WINDOWS\provisioning 2008-08-20 16:12:21 ----D---- C:\WINDOWS\ServicePackFiles 2008-08-20 16:09:09 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-08-20 16:08:49 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-08-20 16:06:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-08-20 16:06:40 ----D---- C:\WINDOWS\EHome 2008-08-20 16:03:00 ----N---- C:\WINDOWS\system32\spnpinst.exe 2008-08-20 15:56:14 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-08-20 15:52:45 ----A---- C:\WINDOWS\wininit.ini 2008-08-20 15:50:43 ----D---- C:\WINDOWS\system32\bits 2008-08-20 15:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$ 2008-08-20 15:50:27 ----N---- C:\WINDOWS\system32\xpob2res.dll 2008-08-20 15:50:27 ----N---- C:\WINDOWS\system32\bitsprx3.dll 2008-08-20 15:50:27 ----N---- C:\WINDOWS\system32\bitsprx2.dll 2008-08-20 15:50:27 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-08-20 15:50:26 ----A---- C:\WINDOWS\system32\winhttp.dll 2008-08-20 15:47:56 ----A---- C:\WINDOWS\system32\wups2.dll 2008-08-20 15:47:56 ----A---- C:\WINDOWS\system32\wups.dll 2008-08-20 15:47:56 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2008-08-20 15:47:56 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-08-20 15:47:56 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2008-08-20 15:47:55 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2008-08-20 15:47:55 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-08-20 15:47:37 ----D---- C:\WINDOWS\SoftwareDistribution 2008-08-20 02:40:04 ----D---- C:\drvrtmp 2008-08-20 02:40:04 ----A---- C:\WINDOWS\system32\Prounstl.exe 2008-08-20 02:40:04 ----A---- C:\WINDOWS\system32\IntelNic.dll 2008-08-20 01:27:38 ----RA---- C:\WINDOWS\system32\hhactivex.dll 2008-08-20 01:27:38 ----A---- C:\WINDOWS\system32\RcdScan.dll 2008-08-20 01:27:37 ----A---- C:\WINDOWS\system32\VB5DB.DLL 2008-08-20 01:27:36 ----HD---- C:\Program Files\InstallShield Installation Information 2008-08-20 01:27:29 ----D---- C:\Program Files\Common Files\InstallShield 2008-08-20 00:45:21 ----D---- C:\Program Files\support.com 2008-08-20 00:45:15 ----D---- C:\Documents and Settings\All Users\Application Data\Support.com 2008-08-20 00:34:59 ----A---- C:\WINDOWS\ModemLog_Generic SoftK56.txt 2008-08-20 00:34:16 ----SHD---- C:\WINDOWS\Installer 2008-08-20 00:34:13 ----D---- C:\Documents and Settings\Ivan\Application Data\Identities 2008-08-20 00:34:09 ----HD---- C:\Program Files\Uninstall Information 2008-08-20 00:34:02 ----A---- C:\WINDOWS\system32\jit.dll 2008-08-20 00:34:02 ----A---- C:\WINDOWS\setdebug.exe 2008-08-20 00:34:01 ----A---- C:\WINDOWS\system32\javaee.dll 2008-08-20 00:34:01 ----A---- C:\WINDOWS\system32\dx3j.dll 2008-08-20 00:33:57 ----A---- C:\WINDOWS\system32\wjview.exe 2008-08-20 00:33:57 ----A---- C:\WINDOWS\system32\vmhelper.dll 2008-08-20 00:33:56 ----A---- C:\WINDOWS\system32\msjdbc10.dll 2008-08-20 00:33:56 ----A---- C:\WINDOWS\system32\msjava.dll 2008-08-20 00:33:56 ----A---- C:\WINDOWS\system32\msawt.dll 2008-08-20 00:33:56 ----A---- C:\WINDOWS\system32\jview.exe 2008-08-20 00:33:56 ----A---- C:\WINDOWS\system32\jdbgmgr.exe 2008-08-20 00:33:55 ----A---- C:\WINDOWS\system32\javart.dll 2008-08-20 00:33:55 ----A---- C:\WINDOWS\system32\javaprxy.dll 2008-08-20 00:33:55 ----A---- C:\WINDOWS\system32\javacypt.dll 2008-08-20 00:33:54 ----A---- C:\WINDOWS\system32\clspack.exe 2008-08-20 00:33:45 ----SD---- C:\Documents and Settings\Ivan\Application Data\Microsoft 2008-08-20 00:33:45 ----ASH---- C:\Documents and Settings\Ivan\Application Data\desktop.ini 2008-08-20 00:30:40 ----SHD---- C:\System Volume Information 2008-08-20 00:30:39 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-08-20 00:27:30 ----D---- C:\Program Files\xerox 2008-08-20 00:27:29 ----D---- C:\WINDOWS\system32\xircom 2008-08-20 00:27:29 ----D---- C:\Program Files\microsoft frontpage 2008-08-20 00:27:25 ----D---- C:\DELL 2008-08-20 00:27:25 ----A---- C:\WINDOWS\system32\MSJAVX86.EXE 2008-08-20 00:26:39 ----A---- C:\WINDOWS\control.ini 2008-08-20 00:26:39 ----A---- C:\AUTOEXEC.BAT 2008-08-20 00:26:30 ----A---- C:\WINDOWS\OEWABLog.txt 2008-08-20 00:26:27 ----A---- C:\WINDOWS\system32\mapi32.dll 2008-08-20 00:25:26 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-08-20 00:25:26 ----RD---- C:\WINDOWS\Offline Web Pages 2008-08-20 00:25:26 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-20 00:25:19 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-08-20 00:25:01 ----D---- C:\WINDOWS\srchasst 2008-08-20 00:24:55 ----D---- C:\WINDOWS\system32\DirectX 2008-08-20 00:24:54 ----D---- C:\WINDOWS\system32\Macromed 2008-08-20 00:24:46 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-08-20 00:24:45 ----D---- C:\Program Files\Movie Maker 2008-08-20 00:24:32 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-08-20 00:24:32 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-08-20 00:24:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-08-20 00:24:32 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-08-20 00:24:31 ----A---- C:\WINDOWS\system32\atrace.dll 2008-08-20 00:24:28 ----A---- C:\WINDOWS\system32\desktop.ini 2008-08-20 00:24:28 ----A---- C:\WINDOWS\desktop.ini 2008-08-20 00:24:23 ----D---- C:\WINDOWS\system32\Restore 2008-08-20 00:24:23 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-08-20 00:24:23 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-08-20 00:24:23 ----A---- C:\WINDOWS\system32\srclient.dll 2008-08-20 00:24:22 ----D---- C:\Program Files\Windows Media Player 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-08-20 00:24:22 ----A---- C:\WINDOWS\system32\ils.dll 2008-08-20 00:24:21 ----A---- C:\WINDOWS\system32\msconf.dll 2008-08-20 00:24:19 ----D---- C:\WINDOWS\PCHEALTH 2008-08-20 00:24:19 ----D---- C:\Program Files\NetMeeting 2008-08-20 00:24:19 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-08-20 00:24:19 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-08-20 00:24:19 ----A---- C:\WINDOWS\system32\acctres.dll 2008-08-20 00:24:18 ----D---- C:\Program Files\Common Files\Services 2008-08-20 00:24:17 ----A---- C:\WINDOWS\system32\inetres.dll 2008-08-20 00:24:17 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-08-20 00:24:14 ----SD---- C:\WINDOWS\Tasks 2008-08-20 00:24:14 ----D---- C:\Program Files\Outlook Express 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\mstask.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\isign32.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-08-20 00:24:14 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-08-20 00:24:12 ----D---- C:\Program Files\Common Files\MSSoap 2008-08-20 00:24:09 ----D---- C:\Program Files\Common Files\System 2008-08-20 00:24:06 ----D---- C:\Program Files\Internet Explorer 2008-08-20 00:23:49 ----D---- C:\Program Files\ComPlus Applications 2008-08-20 00:23:47 ----A---- C:\WINDOWS\vbaddin.ini 2008-08-20 00:23:47 ----A---- C:\WINDOWS\vb.ini 2008-08-20 00:23:43 ----D---- C:\WINDOWS\Registration 2008-08-20 00:23:11 ----HD---- C:\Program Files\WindowsUpdate 2008-08-20 00:23:11 ----D---- C:\Program Files\Online Services 2008-08-20 00:23:01 ----D---- C:\Program Files\MSN 2008-08-20 00:22:58 ----D---- C:\Program Files\MSN Gaming Zone 2008-08-20 00:22:58 ----A---- C:\WINDOWS\system32\write.exe 2008-08-20 00:22:51 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\hticons.dll 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\avwav.dll 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-08-20 00:22:50 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-08-20 00:22:49 ----D---- C:\Program Files\Windows NT 2008-08-20 00:22:49 ----A---- C:\WINDOWS\system32\winchat.exe 2008-08-20 00:22:48 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-08-20 00:22:45 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-08-20 00:22:44 ----A---- C:\WINDOWS\system32\spider.exe 2008-08-20 00:22:44 ----A---- C:\WINDOWS\system32\sol.exe 2008-08-20 00:22:44 ----A---- C:\WINDOWS\system32\getuname.dll 2008-08-20 00:22:44 ----A---- C:\WINDOWS\system32\charmap.exe 2008-08-20 00:22:44 ----A---- C:\WINDOWS\system32\calc.exe 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\winmine.exe 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-08-20 00:22:43 ----A---- C:\WINDOWS\system32\freecell.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\reset.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-08-20 00:22:42 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-08-20 00:22:41 ----RA---- C:\WINDOWS\system32\termsrv.dll 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\tskill.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\tscon.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\shadow.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\regini.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\msg.exe 2008-08-20 00:22:41 ----A---- C:\WINDOWS\system32\logoff.exe 2008-08-20 00:22:40 ----D---- C:\WINDOWS\system32\MsDtc 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-08-20 00:22:40 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-08-20 00:22:39 ----D---- C:\WINDOWS\system32\Com 2008-08-20 00:22:39 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-08-20 00:22:39 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-08-20 00:22:39 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-08-20 00:22:39 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-08-20 00:22:39 ----A---- C:\WINDOWS\system32\colbact.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\stclient.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\comuid.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-08-20 00:22:38 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-08-20 00:22:37 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-08-20 00:22:37 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-08-20 00:22:31 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-08-20 00:22:31 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-08-20 00:22:31 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-08-20 00:22:31 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-08-20 00:22:31 ----A---- C:\WINDOWS\system32\cmprops.dll 2008-08-20 00:01:02 ----D---- C:\Documents and Settings\Ivan\Application Data\Macromedia 2008-08-20 00:01:02 ----D---- C:\Documents and Settings\Ivan\Application Data\Adobe 2008-08-19 17:20:00 ----A---- C:\WINDOWS\system32\h323log.txt 2008-08-19 17:16:40 ----A---- C:\WINDOWS\system32\sfman32.dll 2008-08-19 17:16:40 ----A---- C:\WINDOWS\system32\sblfx.dll 2008-08-19 17:16:40 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-08-19 17:16:39 ----A---- C:\WINDOWS\system32\devldr32.exe 2008-08-19 17:16:39 ----A---- C:\WINDOWS\system32\devcon32.dll 2008-08-19 17:16:39 ----A---- C:\WINDOWS\system32\ctwdm32.dll 2008-08-19 17:16:32 ----A---- C:\WINDOWS\system32\HSF_INST.dll 2008-08-19 17:15:42 ----A---- C:\WINDOWS\system32\usbui.dll 2008-08-19 17:14:47 ----A---- C:\WINDOWS\imsins.BAK 2008-08-19 17:14:43 ----D---- C:\Program Files\Common Files\ODBC 2008-08-19 17:14:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-08-19 17:14:43 ----A---- C:\WINDOWS\ODBCINST.INI 200

Diux23

Oct 5 2008, 08:40 PM

Post #6

Member

Posts: 12
OS: XP

2008-08-19 17:14:40 ----RD---- C:\Program Files
2008-08-19 17:14:40 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-19 17:14:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-19 17:14:40 ----D---- C:\Program Files\Common Files
2008-08-19 17:14:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-19 17:14:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-19 17:14:38 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-19 17:14:36 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-19 17:14:35 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-19 17:14:34 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-19 17:14:34 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-19 17:14:34 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-19 17:14:34 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-19 17:14:34 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-19 17:14:33 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-19 17:14:32 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-19 17:14:31 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-19 17:14:30 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-19 17:14:30 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-19 17:14:30 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-19 17:14:30 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-19 17:14:30 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-19 17:14:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-19 17:14:28 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-19 17:14:28 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-19 17:14:28 ----A---- C:\WINDOWS\notepad.exe
2008-08-19 17:14:20 ----RA---- C:\WINDOWS\SET1B.tmp
2008-08-19 17:14:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-19 17:14:17 ----RA---- C:\WINDOWS\SETD.tmp
2008-08-19 17:14:16 ----RA---- C:\WINDOWS\SET7.tmp
2008-08-19 17:14:14 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-19 17:14:08 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-19 17:14:08 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-19 17:14:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-19 17:13:54 ----A---- C:\WINDOWS\setuplog.txt
2008-08-19 17:13:50 ----D---- C:\Documents and Settings
2008-08-19 17:12:54 ----RASH---- C:\boot.ini
2008-08-19 17:09:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-19 17:09:51 ----RSD---- C:\WINDOWS\Fonts
2008-08-19 17:09:51 ----RD---- C:\WINDOWS\Web
2008-08-19 17:09:51 ----HD---- C:\WINDOWS\inf
2008-08-19 17:09:51 ----D---- C:\WINDOWS\WinSxS
2008-08-19 17:09:51 ----D---- C:\WINDOWS\twain_32
2008-08-19 17:09:51 ----D---- C:\WINDOWS\Temp
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\wins
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\wbem
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\usmt
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\spool
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\Setup
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\ras
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\oobe
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\npp
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\mui
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\IME
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\icsxml
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\ias
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\export
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\drivers
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\dhcp
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\config
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\3076
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\2052
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1054
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1042
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1041
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1037
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1033
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1031
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1028
2008-08-19 17:09:51 ----D---- C:\WINDOWS\system32\1025
2008-08-19 17:09:51 ----D