Thread: Virus:Trj/Jupillites.G
View Single Post
Old 10-16-2006, 02:10 PM   #8 (permalink)
quaa
Registered User
 
Join Date: Jan 2006
Posts: 20
OS: XP HOME


Panda Scan

Incident Status Location

Dialer:dialer generic Not disinfected c:\program files\dialers
Adware:adware/commad Not disinfected Windows Registry
Adware:adware/adrotator Not disinfected Windows Registry
Adware:adware/picsplace Not disinfected Windows Registry
Dialer:Dialer.BCA Not disinfected C:\avenger\backup.zip[avenger/01setup.EXE]
Spyware:Spyware/7r7t Not disinfected C:\avenger\backup.zip[avenger/srvbtsebdr.exe]
Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Dialer:Dialer.Gen Not disinfected C:\Program Files\dialers\personal_party\personal_party.exe
Spyware:Cookie/LinkExchange Not disinfected C:\Program Files\EarthLink 5.0\tanya309@earthlink.net\Cookies\owner@linkexchange[1].txt
Adware:Adware/TVMedia Not disinfected C:\WINDOWS\Downloaded Program Files\Install.inf
Adware:Adware/CommAd Not disinfected C:\WINDOWS\IA\KE.vbs
Hacktool:Rootkit/Rustock Not disinfected C:\WINDOWS\SYSTEM32:lzx32.sys
Dialer:Dialer.Gen Not disinfected C:\WINDOWS\SYSTEM32\Connect2Party-uninstall.exe
Dialer:Dialer.Gen Not disinfected C:\WINDOWS\SYSTEM32\Personal_Party-uninstall.exe




combofix
Owner - 06-10-16 13:02:04.71 Service Pack 1
ComboFix 06.10.16 - Running from: "C:\Documents and Settings\Owner\Desktop\XPFIX"

((((((((((((((((((((((((((((((( Files Created from 2006-09-16 to 2006-10-16 ))))))))))))))))))))))))))))))))))


2006-10-13 18:58 3,968 --a------ C:\WINDOWS\SYSTEM32\drivers\AvgAsCln.sys
2006-10-13 18:49 67,584 --a------ C:\WINDOWS\SYSTEM32\magnify.exe
2006-10-13 18:49 53,760 --a------ C:\WINDOWS\SYSTEM32\cryptsvc.dll
2006-10-13 18:49 51,200 --a------ C:\WINDOWS\SYSTEM32\narrator.exe
2006-10-13 18:49 238,080 --a------ C:\WINDOWS\SYSTEM32\newdev.dll
2006-10-13 18:49 212,480 --a------ C:\WINDOWS\SYSTEM32\osk.exe
2006-10-13 18:49 179,200 --a------ C:\WINDOWS\SYSTEM32\accwiz.exe
2006-10-13 18:48 50,176 --a------ C:\WINDOWS\SYSTEM32\dpwsockx.dll
2006-10-13 18:48 214,528 --a------ C:\WINDOWS\SYSTEM32\dplayx.dll
2006-10-13 18:47 831,519 --a------ C:\WINDOWS\SYSTEM32\mswdat10.dll
2006-10-13 18:47 614,431 --a------ C:\WINDOWS\SYSTEM32\mswstr10.dll
2006-10-13 18:47 552,989 --a------ C:\WINDOWS\SYSTEM32\msrepl40.dll
2006-10-13 18:47 53,279 --a------ C:\WINDOWS\SYSTEM32\msjter40.dll
2006-10-13 18:47 512,029 --a------ C:\WINDOWS\SYSTEM32\msexch40.dll
2006-10-13 18:47 421,919 --a------ C:\WINDOWS\SYSTEM32\msrd2x40.dll
2006-10-13 18:47 380,957 --a------ C:\WINDOWS\SYSTEM32\expsrv.dll
2006-10-13 18:47 358,976 --------- C:\WINDOWS\SYSTEM32\msjetoledb40.dll
2006-10-13 18:47 348,189 --a------ C:\WINDOWS\SYSTEM32\msxbde40.dll
2006-10-13 18:47 348,189 --a------ C:\WINDOWS\SYSTEM32\mspbde40.dll
2006-10-13 18:47 319,517 --a------ C:\WINDOWS\SYSTEM32\msexcl40.dll
2006-10-13 18:47 315,423 --a------ C:\WINDOWS\SYSTEM32\msrd3x40.dll
2006-10-13 18:47 30,749 --a------ C:\WINDOWS\SYSTEM32\vbajet32.dll
2006-10-13 18:47 258,077 --a------ C:\WINDOWS\SYSTEM32\mstext40.dll
2006-10-13 18:47 241,693 --a------ C:\WINDOWS\SYSTEM32\msjtes40.dll
2006-10-13 18:47 213,023 --a------ C:\WINDOWS\SYSTEM32\msltus40.dll
2006-10-13 18:47 151,583 --a------ C:\WINDOWS\SYSTEM32\msjint40.dll
2006-10-13 18:47 1,507,356 --a------ C:\WINDOWS\SYSTEM32\msjet40.dll
2006-10-13 18:46 32,256 --a------ C:\WINDOWS\SYSTEM32\msgsvc.dll
2006-10-13 18:41 260,096 --a------ C:\WINDOWS\SYSTEM32\mstask.dll
2006-10-13 18:41 172,544 --a------ C:\WINDOWS\SYSTEM32\schedsvc.dll
2006-10-13 18:41 10,752 --a------ C:\WINDOWS\SYSTEM32\mstinit.exe
2006-10-13 17:51 991,232 --a------ C:\WINDOWS\SYSTEM32\esent.dll
2006-10-13 17:24 22,752 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.exe
2006-10-13 16:39 9,216 --a------ C:\WINDOWS\SYSTEM32\wuauserv.dll
2006-10-13 16:39 88,064 --a------ C:\WINDOWS\SYSTEM32\tscfgwmi.dll
2006-10-13 16:39 86,528 --a------ C:\WINDOWS\SYSTEM32\wlnotify.dll
2006-10-13 16:39 86,016 --a------ C:\WINDOWS\SYSTEM32\xactsrv.dll
2006-10-13 16:39 82,944 --a------ C:\WINDOWS\SYSTEM32\smlogsvc.exe
2006-10-13 16:39 81,920 --a------ C:\WINDOWS\SYSTEM32\trkwks.dll
2006-10-13 16:39 77,824 --a------ C:\WINDOWS\SYSTEM32\wmpstub.exe
2006-10-13 16:39 77,824 --a------ C:\WINDOWS\SYSTEM32\wmpshell.dll
2006-10-13 16:39 72,192 --------- C:\WINDOWS\SYSTEM32\telnet.exe
2006-10-13 16:39 71,168 --------- C:\WINDOWS\SYSTEM32\storprop.dll
2006-10-13 16:39 667,648 --a------ C:\WINDOWS\SYSTEM32\ss3dfo.scr
2006-10-13 16:39 66,560 --a------ C:\WINDOWS\SYSTEM32\spoolss.dll
2006-10-13 16:39 638,976 --a------ C:\WINDOWS\SYSTEM32\sstext3d.scr
2006-10-13 16:39 63,488 --a------ C:\WINDOWS\SYSTEM32\srclient.dll
2006-10-13 16:39 61,952 --a------ C:\WINDOWS\SYSTEM32\sti.dll
2006-10-13 16:39 60,416 --a------ C:\WINDOWS\SYSTEM32\wextract.exe
2006-10-13 16:39 569,344 --a------ C:\WINDOWS\SYSTEM32\sspipes.scr
2006-10-13 16:39 56,832 --a------ C:\WINDOWS\SYSTEM32\wzcdlg.dll
2006-10-13 16:39 534,016 --a------ C:\WINDOWS\SYSTEM32\spider.exe
2006-10-13 16:39 51,200 --a------ C:\WINDOWS\SYSTEM32\wmerrenu.dll
2006-10-13 16:39 48,640 --a------ C:\WINDOWS\SYSTEM32\vdmredir.dll
2006-10-13 16:39 48,128 --a------ C:\WINDOWS\SYSTEM32\winsta.dll
2006-10-13 16:39 479,261 --a------ C:\WINDOWS\SYSTEM32\vbscript.dll
2006-10-13 16:39 47,616 --a------ C:\WINDOWS\SYSTEM32\utilman.exe
2006-10-13 16:39 446,464 --a------ C:\WINDOWS\SYSTEM32\wmvdmoe.dll
2006-10-13 16:39 442,398 --a------ C:\WINDOWS\SYSTEM32\wmadmoe.dll
2006-10-13 16:39 43,008 --a------ C:\WINDOWS\SYSTEM32\ssdpsrv.dll
2006-10-13 16:39 409,088 --a------ C:\WINDOWS\SYSTEM32\vssapi.dll
2006-10-13 16:39 40,960 --a------ C:\WINDOWS\SYSTEM32\tscupgrd.exe
2006-10-13 16:39 384,000 --a------ C:\WINDOWS\SYSTEM32\themeui.dll
2006-10-13 16:39 38,912 --a------ C:\WINDOWS\SYSTEM32\wsnmp32.dll
2006-10-13 16:39 364,544 --a------ C:\WINDOWS\SYSTEM32\ssflwbox.scr
2006-10-13 16:39 339,456 --a------ C:\WINDOWS\SYSTEM32\usp10.dll
2006-10-13 16:39 334,848 --a------ C:\WINDOWS\SYSTEM32\smlogcfg.dll
2006-10-13 16:39 32,256 --a------ C:\WINDOWS\SYSTEM32\umandlg.dll
2006-10-13 16:39 316,416 --a------ C:\WINDOWS\SYSTEM32\wiaservc.dll
2006-10-13 16:39 311,327 --a------ C:\WINDOWS\SYSTEM32\wmv8dmod.dll
2006-10-13 16:39 296,448 --a------ C:\WINDOWS\SYSTEM32\wmstream.dll
2006-10-13 16:39 294,912 --a------ C:\WINDOWS\SYSTEM32\wmvdmod.dll
2006-10-13 16:39 274,432 --a------ C:\WINDOWS\SYSTEM32\wmasf.dll
2006-10-13 16:39 27,136 --a------ C:\WINDOWS\SYSTEM32\ssdpapi.dll
2006-10-13 16:39 266,752 --a------ C:\WINDOWS\winhlp32.exe
2006-10-13 16:39 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc.dll
2006-10-13 16:39 258,048 --a------ C:\WINDOWS\SYSTEM32\webcheck.dll
2006-10-13 16:39 253,952 --a------ C:\WINDOWS\SYSTEM32\wmpcd.dll
2006-10-13 16:39 253,952 --a------ C:\WINDOWS\SYSTEM32\wmnetmgr.dll
2006-10-13 16:39 251,904 --a------ C:\WINDOWS\SYSTEM32\strmdll.dll
2006-10-13 16:39 231,424 --a------ C:\WINDOWS\SYSTEM32\upnpui.dll
2006-10-13 16:39 23,552 --------- C:\WINDOWS\SYSTEM32\wzcsapi.dll
2006-10-13 16:39 22,016 --a------ C:\WINDOWS\SYSTEM32\udhisapi.dll
2006-10-13 16:39 203,264 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll
2006-10-13 16:39 200,192 --a------ C:\WINDOWS\SYSTEM32\termsrv.dll
2006-10-13 16:39 19,456 --a------ C:\WINDOWS\SYSTEM32\ssmarque.scr
2006-10-13 16:39 184,320 --a------ C:\WINDOWS\SYSTEM32\wmadmod.dll
2006-10-13 16:39 18,944 --a------ C:\WINDOWS\SYSTEM32\ssbezier.scr
2006-10-13 16:39 172,664 --a------ C:\WINDOWS\SYSTEM32\xenroll.dll
2006-10-13 16:39 171,520 --a------ C:\WINDOWS\SYSTEM32\winmm.dll
2006-10-13 16:39 17,408 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll
2006-10-13 16:39 17,408 --a------ C:\WINDOWS\SYSTEM32\ssmyst.scr
2006-10-13 16:39 168,448 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll
2006-10-13 16:39 165,376 --a------ C:\WINDOWS\SYSTEM32\w32time.dll
2006-10-13 16:39 165,376 --a------ C:\WINDOWS\SYSTEM32\tapi32.dll
2006-10-13 16:39 164,864 --a------ C:\WINDOWS\SYSTEM32\upnphost.dll
2006-10-13 16:39 16,896 --a------ C:\WINDOWS\SYSTEM32\snmpapi.dll
2006-10-13 16:39 16,384 --a------ C:\WINDOWS\SYSTEM32\watchdog.sys
2006-10-13 16:39 16,384 --a------ C:\WINDOWS\SYSTEM32\ups.exe
2006-10-13 16:39 158,720 --a------ C:\WINDOWS\SYSTEM32\srsvc.dll
2006-10-13 16:39 130,560 --a------ C:\WINDOWS\SYSTEM32\sti_ci.dll
2006-10-13 16:39 13,312 --a------ C:\WINDOWS\SYSTEM32\ssstars.scr
2006-10-13 16:39 128,512 --a------ C:\WINDOWS\SYSTEM32\taskmgr.exe
2006-10-13 16:39 124,928 --a------ C:\WINDOWS\SYSTEM32\webvw.dll
2006-10-13 16:39 120,320 --a------ C:\WINDOWS\SYSTEM32\upnp.dll
2006-10-13 16:39 119,808 --a------ C:\WINDOWS\SYSTEM32\wiadss.dll
2006-10-13 16:39 118,784 --a------ C:\WINDOWS\SYSTEM32\wmsdmoe.dll
2006-10-13 16:39 117,760 --a------ C:\WINDOWS\SYSTEM32\stobject.dll
2006-10-13 16:39 110,592 --a------ C:\WINDOWS\SYSTEM32\wmsdmod.dll
2006-10-13 16:39 106,496 --a------ C:\WINDOWS\SYSTEM32\url.dll
2006-10-13 16:39 10,752 --a------ C:\WINDOWS\SYSTEM32\tracert.exe
2006-10-13 16:39 1,998,848 --a------ C:\WINDOWS\SYSTEM32\wmploc.dll
2006-10-13 16:39 1,425,680 --a------ C:\WINDOWS\SYSTEM32\wmpui.dll
2006-10-13 16:39 1,220,608 --a------ C:\WINDOWS\SYSTEM32\wmvcore.dll
2006-10-13 16:38 98,304 --a------ C:\WINDOWS\SYSTEM32\oleprn.dll
2006-10-13 16:38 95,744 --a------ C:\WINDOWS\SYSTEM32\nlhtml.dll
2006-10-13 16:38 91,136 --a------ C:\WINDOWS\SYSTEM32\rastls.dll
2006-10-13 16:38 87,304 --a------ C:\WINDOWS\SYSTEM32\rdpdd.dll
2006-10-13 16:38 82,944 --a------ C:\WINDOWS\SYSTEM32\psbase.dll
2006-10-13 16:38 8,192 --a------ C:\WINDOWS\SYSTEM32\scrnsave.scr
2006-10-13 16:38 75,912 --a------ C:\WINDOWS\SYSTEM32\rdpwsx.dll
2006-10-13 16:38 74,240 --a------ C:\WINDOWS\SYSTEM32\rtcshare.exe
2006-10-13 16:38 71,168 --a------ C:\WINDOWS\SYSTEM32\sdbinst.exe
2006-10-13 16:38 686,080 --a------ C:\WINDOWS\SYSTEM32\opengl32.dll
2006-10-13 16:38 66,048 --a------ C:\WINDOWS\SYSTEM32\sigverif.exe
2006-10-13 16:38 62,976 --a------ C:\WINDOWS\SYSTEM32\shgina.dll
2006-10-13 16:38 61,440 --a------ C:\WINDOWS\SYSTEM32\odbccu32.dll
2006-10-13 16:38 61,440 --a------ C:\WINDOWS\SYSTEM32\odbccr32.dll
2006-10-13 16:38 60,416 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll
2006-10-13 16:38 6,912 --------- C:\WINDOWS\SYSTEM32\drivers\hidir.sys
2006-10-13 16:38 6,144 --a------ C:\WINDOWS\SYSTEM32\sensapi.dll
2006-10-13 16:38 58,880 --a------ C:\WINDOWS\SYSTEM32\pautoenr.dll
2006-10-13 16:38 57,856 --a------ C:\WINDOWS\SYSTEM32\raschap.dll
2006-10-13 16:38 56,320 --a------ C:\WINDOWS\SYSTEM32\remotepg.dll
2006-10-13 16:38 53,248 --a------ C:\WINDOWS\SYSTEM32\packager.exe
2006-10-13 16:38 53,248 --a------ C:\WINDOWS\SYSTEM32\odbcconf.exe
2006-10-13 16:38 52,224 --a------ C:\WINDOWS\SYSTEM32\secur32.dll
2006-10-13 16:38 511,488 --a------ C:\WINDOWS\SYSTEM32\qedit.dll
2006-10-13 16:38 504,832 --------- C:\WINDOWS\SYSTEM32\msftedit.dll
2006-10-13 16:38 5,504 --------- C:\WINDOWS\SYSTEM32\drivers\smbali.sys
2006-10-13 16:38 5,120 --------- C:\WINDOWS\SYSTEM32\hccoin.dll
2006-10-13 16:38 49,152 --a------ C:\WINDOWS\SYSTEM32\npptools.dll
2006-10-13 16:38 48,128 --a------ C:\WINDOWS\SYSTEM32\reg.exe
2006-10-13 16:38 44,032 --a------ C:\WINDOWS\SYSTEM32\regapi.dll
2006-10-13 16:38 44,032 --a------ C:\WINDOWS\SYSTEM32\rdpclip.exe
2006-10-13 16:38 423,424 --a------ C:\WINDOWS\SYSTEM32\riched20.dll
2006-10-13 16:38 420,864 --a------ C:\WINDOWS\SYSTEM32\shimgvw.dll
2006-10-13 16:38 403,456 --------- C:\WINDOWS\SYSTEM32\winbrand.dll
2006-10-13 16:38 392,704 --a------ C:\WINDOWS\SYSTEM32\ntmssvc.dll
2006-10-13 16:38 38,400 --a------ C:\WINDOWS\SYSTEM32\ntmsapi.dll
2006-10-13 16:38 38,400 --a------ C:\WINDOWS\SYSTEM32\ntlanman.dll
2006-10-13 16:38 36,463 --------- C:\WINDOWS\SYSTEM32\drivers\atintuxx.sys
2006-10-13 16:38 36,352 --a------ C:\WINDOWS\SYSTEM32\sens.dll
2006-10-13 16:38 357,376 --a------ C:\WINDOWS\SYSTEM32\qdvd.dll
2006-10-13 16:38 34,735 --------- C:\WINDOWS\SYSTEM32\drivers\atinxsxx.sys
2006-10-13 16:38 34,304 --a------ C:\WINDOWS\SYSTEM32\rcimlby.exe
2006-10-13 16:38 33,280 --a------ C:\WINDOWS\SYSTEM32\shmgrate.exe
2006-10-13 16:38 32,768 --a------ C:\WINDOWS\SYSTEM32\odbcad32.exe
2006-10-13 16:38 31,744 --------- C:\WINDOWS\SYSTEM32\pid.dll
2006-10-13 16:38 3,584 --------- C:\WINDOWS\SYSTEM32\dsprpres.dll
2006-10-13 16:38 3,338 --a------ C:\WINDOWS\SYSTEM32\redir.exe
2006-10-13 16:38 297,984 --a------ C:\WINDOWS\SYSTEM32\scesrv.dll
2006-10-13 16:38 29,455 --------- C:\WINDOWS\SYSTEM32\drivers\atinxbxx.sys
2006-10-13 16:38 254,976 --a------ C:\WINDOWS\SYSTEM32\pdh.dll
2006-10-13 16:38 24,576 --a------ C:\WINDOWS\SYSTEM32\nmmkcert.dll
2006-10-13 16:38 24,064 --a------ C:\WINDOWS\SYSTEM32\skeys.exe
2006-10-13 16:38 22,528 --a------ C:\WINDOWS\SYSTEM32\slayerxp.dll
2006-10-13 16:38 22,528 --a------ C:\WINDOWS\SYSTEM32\shfolder.dll
2006-10-13 16:38 218,112 --------- C:\WINDOWS\SYSTEM32\sbe.dll
2006-10-13 16:38 20,992 --a------ C:\WINDOWS\SYSTEM32\setup.exe
2006-10-13 16:38 193,536 --a------ C:\WINDOWS\SYSTEM32\rasppp.dll
2006-10-13 16:38 19,328 --------- C:\WINDOWS\SYSTEM32\drivers\usbehci.sys
2006-10-13 16:38 187,904 --------- C:\WINDOWS\SYSTEM32\xpsp1res.dll
2006-10-13 16:38 184,832 --a------ C:\WINDOWS\SYSTEM32\qcap.dll
2006-10-13 16:38 18,944 --------- C:\WINDOWS\SYSTEM32\faxpatch.exe
2006-10-13 16:38 174,592 --a------ C:\WINDOWS\SYSTEM32\scecli.dll
2006-10-13 16:38 172,032 --------- C:\WINDOWS\SYSTEM32\mssap.dll
2006-10-13 16:38 171,008 --a------ C:\WINDOWS\SYSTEM32\sccsccp.dll
2006-10-13 16:38 17,408 --a------ C:\WINDOWS\SYSTEM32\psapi.dll
2006-10-13 16:38 169,984 --a------ C:\WINDOWS\SYSTEM32\sccbase.dll
2006-10-13 16:38 165,888 --a------ C:\WINDOWS\SYSTEM32\ntmsdba.dll
2006-10-13 16:38 16,384 --a------ C:\WINDOWS\SYSTEM32\ping.exe
2006-10-13 16:38 16,384 --a------ C:\WINDOWS\SYSTEM32\odbc32gt.dll
2006-10-13 16:38 155,648 --a------ C:\WINDOWS\SYSTEM32\encdec.dll
2006-10-13 16:38 147,456 --a------ C:\WINDOWS\SYSTEM32\odbctrac.dll
2006-10-13 16:38 14,848 --a------ C:\WINDOWS\SYSTEM32\rdpsnd.dll
2006-10-13 16:38 137,216 --a------ C:\WINDOWS\SYSTEM32\ntshrui.dll
2006-10-13 16:38 135,680 --a------ C:\WINDOWS\SYSTEM32\rdchost.dll
2006-10-13 16:38 134,144 --------- C:\WINDOWS\regedit.exe
2006-10-13 16:38 133,632 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll
2006-10-13 16:38 133,120 --a------ C:\WINDOWS\SYSTEM32\sfc_os.dll
2006-10-13 16:38 13,824 --a------ C:\WINDOWS\SYSTEM32\rassapi.dll
2006-10-13 16:38 13,056 --------- C:\WINDOWS\SYSTEM32\drivers\wacompen.sys
2006-10-13 16:38 122,880 --a------ C:\WINDOWS\SYSTEM32\odbcconf.dll
2006-10-13 16:38 12,800 --a------ C:\WINDOWS\SYSTEM32\runonce.exe
2006-10-13 16:38 12,288 --a------ C:\WINDOWS\SYSTEM32\rdsaddin.exe
2006-10-13 16:38 12,288 --a------ C:\WINDOWS\SYSTEM32\odbcp32r.dll
2006-10-13 16:38 12,288 --------- C:\WINDOWS\SYSTEM32\encapi.dll
2006-10-13 16:38 112,128 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll
2006-10-13 16:38 110,080 --------- C:\WINDOWS\SYSTEM32\sbeio.dll
2006-10-13 16:38 11,904 --------- C:\WINDOWS\SYSTEM32\drivers\mutohpen.sys
2006-10-13 16:38 11,776 --a------ C:\WINDOWS\SYSTEM32\sigtab.dll
2006-10-13 16:38 109,568 --a------ C:\WINDOWS\SYSTEM32\offfilt.dll
2006-10-13 16:38 1,677,312 --------- C:\WINDOWS\SYSTEM32\wmvcore2.dll
2006-10-13 16:38 1,350,144 --a------ C:\WINDOWS\SYSTEM32\query.dll
2006-10-13 16:38 1,158,656 --a------ C:\WINDOWS\SYSTEM32\quartz.dll
2006-10-13 16:38 1,157,632 --a------ C:\WINDOWS\SYSTEM32\sfcfiles.dll
2006-10-13 16:37 921,475 --------- C:\WINDOWS\SYSTEM32\ati3d2ag.dll
2006-10-13 16:37 91,136 --a------ C:\WINDOWS\SYSTEM32\MSOERT2.DLL
2006-10-13 16:37 857,600 --a------ C:\WINDOWS\SYSTEM32\netplwiz.dll
2006-10-13 16:37 844,675 --------- C:\WINDOWS\SYSTEM32\ati3d1ag.dll
2006-10-13 16:37 78,848 --a------ C:\WINDOWS\SYSTEM32\msiexec.exe
2006-10-13 16:37 72,192 --a------ C:\WINDOWS\SYSTEM32\uniime.dll
2006-10-13 16:37 699,392 --a------ C:\WINDOWS\SYSTEM32\msxml2.dll
2006-10-13 16:37 68,608 --a------ C:\WINDOWS\SYSTEM32\mscms.dll
2006-10-13 16:37 67,584 --a------ C:\WINDOWS\SYSTEM32\msctfp.dll
2006-10-13 16:37 65,536 --a------ C:\WINDOWS\SYSTEM32\msconf.dll
2006-10-13 16:37 63,663 --------- C:\WINDOWS\SYSTEM32\drivers\atinrvxx.sys
2006-10-13 16:37 6,656 --a------ C:\WINDOWS\SYSTEM32\laprxy.dll
2006-10-13 16:37 598,016 --a------ C:\WINDOWS\SYSTEM32\mstscax.dll
2006-10-13 16:37 584,192 --a------ C:\WINDOWS\SYSTEM32\netcfgx.dll
2006-10-13 16:37 57,856 --a------ C:\WINDOWS\SYSTEM32\licwmi.dll
2006-10-13 16:37 56,591 --------- C:\WINDOWS\SYSTEM32\drivers\atinbtxx.sys
2006-10-13 16:37 56,320 --a------ C:\WINDOWS\SYSTEM32\mshtmler.dll
2006-10-13 16:37 504,320 --a------ C:\WINDOWS\SYSTEM32\logonui.exe
2006-10-13 16:37 450,176 --------- C:\WINDOWS\SYSTEM32\drivers\ati2mtag.sys
2006-10-13 16:37 42,496 --a------ C:\WINDOWS\SYSTEM32\ncobjapi.dll
2006-10-13 16:37 401,462 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll
2006-10-13 16:37 4,608 --a------ C:\WINDOWS\SYSTEM32\msimg32.dll
2006-10-13 16:37 4,126 --a------ C:\WINDOWS\SYSTEM32\msdxmlc.dll
2006-10-13 16:37 399,360 --a------ C:\WINDOWS\SYSTEM32\netlogon.dll
2006-10-13 16:37 39,424 --a------ C:\WINDOWS\SYSTEM32\net.exe
2006-10-13 16:37 388,608 --a------ C:\WINDOWS\SYSTEM32\mstsc.exe
2006-10-13 16:37 381,440 --a------ C:\WINDOWS\SYSTEM32\lmrt.dll
2006-10-13 16:37 377,984 --------- C:\WINDOWS\SYSTEM32\ati2dvaa.dll
2006-10-13 16:37 368,710 --a------ C:\WINDOWS\SYSTEM32\msisam11.dll
2006-10-13 16:37 339,968 --a------ C:\WINDOWS\SYSTEM32\mspaint.exe
2006-10-13 16:37 327,040 --------- C:\WINDOWS\SYSTEM32\drivers\ati2mtaa.sys
2006-10-13 16:37 326,656 --------- C:\WINDOWS\SYSTEM32\netsetup.exe
2006-10-13 16:37 323,072 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll
2006-10-13 16:37 32,256 --a------ C:\WINDOWS\SYSTEM32\mnmdd.dll
2006-10-13 16:37 319,760 --a------ C:\WINDOWS\SYSTEM32\msnsspc.dll
2006-10-13 16:37 30,671 --------- C:\WINDOWS\SYSTEM32\drivers\atinraxx.sys
2006-10-13 16:37 271,360 --a------ C:\WINDOWS\SYSTEM32\msihnd.dll
2006-10-13 16:37 266,752 --a------ C:\WINDOWS\SYSTEM32\msctf.dll
2006-10-13 16:37 26,367 --------- C:\WINDOWS\SYSTEM32\drivers\atinsnxx.sys
2006-10-13 16:37 245,760 --a------ C:\WINDOWS\SYSTEM32\msscp.dll
2006-10-13 16:37 241,725 --a------ C:\WINDOWS\SYSTEM32\msuni11.dll
2006-10-13 16:37 24,576 --a------ C:\WINDOWS\SYSTEM32\logagent.exe
2006-10-13 16:37 233,472 --a------ C:\WINDOWS\SYSTEM32\mpg4dmod.dll
2006-10-13 16:37 230,400 --a------ C:\WINDOWS\SYSTEM32\msieftp.dll
2006-10-13 16:37 229,376 --a------ C:\WINDOWS\SYSTEM32\MSOEACCT.DLL
2006-10-13 16:37 22,528 --a------ C:\WINDOWS\SYSTEM32\mslbui.dll
2006-10-13 16:37 219,648 --a------ C:\WINDOWS\SYSTEM32\logon.scr
2006-10-13 16:37 210,944 --a------ C:\WINDOWS\SYSTEM32\moricons.dll
2006-10-13 16:37 21,343 --------- C:\WINDOWS\SYSTEM32\drivers\atinttxx.sys
2006-10-13 16:37 202,496 --------- C:\WINDOWS\SYSTEM32\ati2dvag.dll
2006-10-13 16:37 2,890,240 --a------ C:\WINDOWS\SYSTEM32\msi.dll
2006-10-13 16:37 196,096 --a------ C:\WINDOWS\SYSTEM32\mobsync.dll
2006-10-13 16:37 192,512 --a------ C:\WINDOWS\SYSTEM32\mswebdvd.dll
2006-10-13 16:37 19,456 --a------ C:\WINDOWS\SYSTEM32\licmgr10.dll
2006-10-13 16:37 182,784 --a------ C:\WINDOWS\SYSTEM32\msutb.dll
2006-10-13 16:37 175,104 --a------ C:\WINDOWS\SYSTEM32\mspmsp.dll
2006-10-13 16:37 174,592 --a------ C:\WINDOWS\SYSTEM32\msnetobj.dll
2006-10-13 16:37 163,840 --a------ C:\WINDOWS\SYSTEM32\mindex.dll
2006-10-13 16:37 143,872 --a------ C:\WINDOWS\SYSTEM32\msimtf.dll
2006-10-13 16:37 131,072 --a------ C:\WINDOWS\SYSTEM32\msorcl32.dll
2006-10-13 16:37 12,288 --a------ C:\WINDOWS\SYSTEM32\mscpx32r.dll
2006-10-13 16:37 12,047 --------- C:\WINDOWS\SYSTEM32\drivers\atinpdxx.sys
2006-10-13 16:37 116,736 --a------ C:\WINDOWS\SYSTEM32\mplay32.exe
2006-10-13 16:37 115,200 --a------ C:\WINDOWS\SYSTEM32\net1.exe
2006-10-13 16:37 113,664 --a------ C:\WINDOWS\SYSTEM32\msvfw32.dll
2006-10-13 16:37 11,615 --------- C:\WINDOWS\SYSTEM32\drivers\atinmdxx.sys
2006-10-13 16:37 10,240 --a------ C:\WINDOWS\SYSTEM32\msrle32.dll
2006-10-13 16:37 10,240 --a------ C:\WINDOWS\SYSTEM32\localui.dll
2006-10-13 16:37 1,622,528 --a------ C:\WINDOWS\SYSTEM32\netshell.dll
2006-10-13 16:37 1,220,608 --a------ C:\WINDOWS\SYSTEM32\msvidctl.dll
2006-10-13 16:37 1,128,960 --a------ C:\WINDOWS\SYSTEM32\mmcndmgr.dll
2006-10-13 16:36 827,438 --a------ C:\WINDOWS\SYSTEM32\imjp81k.dll
2006-10-13 16:36 42,537 --a------ C:\WINDOWS\SYSTEM32\keyboard.sys
2006-10-13 16:35 98,816 --a------ C:\WINDOWS\SYSTEM32\clipbrd.exe
2006-10-13 16:35 94,720 --a------ C:\WINDOWS\SYSTEM32\dmusic.dll
2006-10-13 16:35 91,648 --a------ C:\WINDOWS\SYSTEM32\iuctl.dll
2006-10-13 16:35 91,648 --a------ C:\WINDOWS\SYSTEM32\ahui.exe
2006-10-13 16:35 91,136 --a------ C:\WINDOWS\SYSTEM32\advpack.dll
2006-10-13 16:35 9,216 --a------ C:\WINDOWS\SYSTEM32\icaapi.dll
2006-10-13 16:35 9,216 --a------ C:\WINDOWS\SYSTEM32\dumprep.exe
2006-10-13 16:35 802,304 --a------ C:\WINDOWS\SYSTEM32\dxmrtp.dll
2006-10-13 16:35 8,832 --a------ C:\WINDOWS\SYSTEM32\framebuf.dll
2006-10-13 16:35 8,192 --------- C:\WINDOWS\SYSTEM32\autolfn.exe
2006-10-13 16:35 786,432 --a------ C:\WINDOWS\SYSTEM32\dxdiag.exe
2006-10-13 16:35 77,312 --a------ C:\WINDOWS\SYSTEM32\dmscript.dll
2006-10-13 16:35 76,830 --a------ C:\WINDOWS\SYSTEM32\drmstor.dll
2006-10-13 16:35 76,288 --a------ C:\WINDOWS\SYSTEM32\dfrgfat.exe
2006-10-13 16:35 76,288 --a------ C:\WINDOWS\SYSTEM32\avifil32.dll
2006-10-13 16:35 74,810 --a------ C:\WINDOWS\SYSTEM32\atl.dll
2006-10-13 16:35 73,728 --a------ C:\WINDOWS\SYSTEM32\ils.dll
2006-10-13 16:35 71,680 --a------ C:\WINDOWS\SYSTEM32\browsewm.dll
2006-10-13 16:35 70,656 --a------ C:\WINDOWS\SYSTEM32\defrag.exe
2006-10-13 16:35 70,144 --a------ C:\WINDOWS\SYSTEM32\cryptdlg.dll
2006-10-13 16:35 7,168 --a------ C:\WINDOWS\SYSTEM32\fxsperf.dll
2006-10-13 16:35 7,040 --a------ C:\WINDOWS\SYSTEM32\kd1394.dll
2006-10-13 16:35 66,560 --a------ C:\WINDOWS\SYSTEM32\faultrep.dll
2006-10-13 16:35 64,512 --a------ C:\WINDOWS\SYSTEM32\ciodm.dll
2006-10-13 16:35 62,976 --a------ C:\WINDOWS\SYSTEM32\browselc.dll
2006-10-13 16:35 62,464 --a------ C:\WINDOWS\SYSTEM32\adsmsext.dll
2006-10-13 16:35 602,112 --a------ C:\WINDOWS\SYSTEM32\drmv2clt.dll
2006-10-13 16:35 6,656 --a------ C:\WINDOWS\SYSTEM32\fxsres.dll
2006-10-13 16:35 6,656 --a------ C:\WINDOWS\SYSTEM32\batt.dll
2006-10-13 16:35 596,480 --a------ C:\WINDOWS\SYSTEM32\INETCOMM.DLL
2006-10-13 16:35 59,904 --a------ C:\WINDOWS\SYSTEM32\cabinet.dll
2006-10-13 16:35 59,392 --a------ C:\WINDOWS\SYSTEM32\iesetup.dll
2006-10-13 16:35 58,368 --a------ C:\WINDOWS\SYSTEM32\dpvsetup.exe
2006-10-13 16:35 57,344 --a------ C:\WINDOWS\SYSTEM32\dmcompos.dll
2006-10-13 16:35 56,320 --a------ C:\WINDOWS\SYSTEM32\dpnhupnp.dll
2006-10-13 16:35 559,616 --a------ C:\WINDOWS\SYSTEM32\fxsst.dll
2006-10-13 16:35 55,296 --a------ C:\WINDOWS\SYSTEM32\digest.dll
2006-10-13 16:35 54,272 --a------ C:\WINDOWS\SYSTEM32\clusapi.dll
2006-10-13 16:35 51,712 --a------ C:\WINDOWS\SYSTEM32\ipconfig.exe
2006-10-13 16:35 5,120 --a------ C:\WINDOWS\SYSTEM32\asferror.dll
2006-10-13 16:35 498,205 --a------ C:\WINDOWS\SYSTEM32\dxmasf.dll
2006-10-13 16:35 49,664 --a------ C:\WINDOWS\SYSTEM32\ixsso.dll
2006-10-13 16:35 49,152 --a------ C:\WINDOWS\SYSTEM32\eventlog.dll
2006-10-13 16:35 49,152 --a------ C:\WINDOWS\SYSTEM32\browser.dll
2006-10-13 16:35 489,984 --------- C:\WINDOWS\SYSTEM32\dbghelp.dll
2006-10-13 16:35 45,568 --a------ C:\WINDOWS\SYSTEM32\docprop2.dll
2006-10-13 16:35 443,392 --a------ C:\WINDOWS\SYSTEM32\fxsapi.dll
2006-10-13 16:35 41,984 --a------ C:\WINDOWS\SYSTEM32\alg.exe
2006-10-13 16:35 41,472 --a------ C:\WINDOWS\SYSTEM32\cmdl32.exe
2006-10-13 16:35 395,264 --a------ C:\WINDOWS\SYSTEM32\fxsxp32.dll
2006-10-13 16:35 391,168 --a------ C:\WINDOWS\SYSTEM32\fxstiff.dll
2006-10-13 16:35 38,912 --a------ C:\WINDOWS\SYSTEM32\audiosrv.dll
2006-10-13 16:35 36,922 --a------ C:\WINDOWS\SYSTEM32\imeshare.dll
2006-10-13 16:35 35,328 --a------ C:\WINDOWS\SYSTEM32\dfrgsnap.dll
2006-10-13 16:35 324,608 --a------ C:\WINDOWS\SYSTEM32\cmdial32.dll
2006-10-13 16:35 32,768 --a------ C:\WINDOWS\SYSTEM32\cfgbkend.dll
2006-10-13 16:35 32,512 --------- C:\WINDOWS\SYSTEM32\drivers\amdk7.sys
2006-10-13 16:35 318,464 --a------ C:\WINDOWS\SYSTEM32\ippromon.dll
2006-10-13 16:35 31,744 --a------ C:\WINDOWS\SYSTEM32\dmloader.dll
2006-10-13 16:35 307,712 --a------ C:\WINDOWS\SYSTEM32\cscui.dll
2006-10-13 16:35 30,208 --a------ C:\WINDOWS\SYSTEM32\imgutil.dll
2006-10-13 16:35 294,912 --a------ C:\WINDOWS\SYSTEM32\iedkcs32.dll
2006-10-13 16:35 29,696 --a------ C:\WINDOWS\SYSTEM32\dpnhpast.dll
2006-10-13 16:35 28,672 --a------ C:\WINDOWS\SYSTEM32\ie4uinit.exe
2006-10-13 16:35 28,672 --a------ C:\WINDOWS\SYSTEM32\dbnmpntw.dll
2006-10-13 16:35 271,360 --a------ C:\WINDOWS\SYSTEM32\fxscomex.dll
2006-10-13 16:35 27,648 --------- C:\WINDOWS\SYSTEM32\pidgen.dll
2006-10-13 16:35 266,240 --a------ C:\WINDOWS\SYSTEM32\drmclien.dll
2006-10-13 16:35 263,680 --a------ C:\WINDOWS\SYSTEM32\duser.dll
2006-10-13 16:35 263,168 --a------ C:\WINDOWS\SYSTEM32\devmgr.dll
2006-10-13 16:35 26,112 --a------ C:\WINDOWS\SYSTEM32\dmband.dll
2006-10-13 16:35 253,440 --a------ C:\WINDOWS\SYSTEM32\ddraw.dll
2006-10-13 16:35 250,368 --a------ C:\WINDOWS\SYSTEM32\fxssvc.exe
2006-10-13 16:35 25,600 --a------ C:\WINDOWS\SYSTEM32\dfsshlex.dll
2006-10-13 16:35 240,640 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll
2006-10-13 16:35 24,576 --a------ C:\WINDOWS\SYSTEM32\dbmsvinn.dll
2006-10-13 16:35 24,576 --a------ C:\WINDOWS\SYSTEM32\dbmsrpcn.dll
2006-10-13 16:35 24,576 --a------ C:\WINDOWS\SYSTEM32\conime.exe
2006-10-13 16:35 24,064 --a------ C:\WINDOWS\SYSTEM32\fxsdrv.dll
2006-10-13 16:35 239,616 --a------ C:\WINDOWS\SYSTEM32\adsnt.dll
2006-10-13 16:35 238,592 --a------ C:\WINDOWS\SYSTEM32\compatui.dll
2006-10-13 16:35 237,056 --a------ C:\WINDOWS\SYSTEM32\icm32.dll
2006-10-13 16:35 236,032 --a------ C:\WINDOWS\SYSTEM32\fxst30.dll
2006-10-13 16:35 227,840 --a------ C:\WINDOWS\SYSTEM32\dsquery.dll
2006-10-13 16:35 22,528 --a------ C:\WINDOWS\SYSTEM32\at.exe
2006-10-13 16:35 216,064 --a------ C:\WINDOWS\SYSTEM32\fxscover.exe
2006-10-13 16:35 206,336 --a------ C:\WINDOWS\SYSTEM32\dpvoice.dll
2006-10-13 16:35 204,288 --a------ C:\WINDOWS\SYSTEM32\ieaksie.dll
2006-10-13 16:35 20,992 --a------ C:\WINDOWS\SYSTEM32\fxsext32.dll
2006-10-13 16:35 20,480 --a------ C:\WINDOWS\SYSTEM32\hidserv.dll
2006-10-13 16:35 20,480 --a------ C:\WINDOWS\SYSTEM32\dbmsadsn.dll
2006-10-13 16:35 19,456 --a------ C:\WINDOWS\SYSTEM32\fontview.exe
2006-10-13 16:35 19,456 --a------ C:\WINDOWS\SYSTEM32\ersvc.dll
2006-10-13 16:35 186,880 --a------ C:\WINDOWS\SYSTEM32\certcli.dll
2006-10-13 16:35 185,856 --a------ C:\WINDOWS\SYSTEM32\fxswzrd.dll
2006-10-13 16:35 180,224 --a------ C:\WINDOWS\SYSTEM32\dwwin.exe
2006-10-13 16:35 179,712 --a------ C:\WINDOWS\SYSTEM32\cewmdm.dll
2006-10-13 16:35 178,688 --a------ C:\WINDOWS\SYSTEM32\eudcedit.exe
2006-10-13 16:35 172,544 --a------ C:\WINDOWS\SYSTEM32\dmime.dll
2006-10-13 16:35 168,960 --a------ C:\WINDOWS\SYSTEM32\dinput8.dll
2006-10-13 16:35 165,376 --a------ C:\WINDOWS\SYSTEM32\els.dll
2006-10-13 16:35 162,816 --a------ C:\WINDOWS\SYSTEM32\adsldp.dll
2006-10-13 16:35 16,384 --a------ C:\WINDOWS\SYSTEM32\ds32gt.dll
2006-10-13 16:35 158,720 --a------ C:\WINDOWS\SYSTEM32\credui.dll
2006-10-13 16:35 156,672 --a------ C:\WINDOWS\SYSTEM32\dpnet.dll
2006-10-13 16:35 151,552 --a------ C:\WINDOWS\SYSTEM32\dinput.dll
2006-10-13 16:35 149,504 --a------ C:\WINDOWS\SYSTEM32\fxsui.dll
2006-10-13 16:35 14,366 --a------ C:\WINDOWS\SYSTEM32\asfsipc.dll
2006-10-13 16:35 139,776 --a------ C:\WINDOWS\SYSTEM32\adsldpc.dll
2006-10-13 16:35 135,680 --a------ C:\WINDOWS\SYSTEM32\dsprop.dll
2006-10-13 16:35 130,048 --a------ C:\WINDOWS\SYSTEM32\fxsclnt.exe
2006-10-13 16:35 13,312 --a------ C:\WINDOWS\SYSTEM32\ctfmon.exe
2006-10-13 16:35 126,976 --a------ C:\WINDOWS\SYSTEM32\ieakeng.dll
2006-10-13 16:35 124,928 --a------ C:\WINDOWS\SYSTEM32\dssenh.dll
2006-10-13 16:35 123,904 --a------ C:\WINDOWS\SYSTEM32\imapi.exe
2006-10-13 16:35 115,712 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll
2006-10-13 16:35 115,200 --a------ C:\WINDOWS\SYSTEM32\dpcdll.dll
2006-10-13 16:35 114,176 --a------ C:\WINDOWS\SYSTEM32\input.dll
2006-10-13 16:35 113,152 --a------ C:\WINDOWS\SYSTEM32\idq.dll
2006-10-13 16:35 113,152 --a------ C:\WINDOWS\SYSTEM32\dfrgui.dll
2006-10-13 16:35 110,080 --a------ C:\WINDOWS\SYSTEM32\dmstyle.dll
2006-10-13 16:35 103,936 --a------ C:\WINDOWS\SYSTEM32\imm32.dll
2006-10-13 16:35 103,424 --a------ C:\WINDOWS\SYSTEM32\dgnet.dll
2006-10-13 16:35 1,180,672 --a------ C:\WINDOWS\SYSTEM32\d3d8.dll
2006-10-13 16:35 1,004,032 --a------ C:\WINDOWS\explorer.exe
2006-10-13 16:20 593,408 --a------ C:\WINDOWS\SYSTEM32\h323msp.dll
2006-10-13 16:20 548,352 --a------ C:\WINDOWS\SYSTEM32\rtcdll.dll
2006-10-13 16:20 439,808 --a------ C:\WINDOWS\SYSTEM32\ipnathlp.dll
2006-10-13 16:20 36,864 --a------ C:\WINDOWS\SYSTEM32\mf3216.dll
2006-10-13 16:18 68,608 --a------ C:\WINDOWS\SYSTEM32\locator.exe
2006-10-13 16:17 974,336 --a------ C:\WINDOWS\SYSTEM32\msdtctm.dll
2006-10-13 16:17 97,280 --a------ C:\WINDOWS\SYSTEM32\txflog.dll
2006-10-13 16:17 535,552 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll
2006-10-13 16:17 499,200 --a------ C:\WINDOWS\SYSTEM32\comuid.dll
2006-10-13 16:17 368,640 --a------ C:\WINDOWS\SYSTEM32\msdtcprx.dll
2006-10-13 16:17 150,528 --a------ C:\WINDOWS\SYSTEM32\msdtcuiu.dll
2006-10-13 16:17 110,080 --a------ C:\WINDOWS\SYSTEM32\clbcatex.dll
2006-10-13 16:16 947,472 --a------ C:\WINDOWS\SYSTEM32\msjava.dll
2006-10-13 16:16 63,248 --a------ C:\WINDOWS\SYSTEM32\javaprxy.dll
2006-10-13 16:16 49,424 --a------ C:\WINDOWS\SYSTEM32\clspack.exe
2006-10-13 16:16 46,352 --a------ C:\WINDOWS\setdebug.exe
2006-10-13 16:16 404,752 --a------ C:\WINDOWS\SYSTEM32\javart.dll
2006-10-13 16:16 313,856 --a------ C:\WINDOWS\SYSTEM32\dx3j.dll
2006-10-13 16:16 286,992 --a------ C:\WINDOWS\SYSTEM32\vmhelper.dll
2006-10-13 16:16 21,264 --a------ C:\WINDOWS\SYSTEM32\msjdbc10.dll
2006-10-13 16:16 187,152 --a------ C:\WINDOWS\SYSTEM32\javacypt.dll
2006-10-13 16:16 172,304 --a------ C:\WINDOWS\SYSTEM32\jview.exe
2006-10-13 16:16 171,792 --a------ C:\WINDOWS\SYSTEM32\wjview.exe
2006-10-13 16:16 171,280 --a------ C:\WINDOWS\SYSTEM32\jit.dll
2006-10-13 16:16 154,384 --a------ C:\WINDOWS\SYSTEM32\msawt.dll
2006-10-13 16:16 15,120 --a------ C:\WINDOWS\SYSTEM32\jdbgmgr.exe
2006-10-13 16:16 139,536 --a------ C:\WINDOWS\SYSTEM32\javaee.dll
2006-10-13 16:16 113 --a------ C:\WINDOWS\SYSTEM32\zonedon.reg
2006-10-13 16:16 113 --a------ C:\WINDOWS\SYSTEM32\zonedoff.reg
2006-10-13 16:07 226,816 --a------ C:\WINDOWS\SYSTEM32\srrstr.dll
2006-10-13 16:04 38,912 --a------ C:\WINDOWS\SYSTEM32\hhsetup.dll
2006-10-13 16:04 143,872 --a------ C:\WINDOWS\SYSTEM32\itircl.dll
2006-10-13 16:04 128,000 --a------ C:\WINDOWS\SYSTEM32\itss.dll
2006-10-13 16:04 10,752 --a------ C:\WINDOWS\hh.exe
2006-10-13 16:01 125,440 --a------ C:\WINDOWS\SYSTEM32\shmedia.dll
2006-10-13 15:50 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll
2006-10-06 21:32 76,560 --a------ C:\WINDOWS\SYSTEM32\drivers\tmcomm.sys
2006-10-06 18:11 65,536 --a------ C:\WINDOWS\SYSTEM32\Winwcd.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-16 12:44 -------- d-------- C:\Program Files\Messenger
2006-10-16 12:43 -------- d-------- C:\Program Files\iTunes
2006-10-16 12:43 -------- d-------- C:\Program Files\Internet Explorer
2006-10-15 16:54 -------- d-------- C:\Program Files\GIB
2006-10-15 16:51 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-15 16:50 -------- d-------- C:\Documents and Settings\Owner\Application Data\U3
2006-10-13 19:31 -------- d-------- C:\Program Files\Common Files
2006-10-13 19:01 -------- d-------- C:\Program Files\Zone Labs
2006-10-13 18:58 -------- d-------- C:\Program Files\Grisoft
2006-10-13 18:43 -------- d-------- C:\Program Files\Windows Media Player
2006-10-13 18:18 -------- d-------- C:\Program Files\Outlook Express
2006-10-13 18:18 -------- d-------- C:\Program Files\Common Files\System
2006-10-13 17:11 -------- d-------- C:\Program Files\NetMeeting
2006-10-13 16:48 -------- d-------- C:\Program Files\Movie Maker
2006-10-06 23:02 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-06 19:08 -------- d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft
2006-10-06 19:07 -------- d-------- C:\Program Files\Lavasoft
2006-10-06 18:59 -------- d-------- C:\Program Files\CleanUp!
2006-10-06 18:35 -------- d-------- C:\Program Files\QuickTime
2006-10-06 18:28 -------- d-------- C:\Documents and Settings\Owner\Application Data\Identities
2006-09-12 22:09 1110528 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll
2006-08-30 23:46 -------- d-------- C:\Documents and Settings\Owner\Application Data\SystemDoctor 2006 Free
2006-08-25 08:53 561664 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll
2006-08-25 02:14 595968 --a------ C:\WINDOWS\SYSTEM32\xpsp2res.dll
2006-08-16 19:16 29784 --a------ C:\Program Files\popcorn Terms.html
2006-08-16 05:14 95232 --a------ C:\WINDOWS\SYSTEM32\6to4svc.dll
2006-08-16 05:14 70656 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll
2006-08-16 05:14 54272 --a------ C:\WINDOWS\SYSTEM32\ipv6mon.dll
2006-08-16 05:14 31232 --a------ C:\WINDOWS\SYSTEM32\inetmib1.dll
2006-08-16 05:14 13312 --a------ C:\WINDOWS\SYSTEM32\wship6.dll
2006-08-16 02:42 159232 --a------ C:\WINDOWS\SYSTEM32\xpob2res.dll
2006-08-16 02:28 48640 --a------ C:\WINDOWS\SYSTEM32\ipv6.exe
2006-08-16 02:28 205120 --a------ C:\WINDOWS\SYSTEM32\drivers\tcpip6.sys
2006-08-16 02:27 83456 --a------ C:\WINDOWS\SYSTEM32\netsh.exe
2006-08-16 02:27 11776 --a------ C:\WINDOWS\SYSTEM32\drivers\tunmp.sys
2006-08-10 22:09 795 --a------ C:\Documents and Settings\Owner\Application Data\.googlewebacchosts
2006-07-21 01:30 72704 --a------ C:\WINDOWS\SYSTEM32\hlink.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Microsoft Works Update Detection"="c:\\Program Files\\Microsoft Works\\WkDetect.exe"
"DriverLoad"=""
"DriverCheck"=""
"SystemDriverLoad"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"MCAgentExe"="C:\\Program Files\\mcafee.com\\Agent\\mcagent.exe"
"MCUpdateExe"="C:\\Program Files\\mcafee.com\\Agent\\mcupdate.exe /embedding"
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"USB"="C:\\WINDOWS\\system32\\usb.exe"
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-10-16 13:03:17.79
C:\ComboFix.txt ... 06-10-16 13:03




hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 1:07:31 PM, on 10/16/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\mcafee.com\Agent\mcagent.exe
C:\Program Files\mcafee.com\Agent\mcupdate.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\XPFIX\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\mcafee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\Program Files\mcafee.com\Agent\mcupdate.exe /embedding
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 6.0 Tray Icon.lnk = C:\Program Files\America Online 6.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://www.google.com/diskless/bin/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/in...altpmtscab.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1160200901498
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {E4C29FDC-F547-4219-ACFD-571F2A7A564A} (WebCamTest Class) - http://awbeta.net-nucleus.com/CABUPDATES/winwcd.cab
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
quaa is offline