Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

another member of trojandownloader.xs (I think) - Please help

Started by Ammar , Mar 31 2008 11:11 PM

  • This topic is locked This topic is locked

#1
Ammar
Posted 31 March 2008 - 11:11 PM

Ammar

    Member

  • Member
  • PipPipPip
  • 119 posts
HI there, thanks for the help in advance
My computer has been struck with many spy ware over the past couple of days
These are the things that are occurring on the computer ( I have added Resolved problems too, just because it will be easier to detect which virus it was, as I think the symptoms that are still occurring are just side effects to the resolved problem) :

Desktop gone blue and Shows advertisements asking me to scan my pc (RESOLVED AS I DID MALWAREBYTES ANTIMALWARE SCAN AND IT DIDNT APPEAR AFTER REBOOT)

Continuous pop-ups about computer having viruses
Pop ups such as the ones posted in this thread:
http://www.geekstogo...er-t193038.html

Spyware Gaurd and Spyware Blaster continuously giving pop-ups about browser setting changes (RESOLVED AS I DID MALWAREBYTES ANTIMALWARE SCAN AND IT DIDNT APPEAR AFTER REBOOT)

Yellow Triangles on the task bar, claiming there are viruses on the computer

Task Messenger Disabled

Some files failing to work



What I have done so far:
Done scans with SUPERanti spyware, Malwarebytes AntiMalware, Trend Micro PC-cillin 2007. And deleted infected files.
Tried to restore computer but doesnt work.

PLEASE HELP ME!!!


Log:

Deckard's System Scanner v20071014.68
Run by Owner on 2008-04-01 01:24:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 1.93 GiB (less than 15%) free.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:53 AM, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\WINDOWS\system32\tkpypyby.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Ares\Ares.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cricket.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.c...://ca.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe"
O4 - HKLM\..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Cricinfo Desktop Alerts] "C:\Program Files\Cricinfo Desktop Alerts\Cricinfo_Desktop_Alerts.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\WINDOWS\UMStor\Res.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files\ineen\ineen.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [nnfobkpf] C:\WINDOWS\system32\zcbslyje.exe
O4 - HKCU\..\Run: [pbhjfvum] C:\WINDOWS\system32\tkpypyby.exe
O4 - HKCU\..\Run: [ogdvswnu] C:\WINDOWS\system32\fcxqdalo.exe
O4 - HKLM\..\Policies\Explorer\Run: [gPl1h6kUfb] C:\Documents and Settings\All Users\Application Data\nqtqdijo\xapmlgjm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ammarhakim.sp...ad/MsnPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.zapak.com...h2.1.0.0.53.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1129506290012
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.shockwave...tg.1.0.0.33.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay10...ex/HMAtchmt.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Program Files\Ares\Spyware Doctor\sdhelp.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

--
End of file - 11287 bytes

-- Files created between 2008-03-01 and 2008-04-01 -----------------------------

2008-03-31 23:30:32 0 d--hs---- C:\FOUND.000
2008-03-30 22:50:32 75264 --a------ C:\WINDOWS\system32\zip.exe
2008-03-30 22:50:32 105984 --a------ C:\WINDOWS\system32\sed.exe
2008-03-30 22:50:32 87552 --a------ C:\WINDOWS\system32\grep.exe
2008-03-30 22:50:32 81920 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-30 13:56:09 126748 --a------ C:\WINDOWS\system32\fcxqdalo.exe
2008-03-30 13:09:58 118556 --a------ C:\WINDOWS\system32\tkpypyby.exe
2008-03-30 03:31:12 0 d-------- C:\Documents and Settings\All Users\Application Data\nqtqdijo
2008-03-30 03:30:44 0 d-------- C:\WINDOWS\system32\or2
2008-03-30 03:15:43 110256 --a------ C:\WINDOWS\system32\zcbslyje.exe
2008-03-30 01:46:54 0 d-------- C:\WINDOWS\system32\eps4
2008-03-29 10:03:53 0 d-------- C:\WINDOWS\system32\iDlo04
2008-03-29 10:03:53 0 d-------- C:\Temp
2008-03-27 22:07:03 0 d-------- C:\Documents and Settings\Owner\Application Data\Talkback
2008-03-27 21:58:39 0 d-------- C:\Program Files\SpywareBlaster
2008-03-27 16:56:26 2404 --a------ C:\sysrestoreenable.reg
2008-03-24 13:57:46 0 d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-03-24 13:57:39 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-24 13:57:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-20 21:21:58 0 d-------- C:\Program Files\Xplosiv
2008-03-18 20:57:12 0 d-------- C:\Program Files\Shockwave.com
2008-03-18 20:57:12 0 d-------- C:\Program Files\Norton AntiVirus
2008-03-16 00:44:04 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-03-16 00:35:15 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-03-16 00:34:26 0 d-------- C:\Program Files\Bonjour
2008-03-14 23:00:38 11444224 --a------ C:\Documents and Settings\Owner\ntuser.dat


-- Find3M Report ---------------------------------------------------------------

2008-03-31 23:37:24 96768 -----n--- C:\WINDOWS\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:37:24 84480 -----n--- C:\WINDOWS\system32\rtcshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:37:24 13312 -----n--- C:\WINDOWS\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-03-31 23:15:16 36864 --a------ C:\WINDOWS\videostream.exe <Not Verified; ; videostream Application>
2008-03-31 23:15:16 1040384 --a------ C:\WINDOWS\Explorer(2).EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:15:14 974848 --a------ C:\WINDOWS\UNNeroBackItUp.exe <Not Verified; Nero AG; Nero Installer>
2008-03-31 23:15:14 51100 --a------ C:\WINDOWS\uneng.exe
2008-03-31 23:15:10 17920 --a------ C:\WINDOWS\hh.exe <Not Verified; Microsoft Corporation; HTML Help>
2008-03-31 23:15:06 40960 -----n--- C:\WINDOWS\slrundll.exe <Not Verified; Smart Link; Soft Modem>
2008-03-31 23:15:00 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-03-31 23:14:58 306688 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-03-31 23:14:58 22528 --a------ C:\WINDOWS\TASKMAN.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:58 313856 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-03-31 23:14:52 32768 --a------ C:\WINDOWS\twunk_32.exe <Not Verified; Twain Working Group; Twain Thunker>
2008-03-31 23:14:52 76288 --a------ C:\WINDOWS\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 618496 -----n--- C:\WINDOWS\system32\sspipes.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 26112 -----n--- C:\WINDOWS\system32\ssmyst.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 54272 -----n--- C:\WINDOWS\system32\ssmypics.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 28160 -----n--- C:\WINDOWS\system32\ssmarque.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 401408 -----n--- C:\WINDOWS\system32\ssflwbox.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 27136 -----n--- C:\WINDOWS\system32\ssbezier.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:32 712704 -----n--- C:\WINDOWS\system32\ss3dfo.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:30 113152 -----n--- C:\WINDOWS\system32\sysocmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:30 22016 -----n--- C:\WINDOWS\system32\stimon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:30 688128 -----n--- C:\WINDOWS\system32\sstext3d.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:30 21504 -----n--- C:\WINDOWS\system32\ssstars.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:28 57344 -----n--- C:\WINDOWS\system32\utilman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:28 24064 -----n--- C:\WINDOWS\system32\upnpcont.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:28 51712 -----n--- C:\WINDOWS\system32\tscupgrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:28 19456 -----n--- C:\WINDOWS\system32\tracert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:28 354304 -----n--- C:\WINDOWS\system32\tourstart.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:26 440832 -----n--- C:\WINDOWS\system32\wiaacmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:26 72704 -----n--- C:\WINDOWS\system32\wextract.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:24 37888 -----n--- C:\WINDOWS\system32\xcopy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:24 39424 -----n--- C:\WINDOWS\system32\wpnpinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:24 39424 -----n--- C:\WINDOWS\system32\wpabaln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:24 12800 -----n--- C:\WINDOWS\system32\winver.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:22 16384 -----n--- C:\WINDOWS\system32\proxycfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:22 66560 -----n--- C:\WINDOWS\system32\logman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:22 49664 -----n--- C:\WINDOWS\system32\ftp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:22 395776 -----n--- C:\WINDOWS\system32\cmd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:22 78848 -----n--- C:\WINDOWS\system32\blastcln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:20 83968 -----n--- C:\WINDOWS\system32\nslookup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:20 200192 -----n--- C:\WINDOWS\system32\fsquirt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:20 28160 -----n--- C:\WINDOWS\system32\faxpatch.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:18 65024 --a------ C:\WINDOWS\system32\spoolsv(4).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:18 65024 --a------ C:\WINDOWS\system32\spoolsv(3).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:18 56320 -----n--- C:\WINDOWS\system32\powercfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:18 427008 -----n--- C:\WINDOWS\system32\ntvdm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:16 28672 -----n--- C:\WINDOWS\system32\spupdwxp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:16 65024 --a------ C:\WINDOWS\system32\SPOOLSV(2).EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:16 18944 -----n--- C:\WINDOWS\system32\spnpinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:16 15360 -----n--- C:\WINDOWS\system32\smbinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:16 81920 -----n--- C:\WINDOWS\system32\slserv.exe <Not Verified; Smart Link; Soft Modem>
2008-03-31 23:14:16 40960 -----n--- C:\WINDOWS\system32\slrundll.exe <Not Verified; Smart Link; Soft Modem>
2008-03-31 23:14:16 20480 -----n--- C:\WINDOWS\system32\savedump.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:14 11264 -----n--- C:\WINDOWS\system32\actmovie.exe <Not Verified; Microsoft Corporation; DirectShow>
2008-03-31 23:14:12 45056 -----n--- C:\WINDOWS\system32\MAPISRVR.EXE <Not Verified; Microsoft Corporation; Microsoft Exchange>
2008-03-31 23:14:12 32256 -----n--- C:\WINDOWS\system32\at.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:12 105472 -----n--- C:\WINDOWS\system32\ahui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:08 37376 -----n--- C:\WINDOWS\system32\dplaysvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:08 32256 -----n--- C:\WINDOWS\system32\defrag.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter>
2008-03-31 23:14:08 37376 -----n--- C:\WINDOWS\system32\ddeshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:08 106496 -----n--- C:\WINDOWS\system32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft ® Windows Script Host>
2008-03-31 23:14:06 46592 -----n--- C:\WINDOWS\system32\grpconv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:06 200192 -----n--- C:\WINDOWS\system32\eudcedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:06 1306624 -----n--- C:\WINDOWS\system32\dxdiag.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:04 145920 -----n--- C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:02 30720 -----n--- C:\WINDOWS\system32\ipxroute.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:02 62976 -----n--- C:\WINDOWS\system32\ipconfig.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:02 87552 -----n--- C:\WINDOWS\system32\charmap.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:00 16896 -----n--- C:\WINDOWS\system32\reset.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:14:00 150528 -----n--- C:\WINDOWS\system32\mobsync.exe <Not Verified; Microsoft Corporation; Microsoft Synchronization Manager>
2008-03-31 23:14:00 53760 -----n--- C:\WINDOWS\system32\dxdllreg.exe <Not Verified; Microsoft Corporation; Microsoft® DirectX for Windows® Operating System>
2008-03-31 23:13:58 76800 --a------ C:\WINDOWS\system32\TWUNK_32.EXE <Not Verified; Twain Working Group; Twain Thunker>
2008-03-31 23:13:58 24064 -----n--- C:\WINDOWS\system32\tsshutdn.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:58 23552 -----n--- C:\WINDOWS\system32\tskill.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:58 22016 -----n--- C:\WINDOWS\system32\tsdiscon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 22016 -----n--- C:\WINDOWS\system32\tscon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 22016 -----n--- C:\WINDOWS\system32\shadow.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 23040 -----n--- C:\WINDOWS\system32\rwinsta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 40960 -----n--- C:\WINDOWS\system32\regini.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 29184 -----n--- C:\WINDOWS\system32\qwinsta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 24064 -----n--- C:\WINDOWS\system32\qappsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:56 28160 -----n--- C:\WINDOWS\system32\msg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:54 22528 -----n--- C:\WINDOWS\system32\logoff.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:54 12288 -----n--- C:\WINDOWS\system32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services>
2008-03-31 23:13:52 103936 -----n--- C:\WINDOWS\system32\logagent.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-03-31 23:13:50 47104 -----n--- C:\WINDOWS\system32\cmmon32.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-03-31 23:13:48 21504 -----n--- C:\WINDOWS\system32\auditusr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:42 77824 -----n--- C:\WINDOWS\system32\usrshuta.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver>
2008-03-31 23:13:42 69632 -----n--- C:\WINDOWS\system32\usrprbda.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics modem>
2008-03-31 23:13:42 86016 -----n--- C:\WINDOWS\system32\usrmlnka.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver>
2008-03-31 23:13:42 22528 -----n--- C:\WINDOWS\system32\pentnt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:42 47616 -----n--- C:\WINDOWS\system32\osuninst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:40 58880 -----n--- C:\WINDOWS\system32\migpwd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:40 32256 -----n--- C:\WINDOWS\system32\lnkstub.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:38 39424 -----n--- C:\WINDOWS\system32\wupdmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:36 86016 -----n--- C:\WINDOWS\system32\wmpstub.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Player>
2008-03-31 23:13:36 54272 -----n--- C:\WINDOWS\system32\uwdf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:36 414720 -----n--- C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:36 19456 -----n--- C:\WINDOWS\system32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:34 18944 -----n--- C:\WINDOWS\system32\winmsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:34 15360 -----n--- C:\WINDOWS\system32\winhlp32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:34 132096 -----n--- C:\WINDOWS\system32\net1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:34 60928 -----n--- C:\WINDOWS\system32\narrator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:32 56832 -----n--- C:\WINDOWS\system32\w32tm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:32 40960 -----n--- C:\WINDOWS\system32\vssadmin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:32 105472 -----n--- C:\WINDOWS\system32\verifier.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:32 93184 -----n--- C:\WINDOWS\system32\netsh.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:32 33280 --a------ C:\WINDOWS\system32\Ati2mdxx.exe <Not Verified; ATI Technologies, Inc.; ATI Default Resolution Update>
2008-03-31 23:13:30 11264 -----n--- C:\WINDOWS\system32\unlodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:30 38912 -----n--- C:\WINDOWS\system32\tracert6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:30 24064 -----n--- C:\WINDOWS\system32\tftp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:30 44032 -----n--- C:\WINDOWS\system32\netstat.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 26624 -----n--- C:\WINDOWS\system32\tcpsvcs.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 19456 -----n--- C:\WINDOWS\system32\tcmsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 22528 -----n--- C:\WINDOWS\system32\taskman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 10240 -----n--- C:\WINDOWS\system32\systray.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 44032 -----n--- C:\WINDOWS\system32\syskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 58368 -----n--- C:\WINDOWS\system32\syncapp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:28 16384 -----n--- C:\WINDOWS\system32\subst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 28672 -----n--- C:\WINDOWS\system32\rcp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 64000 -----n--- C:\WINDOWS\system32\rasphone.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 27648 -----n--- C:\WINDOWS\system32\qprocess.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 57344 -----n--- C:\WINDOWS\system32\proquota.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 25088 -----n--- C:\WINDOWS\system32\ping.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:26 222720 -----n--- C:\WINDOWS\system32\osk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:24 16896 -----n--- C:\WINDOWS\system32\sfc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:24 20992 -----n--- C:\WINDOWS\system32\rexec.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:24 57344 -----n--- C:\WINDOWS\system32\reg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:24 20992 -----n--- C:\WINDOWS\system32\rdsaddin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:24 521728 --a------ C:\WINDOWS\system32\logonui(2)(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 38400 -----n--- C:\WINDOWS\system32\sc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 21504 -----n--- C:\WINDOWS\system32\runonce.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 23552 -----n--- C:\WINDOWS\system32\runas.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 56320 -----n--- C:\WINDOWS\system32\rsmui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Whistler® Operating System>
2008-03-31 23:13:22 31744 -----n--- C:\WINDOWS\system32\rsmsink.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Whistler® Operating System>
2008-03-31 23:13:22 56320 -----n--- C:\WINDOWS\system32\rsm.exe <Not Verified; Microsoft Corp; Microsoft® Windows ® 2000 Operating System>
2008-03-31 23:13:22 22016 -----n--- C:\WINDOWS\system32\rsh.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 32768 -----n--- C:\WINDOWS\system32\routemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:22 27136 -----n--- C:\WINDOWS\system32\route.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 19968 -----n--- C:\WINDOWS\system32\replace.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 11776 -----n--- C:\WINDOWS\system32\regwiz.exe <Not Verified; Microsoft; RegWizExe>
2008-03-31 23:13:20 18944 -----n--- C:\WINDOWS\system32\regsvr32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 10752 -----n--- C:\WINDOWS\system32\regedt32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 14336 -----n--- C:\WINDOWS\system32\recover.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 74240 -----n--- C:\WINDOWS\system32\rdshost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 43008 -----n--- C:\WINDOWS\system32\rcimlby.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 18432 -----n--- C:\WINDOWS\system32\rasdial.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:20 18944 -----n--- C:\WINDOWS\system32\rasautou.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:18 116736 -----n--- C:\WINDOWS\system32\progman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:18 16384 -----n--- C:\WINDOWS\system32\print.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:18 40448 -----n--- C:\WINDOWS\system32\ping6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:18 23040 -----n--- C:\WINDOWS\system32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:14 16384 -----n--- C:\WINDOWS\system32\scrnsave.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:14 38912 -----n--- C:\WINDOWS\system32\ntsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:14 338944 -----n--- C:\WINDOWS\system32\netsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:12 84480 -----n--- C:\WINDOWS\system32\sdbinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:12 11264 -----n--- C:\WINDOWS\system32\nddeapir.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:12 27648 -----n--- C:\WINDOWS\system32\nbtstat.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:10 13824 -----n--- C:\WINDOWS\system32\msswchx.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:08 28672 -----n--- C:\WINDOWS\system32\pathping.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:08 19968 -----n--- C:\WINDOWS\system32\mrinfo.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:08 29184 -----n--- C:\WINDOWS\system32\mpnotify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:08 15360 -----n--- C:\WINDOWS\system32\mountvol.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:06 822272 -----n--- C:\WINDOWS\system32\mmc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:04 92672 -----n--- C:\WINDOWS\system32\makecab.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:04 79872 -----n--- C:\WINDOWS\system32\magnify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:04 15360 -----n--- C:\WINDOWS\system32\lpr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:04 13312 -----n--- C:\WINDOWS\system32\lpq.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:04 12288 -----n--- C:\WINDOWS\system32\lodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:02 36864 -----n--- C:\WINDOWS\system32\lights.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:02 16896 -----n--- C:\WINDOWS\system32\label.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:00 33280 -----n--- C:\WINDOWS\system32\xpsp1hfm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:00 60416 -----n--- C:\WINDOWS\system32\ipv6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:13:00 51200 -----n--- C:\WINDOWS\system32\ipsec6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:58 389120 --a------ C:\WINDOWS\system32\lxctih.exe <Not Verified; ; Printer Communication System>
2008-03-31 23:12:56 157184 -----n--- C:\WINDOWS\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:56 121856 -----n--- C:\WINDOWS\system32\iexpress.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:52 14848 -----n--- C:\WINDOWS\system32\hostname.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:52 22016 -----n--- C:\WINDOWS\system32\help.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:50 63488 -----n--- C:\WINDOWS\system32\fsutil.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:50 14336 -----n--- C:\WINDOWS\system32\forcedos.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:50 28160 -----n--- C:\WINDOWS\system32\fontview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:50 34304 -----n--- C:\WINDOWS\system32\findstr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 10240 -----n--- C:\WINDOWS\system32\fixmapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 16384 -----n--- C:\WINDOWS\system32\finger.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 16384 -----n--- C:\WINDOWS\system32\find.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 22016 -----n--- C:\WINDOWS\system32\fc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 23040 -----n--- C:\WINDOWS\system32\expand.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 15872 -----n--- C:\WINDOWS\system32\eventvwr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 46592 -----n--- C:\WINDOWS\system32\esentutl.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:48 25088 -----n--- C:\WINDOWS\system32\dvdupgrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:46 188416 -----n--- C:\WINDOWS\system32\dwwin.exe <Not Verified; Microsoft Corporation; Microsoft Application Error Reporting>
2008-03-31 23:12:46 62464 -----n--- C:\WINDOWS\system32\dvdplay.exe <Not Verified; ; dvdplay Application>
2008-03-31 23:12:46 52736 -----n--- C:\WINDOWS\system32\drwtsn32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:44 90624 -----n--- C:\WINDOWS\system32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:40 17920 -----n--- C:\WINDOWS\system32\doskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:38 11776 -----n--- C:\WINDOWS\system32\dllhst3g.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:38 171008 -----n--- C:\WINDOWS\system32\diskpart.exe <Not Verified; Microsoft Corporation; Microsoft Corporation Diskpart Application>
2008-03-31 23:12:36 25088 -----n--- C:\WINDOWS\system32\diskperf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:34 25600 -----n--- C:\WINDOWS\system32\dpnsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:34 23040 -----n--- C:\WINDOWS\system32\dmremote.exe <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT>
2008-03-31 23:12:34 92672 -----n--- C:\WINDOWS\system32\diantz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:24 34816 -----n--- C:\WINDOWS\system32\conime.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:22 20992 -----n--- C:\WINDOWS\system32\convert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:22 15360 -----n--- C:\WINDOWS\system32\control.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:20 24576 -----n--- C:\WINDOWS\system32\compact.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:20 23040 -----n--- C:\WINDOWS\system32\comp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:20 70656 -----n--- C:\WINDOWS\system32\cmstp.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-03-31 23:12:18 54272 -----n--- C:\WINDOWS\system32\cmdl32.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-03-31 23:12:16 110080 -----n--- C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:14 14848 -----n--- C:\WINDOWS\system32\ckcnv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:14 15360 -----n--- C:\WINDOWS\system32\cidaemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:12 18432 -----n--- C:\WINDOWS\system32\chkntfs.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:12 18944 -----n--- C:\WINDOWS\system32\chkdsk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:10 25600 -----n--- C:\WINDOWS\system32\cacls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:06 12288 -----n--- C:\WINDOWS\system32\bootvrfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:04 11776 -----n--- C:\WINDOWS\system32\bootok.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:02 385024 --a------ C:\WINDOWS\system32\lxctcfg.exe <Not Verified; ; Printer Communication System>
2008-03-31 23:12:02 18432 -----n--- C:\WINDOWS\system32\attrib.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:02 18432 -----n--- C:\WINDOWS\system32\atmadm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:12:00 26624 -----n--- C:\WINDOWS\system32\arp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:56 69632 --a------ C:\WINDOWS\system32\dns-sd.exe <Not Verified; Apple Computer, Inc.; Bonjour>
2008-03-31 23:11:54 38400 -----n--- C:\WINDOWS\system32\sethc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:54 227840 -----n--- C:\WINDOWS\system32\logon.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:52 30720 -----n--- C:\WINDOWS\system32\sort.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:52 89600 -----n--- C:\WINDOWS\system32\dfrgfat.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter>
2008-03-31 23:11:46 561152 --a------ C:\WINDOWS\system32\UNINSTAL.EXE
2008-03-31 23:11:46 15360 -----n--- C:\WINDOWS\system32\spdwnwxp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:46 65536 -----n--- C:\WINDOWS\system32\packager.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:44 49664 -----n--- C:\WINDOWS\system32\net.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:42 30208 -----n--- C:\WINDOWS\system32\setup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:32 69632 -----n--- C:\WINDOWS\system32\rdpclip.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:32 30208 --a------ C:\WINDOWS\system32\fltmc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:14 52736 -----n--- C:\WINDOWS\system32\extrac32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:06 82944 -----n--- C:\WINDOWS\system32\telnet.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:06 49664 -----n--- C:\WINDOWS\system32\shmgrate.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:04 84992 -----n--- C:\WINDOWS\system32\shrpubw.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:11:04 521728 -----n--- C:\WINDOWS\system32\logonui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:10:58 26624 -----n--- C:\WINDOWS\system32\shutdown.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:10:56 31744 -----n--- C:\WINDOWS\system32\userinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:10:56 77312 -----n--- C:\WINDOWS\system32\sigverif.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 23:10:54 33280 -----n--- C:\WINDOWS\system32\skeys.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:30 296960 -----n--- C:\WINDOWS\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:28 25600 -----n--- C:\WINDOWS\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:20 102912 -----n--- C:\WINDOWS\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:20 139776 -----n--- C:\WINDOWS\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:20 82432 -----n--- C:\WINDOWS\system32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:18 147968 -----n--- C:\WINDOWS\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:14 118272 -----n--- C:\WINDOWS\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:43:08 40960 -----n--- C:\WINDOWS\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-03-31 21:42:36 231936 -----n--- C:\WINDOWS\system32\dmadmin.exe <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
2008-03-31 21:42:30 528384 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-03-31 21:15:06 126976 -----n--- C:\WINDOWS\system32\winmine.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:15:06 545792 -----n--- C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:15:06 64000 -----n--- C:\WINDOWS\system32\sol.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:15:04 134144 -----n--- C:\WINDOWS\system32\mshearts.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:15:02 62464 -----n--- C:\WINDOWS\system32\freecell.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:14:36 71168 -----n--- C:\WINDOWS\system32\cleanmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:14:34 350208 -----n--- C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:14:34 121856 -----n--- C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:14:32 13824 -----n--- C:\WINDOWS\system32\wscntfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-31 21:14:32 200704 -----n--- C:\WINDOWS\system32\ImapiRox.exe <Not Verified; Roxio Inc.; IMAPI Module>
2008-03-31 21:14:30

Edited by Ammar, 01 April 2008 - 01:27 AM.

  • 0

Advertisements

#2
Rorschach112
Posted 01 April 2008 - 04:47 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Multiple topic
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP