Slow pc even after removal Trojan

[chiquitan]

Please find my logs enclosed.

Despite the removal of above Trojan and 4 Adware tracking cookies I keep having problems. I removed the Trojan and 4 adware through Super AntiSpyware. Other programs including Spy Sweeper) didn’t find them. Neither could Norton Internet Security 2009. The 4 quarantined and removed items were located in  C:\Users\PHVDM\AppData\Roaming\Microsoft\Windows\Cookies.
 

Trojan.Dropper/Gen.


Processes :

SGSGOSS.EXE
GWCEA.EXE
CDKAPW.EXE
ERAWE.EXE


Symptoms:


- Windows Sidebar clock doesn’t show (always) exact time compared to
the time indicated in the bottom toolbar (righthand side).

- after launching several antispyware scanners and registry cleaners in Safe Mode I restarted the pc and the result was that the Windows START button, which is normally round-shaped and coloured, turned into a white rectangular button. The bottom toolbar, which is normally black turned into a smallish white/transparent toolbar.
- Yahoo Mail account: I have no longer access to my Contacts (addresses, telephone numbers, …).
   
- As far as emailing with my Yahoo account is concerned, the blank space where I normally write my emails directly, sometimes starts narrowing down (each time I click in the sidebar in order to scroll up or down) until the blank space narrows down completely so that there is no more space left at all; consequently, I cannot continue writing anything anymore.  

- Yahoo Instant Messenger (Chat & Mobile Text): my keyboard gets kind of blocked whenever I type text into the small screen (input of text is not synchronised with the appearance of the words in the screen).

- The computer is generally VERY slow. Opening of website often blocks (IE doesn’t respond).

- My RAM memory gets very limited (normally one run with System Mechanic version 9 should do, but even after several runs I cannot get above 50% of free space). The lowest I have had was 29%.

- Recurrent hard disk errors and fragmentation despite several defragmentations runs.  

- Recurrent registry errors (keep coming back) and registry fragmentation despite several defragmentations runs.  

- Already reinstalled Windows Vista and relevant programmes 4 times and each time the same problems keep coming back. The phenomenon of the Start button changing shapes already recurred three times (each time after scanning in Safe Mode).  

Thanks for a prompt solution and any advice.

PS: I don’t understand this remark in red (see below) which i could read in a first ONLINE log file analysis (HiJackThis.de Security).   I use Advanced System Care and System Mechanic Professional version 9 (not 6 as mentioned below  !). Does this remark possibly refer to a conflict between these two programs ?

Possibly nasty! According to our database this process runs normally in c:\programme\iolo\system mechanic professional 6\! Check if you know this process and arrange a viruscheck where required. System Mechanic Professional 6

[Jintan]

Welcome to MalwareCrypt chiquitan,

I checked the attached log file, and see it is not really a HijackThis scan log, but a look-alike create by that Iobit software. I don't see any infection in the log, and am not really sure you are experiencing infection issues there.

The location of the infection items you mention were in a "cookies" folder. Cookies, although some scans give them bad names, are mostly harmless data files. I am not quite sure why the files you show are executable files, but we can check further on that.

What I do seem to see in what you have posted are problems I feel are being caused by your use of those Iobit and Iolo softwares, none of which I would recommend using. Especially the "Advanced SystemCare", which I find causes more problems than fixes anything.

I think you may not quite understand RAM use either. RAM is intended to take some of the load from the CPU, to make the system run fast. For it to be doing it's job correctly very often it should be maximizing it's capacity. That software you are using to make changes related to RAM is altering the priority in which softwares run, based on simple things such as how often you use them. As such, it can disrupt Windows' normal ability to balance how softwares run on your system. So instead of being of any benefit, may actually be causing problems.

And you have Norton installed, which in itself provides multiple areas of security and checks. And very likely is in conflict with these Iobit and Iolo softwares. All your choice, but I recommend you strongly consider just uninstalling them, to allow your system to run normally, and correctly.

Let's get a more detailed look at what is there. I will need you to post the logs here in your thread. You can check other request threads in the forum to get a feel for how that is done.


 To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.


Then if you don't already have it download the real HijackThis from Here. Then click on the downloaded file to install HijackThis. Leave that for now, to allow the RSIT scan to use it.


Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

[chiquitan]

Hello Jintan,

Sorry for the delay in replying but i have been on holiday for about two weeks. I preferred to wait until now before sending the log files. Please find them enclosed.

In the meantime, I increased my RAM memory from 2 GB to 3 GB.

As far as System Mechanic is concerned, I personally find it a very good and complete programme, which finds a lot of system errors. The fact that presently it finds each time the SAME errors (RAM memory, errors on hard disk, registry errors, junk files, …) means that there is definitely something wrong with my pc.

I removed “Advanced System Care” though.

If I am to reinstall another antivirus it will definitely not Norton Internet Security 2009 because it doesn’t find ANYTHING. Each times it scans (it takes ages to perform a scan …!) it only finds a Tracking Cookie, nothing else although I found and removed a Trojan with SuperAntispyware recently.

Thanks for any assistance and advice.

PS: Apparently i have to send the log files in several steps as they are too big.

Philippe

[chiquitan]

Second log file (RSIT)

[chiquitan]

THIS is the second RSIT log file (sorry, apparently sent twice the same log).

[chiquitan]

One more attempt ... to send the second RSIT log file !

[Jintan]

Actually, instead of attaching I will need you to copy/paste the log contents in your Reply to Thread box, to then display the entire log here. You can check other folk's request threads in the forum to get an idea on how it is done, and break logs into parts, and post them here using separate posts.

[chiquitan]

Logfile of random's system information tool 1.06 (written by random/random)
Run by PHVDM at 2009-11-07 23:02:47
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 15 GB (26%) free of 57 GB
Total RAM: 3070 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:07, on 7/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\ifxspmgt.exe
C:\Windows\system32\ifxtcs.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\PHVDM\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\PHVDM.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "C:\Windows\system32\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updateservice (gupdate1ca3d0d5096250a) (gupdate1ca3d0d5096250a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc.  - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 12199 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AutoSmartDefrag.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Internet Security - Run Full System Scan - PHVDM.job
C:\Windows\tasks\SmartDefrag.job
C:\Windows\tasks\User_Feed_Synchronization-{317E8191-5478-4C5F-83DF-8413893B31CE}.job
C:\Windows\tasks\wrSpySweeper_L9B6191A18BF7491ABB9406B72E8955C9.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-23 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-09 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-23 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-04-02 809864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23 565960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-23 256112]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-04-02 809864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-10-27 22696]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-04-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-04-04 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-04-04 81920]
"YMailAdvisor"=C:\Program Files\Yahoo!\Common\YMailAdvisor.exe [2009-05-08 174424]
"IFXSPMGT"=C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
"iolo Startup"=C:\Program Files\iolo\Common\Lib\ioloLManager.exe [2009-10-21 313784]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-05-13 6345840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-23 39408]
"AdobeUpdater6"=C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-01-08 2521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\ASScrProlog.exe [2007-06-08 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2007-06-08 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-03-26 1057328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-15 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-23 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474804c2-a83b-11de-8f3a-001bfc6de1aa}]
shell\AutoRun\command - G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe
shell\open\command - G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474804c5-a83b-11de-8f3a-001bfc6de1aa}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdb0ee4e-a84a-11de-8c9e-001bfc6de1aa}]
shell\AutoRun\command - G:\9jyhdim8.exe
shell\open\command - G:\9jyhdim8.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 2 months======

2009-11-07 23:02:49 ----D---- C:\Program Files\trend micro
2009-11-07 23:02:47 ----D---- C:\rsit
2009-11-07 18:24:23 ----A---- C:\Windows\ntbtlog.txt
2009-11-06 21:49:08 ----D---- C:\Program Files\Wise Disk Cleaner
2009-11-06 16:24:57 ----D---- C:\Program Files\Mio Technology
2009-11-04 11:51:28 ----A---- C:\Windows\system32\mshtml.dll
2009-11-01 11:51:32 ----SHD---- C:\Config.Msi
2009-10-30 11:35:09 ----A---- C:\Windows\system32\wups2.dll
2009-10-30 11:35:09 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-30 11:35:08 ----A---- C:\Windows\system32\wucltux.dll
2009-10-30 11:35:07 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-30 11:34:09 ----A---- C:\Windows\system32\wups.dll
2009-10-30 11:34:09 ----A---- C:\Windows\system32\wudriver.dll
2009-10-30 11:34:08 ----A---- C:\Windows\system32\wuapi.dll
2009-10-30 11:33:50 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-30 11:33:50 ----A---- C:\Windows\system32\wuapp.exe
2009-10-28 13:16:45 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 13:16:36 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 13:16:28 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-26 13:19:28 ----D---- C:\Program Files\AnalogX
2009-10-26 12:47:17 ----D---- C:\Program Files\CPUID
2009-10-26 12:47:08 ----D---- C:\Program Files\Ask.com
2009-10-26 12:40:50 ----A---- C:\Windows\system32\IncContxMenu.dll
2009-10-20 08:55:20 ----A---- C:\Windows\system32\Incinerator.dll
2009-10-20 08:55:07 ----A---- C:\Windows\system32\smrgdf.exe
2009-10-20 08:55:07 ----A---- C:\Windows\system32\iolobtdfg.exe
2009-10-20 08:54:57 ----D---- C:\Program Files\iolo
2009-10-17 09:51:10 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-14 08:58:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-14 08:58:42 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-14 08:58:20 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-14 08:54:08 ----A---- C:\Windows\system32\ieframe.dll
2009-10-14 08:54:05 ----A---- C:\Windows\system32\iertutil.dll
2009-10-14 08:54:03 ----A---- C:\Windows\system32\urlmon.dll
2009-10-14 08:54:02 ----A---- C:\Windows\system32\wininet.dll
2009-10-14 08:54:00 ----A---- C:\Windows\system32\occache.dll
2009-10-14 08:54:00 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-14 08:53:59 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-14 08:53:55 ----A---- C:\Windows\system32\ieui.dll
2009-10-14 08:53:52 ----A---- C:\Windows\system32\iepeers.dll
2009-10-14 08:53:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-14 08:53:51 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-14 08:53:50 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-14 08:53:50 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-14 08:53:49 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-14 08:53:48 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-14 08:53:47 ----A---- C:\Windows\system32\iesetup.dll
2009-10-14 08:53:47 ----A---- C:\Windows\system32\iernonce.dll
2009-10-14 08:51:36 ----A---- C:\Windows\system32\msasn1.dll
2009-10-14 04:47:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-12 21:29:34 ----D---- C:\Windows\pss
2009-10-11 16:35:10 ----D---- C:\Program Files\SUPERAntiSpyware
2009-10-11 16:32:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-10-11 13:41:33 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-10-11 13:41:32 ----D----

[chiquitan]

info.txt logfile of random's system information tool 1.06 2009-11-07 23:06:22

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\NuNInst.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
12Voip-->"C:\Program Files\12Voip.com\12Voip\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A92000000001}
AnalogX MaxMem-->C:\Program Files\AnalogX\MaxMem\maxmemu.exe
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS Security Protect Manager-->rundll32.exe "C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SetupHelper.dll",ExecMain /Uninstall {D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Attansic Ethernet Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\SETUP.exe" -l0x9  -removeonly
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /I{9BAF043B-82FC-43E2-96EA-5F68015F4FA2}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CleanCache 3.5-->"C:\Program Files\CleanCache 3.0\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CPUID CPU-Z 1.52.2-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.27\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Infineon TPM Professional Package-->MsiExec.exe /I{D104C1CF-7C12-4D32-9850-DDC99060DE5B}
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel(R) PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe
iolo technologies' System Mechanic-->"C:\Program Files\iolo\System Mechanic\unins000.exe"
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110C0A-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Mio Technology SpeedCam Tool-->C:\PROGRA~1\MIOTEC~1\SPEEDC~1\Setup.exe /remove
MioStudio-->MsiExec.exe /I{4AE8B999-6609-4758-80C8-69DBE62D0B45}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
Nero 7 Essentials-->MsiExec.exe /X{97F32DF8-D66E-446A-A425-C1D7B45C1033}
Norton AntiVirus-->MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Protection Center-->MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Outlook Sync Tool-->MsiExec.exe /I{FCFFDAE4-0F07-4DE0-9576-1DED39577981}
PoivY-->"C:\Program Files\PoivY.com\PoivY\unins000.exe"
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\SETUP.exe -runfromtemp -l0x0009 -removeonly
PowerForPhone-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\WebrootSecurity\unins000.exe" /Log="C:\Users\PHVDM\AppData\Local\Temp\Uninstall.txt"
SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB2.0 UVC 1.3M WebCam-->C:\Windows\Uninst.bat
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VoipBuster-->"C:\Program Files\VoipBuster.com\VoipBuster\unins000.exe"
Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}
Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}
Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Wise Disk Cleaner 4.82-->"C:\Program Files\Wise Disk Cleaner\unins000.exe"
Wise Registry Cleaner 4 Free 4.85-->"C:\Program Files\Wise Registry Cleaner 3\unins000.exe"
Yahoo! Mail Advisor-->C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: Norton Internet Security
FW: Norton Internet Security
AS: Windows Defender
AS: SUPERAntiSpyware (disabled)
AS: Norton Internet Security (disabled)

======System event log======

Computer Name: PC_van_PHVDM
Event Code: 4000
Message: WLAN AutoConfig-service is gestart.

Record Number: 284267
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20091103095043.138511-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

Computer Name: PC_van_PHVDM
Event Code: 6
Message: Bestandssysteemfilter 'luafv' (6.0, 2008-01-19T06:30:35.000Z) is geladen en bij Filterbeheer geregistreerd.
Record Number: 284266
Source Name: Microsoft-Windows-FilterManager
Time Written: 20091103095029.605111-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

Computer Name: PC_van_PHVDM
Event Code: 2
Message: Naam-caching voor bestandsysteemfilters is uitgeschakeld op volume '\Device\HarddiskVolume3'.
Record Number: 284265
Source Name: Microsoft-Windows-FilterManager
Time Written: 20091103095013.349911-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

Computer Name: PC_van_PHVDM
Event Code: 6
Message: Bestandssysteemfilter 'eeCtrl' (6.0, 2009-08-18T00:05:39.000Z) is geladen en bij Filterbeheer geregistreerd.
Record Number: 284264
Source Name: Microsoft-Windows-FilterManager
Time Written: 20091103095012.991111-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

Computer Name: PC_van_PHVDM
Event Code: 6
Message: Bestandssysteemfilter 'SPBBCDrv' (5.2, 2006-10-06T22:01:22.000Z) is geladen en bij Filterbeheer geregistreerd.
Record Number: 284263
Source Name: Microsoft-Windows-FilterManager
Time Written: 20091103095012.569911-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

=====Application event log=====

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 6000
Message: De kennisgevingssubscriber van winlogon   was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken.
Record Number: 560
Source Name: Microsoft-Windows-Winlogon
Time Written: 20070608021349.000000-000
Event Type: Informatie
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 4354
Message: Het COM+-gebeurtenissysteem is er niet in geslaagd de methode Logoff op abonnement {4C2E468D-2D11-43E9-93C0-327D6BAE597E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} te starten. De abonnee retourneert HRESULT 80070490.
Record Number: 559
Source Name: Microsoft-Windows-EventSystem
Time Written: 20070608021349.000000-000
Event Type: Waarschuwing
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 9009
Message: Beheer van bureaubladvensters is afgesloten met code 0x40010004
Record Number: 558
Source Name: Desktop Window Manager
Time Written: 20070608021349.000000-000
Event Type: Informatie
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 6001
Message: De kennisgevingssubscriber van winlogon   kan een kennisgevingsgebeurtenis niet verwerken.
Record Number: 557
Source Name: Microsoft-Windows-Winlogon
Time Written: 20070608021348.000000-000
Event Type: Waarschuwing
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 1013
Message: De Windows Search-service is normaal gestopt.

Record Number: 556
Source Name: Microsoft-Windows-Search
Time Written: 20070608021315.000000-000
Event Type: Informatie
User:

=====Security event log=====

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 4634
Message: Er is een account afgemeld.

Onderwerp:
   Beveiligings-id:      S-1-5-7
   Accountnaam:      ANONYMOUS LOGON
   Accountdomein:      NT AUTHORITY
   Aanmeldings-id:      0x1a808

Aanmeldingstype:         3

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt vernietigd. De gebeurtenis kan met behulp van de aanmeldings-id positief worden afgestemd met een aanmeldingsgebeurtenis. Aanmeldings-id's zijn alleen uniek wanneer de computer opnieuw is opgestart.
Record Number: 373
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070608021424.499600-000
Event Type: Controle geslaagd
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 1100
Message: De Event Logging-service is afgesloten.
Record Number: 372
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070608021424.265600-000
Event Type: Controle geslaagd
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 4616
Message: De systeemtijd is gewijzigd.

Onderwerp:
   Beveiligings-id:      S-1-5-19
   Accountnaam:      LOCAL SERVICE
   Accountdomein:      NT AUTHORITY
   Aanmeldings-id:      0x3e5

Procesgegevens:
   Proces-id:   0x4b4
   Naam:      C:\Windows\System32\svchost.exe

Vorige tijd:      7:14:23 PM 6/7/2007
Nieuwe tijd:      7:14:23 PM 6/7/2007

Deze gebeurtenis wordt gegenereerd als de systeemtijd is gewijzigd. Het is niet ongebruikelijk dat de systeemtijd regelmatig wordt gewijzigd door de Windows Time-service. Andere wijzigingen van de systeemtijd kunnen erop wijzen dat er met de computer is geknoeid.
Record Number: 371
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070608021423.236000-000
Event Type: Controle geslaagd
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 4647
Message: De gebruiker heeft een afmelding gestart:

Onderwerp:
   Beveiligings-id:      S-1-5-21-2020276519-1505178404-2985895416-500
   Accountnaam:      Administrator
   Accountdomein:      LH-IUV8TQQDC8QZ
   Aanmeldings-id:      0x23ce7

Deze gebeurtenis wordt gegenereerd wanneer een afmelding wordt gestart maar het aantal tokenverwijzingen niet nul is en de aanmeldingssessie niet kan worden vernietigd. De gebruiker kan verder geen activiteiten starten. Deze gebeurtenis kan worden geïnterpreteerd als een afmeldingsgebeurtenis.
Record Number: 370
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070608021349.165600-000
Event Type: Controle geslaagd
User:

Computer Name: LH-IUV8TQQDC8QZ
Event Code: 1102
Message: Het controlelogboek is gewist.
Onderwerp:
   Beveiligings-id:   S-1-5-21-2020276519-1505178404-2985895416-500
   Accountnaam:   Administrator
   Domeinnaam:   LH-IUV8TQQDC8QZ
   Aanmeldings-id:   0x23ce7
Record Number: 369
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070608021302.263000-000
Event Type: Controle geslaagd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"DEVMGR_SHOW_DETAILS"=1
"DEVMGR_SHOW_NONPRESENT_DEVICES"=1

-----------------EOF-----------------

[chiquitan]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:24:31, on 7/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\ifxspmgt.exe
C:\Windows\system32\ifxtcs.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "C:\Windows\system32\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updateservice (gupdate1ca3d0d5096250a) (gupdate1ca3d0d5096250a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc.  - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 12334 bytes

[Jintan]

I received the file you sent. You mention the forum not supporting zipx file types. These are relatively limited compression methods, more offered by the newer Winzip software, so no real need to make changes just for it given .zip and .rar formats are just fine. As for the long log character count of 45,000 characters, this is just a limit I set when creating the forums. Some situations can create multi-megabyte logs, so to avoid any complications restrictions are set, and as suggested, logs need to be broken into parts, and then posted separately. Your RSIT log is unusually large due to some upgrade or major software change that occurred there on 9/23, which created a lot of new file activity. I will post what you sent for now, so the information will be available here.

[Jintan]

Logfile of random's system information tool 1.06 (written by random/random)
Run by PHVDM at 2009-11-07 23:02:47
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 15 GB (26%) free of 57 GB
Total RAM: 3070 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:07, on 7/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Windows\system32\ifxspmgt.exe
C:\Windows\system32\ifxtcs.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\PHVDM\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\PHVDM.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "C:\Windows\system32\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\ioloLManager.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updateservice (gupdate1ca3d0d5096250a) (gupdate1ca3d0d5096250a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc.  - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 12199 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AutoSmartDefrag.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Internet Security - Run Full System Scan - PHVDM.job
C:\Windows\tasks\SmartDefrag.job
C:\Windows\tasks\User_Feed_Synchronization-{317E8191-5478-4C5F-83DF-8413893B31CE}.job
C:\Windows\tasks\wrSpySweeper_L9B6191A18BF7491ABB9406B72E8955C9.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-23 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-09 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-23 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-04-02 809864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23 565960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-23 256112]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-04-02 809864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-10-27 22696]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-04-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-04-04 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-04-04 81920]
"YMailAdvisor"=C:\Program Files\Yahoo!\Common\YMailAdvisor.exe [2009-05-08 174424]
"IFXSPMGT"=C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
"iolo Startup"=C:\Program Files\iolo\Common\Lib\ioloLManager.exe [2009-10-21 313784]
"SpySweeper"=C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-05-13 6345840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-23 39408]
"AdobeUpdater6"=C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-01-08 2521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\ASScrProlog.exe [2007-06-08 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\ASScrPro.exe [2007-06-08 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-03-26 1057328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-15 778240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-23 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474804c2-a83b-11de-8f3a-001bfc6de1aa}]
shell\AutoRun\command - G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe
shell\open\command - G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Furio.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{474804c5-a83b-11de-8f3a-001bfc6de1aa}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdb0ee4e-a84a-11de-8c9e-001bfc6de1aa}]
shell\AutoRun\command - G:\9jyhdim8.exe
shell\open\command - G:\9jyhdim8.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 2 months======

2009-11-07 23:02:49 ----D---- C:\Program Files\trend micro
2009-11-07 23:02:47 ----D---- C:\rsit
2009-11-07 18:24:23 ----A---- C:\Windows\ntbtlog.txt
2009-11-06 21:49:08 ----D---- C:\Program Files\Wise Disk Cleaner
2009-11-06 16:24:57 ----D---- C:\Program Files\Mio Technology
2009-11-04 11:51:28 ----A---- C:\Windows\system32\mshtml.dll
2009-11-01 11:51:32 ----SHD---- C:\Config.Msi
2009-10-30 11:35:09 ----A---- C:\Windows\system32\wups2.dll
2009-10-30 11:35:09 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-30 11:35:08 ----A---- C:\Windows\system32\wucltux.dll
2009-10-30 11:35:07 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-30 11:34:09 ----A---- C:\Windows\system32\wups.dll
2009-10-30 11:34:09 ----A---- C:\Windows\system32\wudriver.dll
2009-10-30 11:34:08 ----A---- C:\Windows\system32\wuapi.dll
2009-10-30 11:33:50 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-30 11:33:50 ----A---- C:\Windows\system32\wuapp.exe
2009-10-28 13:16:45 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 13:16:36 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 13:16:28 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-26 13:19:28 ----D---- C:\Program Files\AnalogX
2009-10-26 12:47:17 ----D---- C:\Program Files\CPUID
2009-10-26 12:47:08 ----D---- C:\Program Files\Ask.com
2009-10-26 12:40:50 ----A---- C:\Windows\system32\IncContxMenu.dll
2009-10-20 08:55:20 ----A---- C:\Windows\system32\Incinerator.dll
2009-10-20 08:55:07 ----A---- C:\Windows\system32\smrgdf.exe
2009-10-20 08:55:07 ----A---- C:\Windows\system32\iolobtdfg.exe
2009-10-20 08:54:57 ----D---- C:\Program Files\iolo
2009-10-17 09:51:10 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-14 08:58:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-14 08:58:42 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-14 08:58:20 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-14 08:54:08 ----A---- C:\Windows\system32\ieframe.dll
2009-10-14 08:54:05 ----A---- C:\Windows\system32\iertutil.dll
2009-10-14 08:54:03 ----A---- C:\Windows\system32\urlmon.dll
2009-10-14 08:54:02 ----A---- C:\Windows\system32\wininet.dll
2009-10-14 08:54:00 ----A---- C:\Windows\system32\occache.dll
2009-10-14 08:54:00 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-14 08:53:59 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-14 08:53:55 ----A---- C:\Windows\system32\ieui.dll
2009-10-14 08:53:52 ----A---- C:\Windows\system32\iepeers.dll
2009-10-14 08:53:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-14 08:53:51 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-14 08:53:50 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-14 08:53:50 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-14 08:53:49 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-14 08:53:48 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-14 08:53:47 ----A---- C:\Windows\system32\iesetup.dll
2009-10-14 08:53:47 ----A---- C:\Windows\system32\iernonce.dll
2009-10-14 08:51:36 ----A---- C:\Windows\system32\msasn1.dll
2009-10-14 04:47:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-12 21:29:34 ----D---- C:\Windows\pss
2009-10-11 16:35:10 ----D---- C:\Program Files\SUPERAntiSpyware
2009-10-11 16:32:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-10-11 13:41:33 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-10-11 13:41:32 ----D---- C:\Users\PHVDM\AppData\Roaming\SUPERAntiSpyware.com
2009-10-10 12:53:24 ----D---- C:\Users\PHVDM\AppData\Roaming\Malwarebytes
2009-10-10 12:52:45 ----D---- C:\ProgramData\Malwarebytes
2009-10-10 12:52:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-09 20:35:32 ----A---- C:\Windows\system32\deploytk.dll
2009-10-09 20:35:31 ----A---- C:\Windows\system32\javaws.exe
2009-10-09 20:35:31 ----A---- C:\Windows\system32\javaw.exe
2009-10-09 20:35:30 ----A---- C:\Windows\system32\java.exe
2009-10-09 20:34:04 ----D---- C:\Program Files\Java
2009-10-07 23:05:19 ----D---- C:\Program Files\Microsoft
2009-10-07 23:04:37 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-07 23:03:40 ----D---- C:\Program Files\Windows Live
2009-10-07 22:54:41 ----D---- C:\Program Files\Common Files\Windows Live
2009-10-07 13:24:10 ----D---- C:\Program Files\MSECache
2009-10-06 18:14:37 ----A---- C:\EventLOG.txt
2009-10-06 13:49:29 ----A---- C:\Windows\system32\mfc45.dll
2009-10-06 13:49:20 ----D---- C:\Users\PHVDM\AppData\Roaming\iolo
2009-10-06 13:49:20 ----D---- C:\ProgramData\iolo
2009-10-06 09:13:53 ----D---- C:\ProgramData\Yahoo!
2009-10-06 09:13:17 ----D---- C:\ProgramData\Yahoo! Companion
2009-10-06 09:13:01 ----D---- C:\Users\PHVDM\AppData\Roaming\Yahoo!
2009-10-06 09:10:45 ----D---- C:\Program Files\Yahoo!
2009-10-03 14:36:08 ----D---- C:\Program Files\RegCleaner
2009-10-03 12:05:34 ----D---- C:\Users\PHVDM\AppData\Roaming\skypePM
2009-10-01 10:17:21 ----D---- C:\ProgramData\WindowsSearch
2009-09-30 15:41:28 ----A---- C:\Windows\ODBC.INI
2009-09-30 15:41:21 ----A---- C:\Windows\system32\mdimon.dll
2009-09-30 15:39:32 ----D---- C:\Program Files\Common Files\DESIGNER
2009-09-30 15:38:32 ----D---- C:\Windows\PCHEALTH
2009-09-30 15:38:32 ----D---- C:\Program Files\Microsoft.NET
2009-09-30 15:38:32 ----D---- C:\Program Files\Microsoft Office
2009-09-30 13:58:55 ----A---- C:\Windows\system32\msonpmon.dll
2009-09-30 13:37:11 ----D---- C:\Users\PHVDM\AppData\Roaming\GetRightToGo
2009-09-30 11:26:00 ----D---- C:\ProgramData\Adobe
2009-09-30 11:25:23 ----D---- C:\Program Files\Common Files\Adobe
2009-09-30 11:25:23 ----D---- C:\Program Files\Adobe
2009-09-29 09:40:07 ----D---- C:\Program Files\MSSOAP
2009-09-29 09:40:07 ----D---- C:\Program Files\Common Files\MSSoap
2009-09-29 09:39:48 ----D---- C:\Users\PHVDM\AppData\Roaming\Webroot
2009-09-29 09:39:48 ----D---- C:\ProgramData\Webroot
2009-09-29 09:39:48 ----D---- C:\Program Files\Webroot
2009-09-29 09:39:48 ----A---- C:\Windows\WRSetup.dll
2009-09-28 13:49:43 ----D---- C:\Program Files\Wise Registry Cleaner 3
2009-09-28 12:46:14 ----D---- C:\ProgramData\Hitman Pro
2009-09-28 12:46:13 ----D---- C:\Program Files\Hitman Pro 3.5
2009-09-27 19:55:53 ----D---- C:\Users\PHVDM\AppData\Roaming\12Voip
2009-09-27 19:54:39 ----D---- C:\Program Files\12Voip.com
2009-09-25 11:31:40 ----D---- C:\Program Files\CleanCache 3.0
2009-09-25 10:15:29 ----D---- C:\Windows\system32\eu-ES
2009-09-25 10:15:29 ----D---- C:\Windows\system32\ca-ES
2009-09-25 10:15:28 ----D---- C:\Windows\system32\vi-VN
2009-09-24 14:51:41 ----D---- C:\Users\PHVDM\AppData\Roaming\VoipBuster
2009-09-24 14:50:10 ----D---- C:\Program Files\VoipBuster.com
2009-09-24 13:19:39 ----D---- C:\Users\PHVDM\AppData\Roaming\AdobeUM
2009-09-24 12:52:17 ----D---- C:\Users\PHVDM\AppData\Roaming\Skype
2009-09-24 12:49:32 ----D---- C:\Program Files\Common Files\Skype
2009-09-24 12:49:19 ----RD---- C:\Program Files\Skype
2009-09-24 12:48:48 ----D---- C:\ProgramData\Skype
2009-09-24 11:59:05 ----D---- C:\Windows\Internet Logs
2009-09-24 11:34:19 ----D---- C:\ProgramData\IObit
2009-09-24 10:43:28 ----D---- C:\Users\PHVDM\AppData\Roaming\IObit
2009-09-24 10:43:28 ----D---- C:\Program Files\IObit
2009-09-24 08:46:18 ----D---- C:\Windows\system32\EventProviders
2009-09-23 19:00:56 ----D---- C:\ProgramData\Office Genuine Advantage
2009-09-23 16:51:56 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-23 16:51:52 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-23 16:51:52 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-23 16:51:50 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-23 16:51:50 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-23 16:51:48 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-23 16:51:46 ----A---- C:\Windows\system32\mssrch.dll
2009-09-23 16:51:44 ----A---- C:\Windows\system32\tquery.dll
2009-09-23 16:51:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-23 16:51:42 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-23 16:51:41 ----A---- C:\Windows\system32\scavenge.dll
2009-09-23 16:51:41 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-23 16:51:40 ----A---- C:\Windows\system32\msi.dll
2009-09-23 16:51:39 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-23 16:51:38 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-23 16:51:38 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-23 16:51:38 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-23 16:51:37 ----A---- C:\Windows\system32\sysmain.dll
2009-09-23 16:51:36 ----A---- C:\Windows\system32\icardagt.exe
2009-09-23 16:51:34 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-23 16:51:34 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-23 16:51:33 ----A---- C:\Windows\system32\spreview.exe
2009-09-23 16:51:33 ----A---- C:\Windows\system32\spinstall.exe
2009-09-23 16:51:33 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-23 16:51:31 ----A---- C:\Windows\system32\spwizui.dll
2009-09-23 16:51:31 ----A---- C:\Windows\system32\shell32.dll
2009-09-23 16:51:31 ----A---- C:\Windows\system32\secproc.dll
2009-09-23 16:51:31 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-23 16:51:30 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-23 16:51:29 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-23 16:51:29 ----A---- C:\Windows\system32\mssvp.dll
2009-09-23 16:51:28 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-23 16:51:28 ----A---- C:\Windows\system32\mssph.dll
2009-09-23 16:51:28 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-23 16:51:28 ----A---- C:\Windows\system32\mscoree.dll
2009-09-23 16:51:27 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-23 16:51:27 ----A---- C:\Windows\system32\imapi2.dll
2009-09-23 16:51:26 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-23 16:51:26 ----A---- C:\Windows\system32\esent.dll
2009-09-23 16:51:26 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-23 16:51:25 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-23 16:51:25 ----A---- C:\Windows\system32\sperror.dll
2009-09-23 16:51:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-23 16:51:25 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-23 16:51:25 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-23 16:51:24 ----A---- C:\Windows\system32\SLC.dll
2009-09-23 16:51:24 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-23 16:51:24 ----A---- C:\Windows\system32\msshsq.dll
2009-09-23 16:51:22 ----A---- C:\Windows\system32\msjet40.dll
2009-09-23 16:51:22 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-23 16:51:21 ----A---- C:\Windows\system32\Query.dll
2009-09-23 16:51:21 ----A---- C:\Windows\system32\msxml6.dll
2009-09-23 16:51:20 ----A---- C:\Windows\system32\qmgr.dll
2009-09-23 16:51:20 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-23 16:51:20 ----A---- C:\Windows\system32\msexch40.dll
2009-09-23 16:51:20 ----A---- C:\Windows\system32\diagperf.dll
2009-09-23 16:51:19 ----A---- C:\Windows\system32\ole32.dll
2009-09-23 16:51:19 ----A---- C:\Windows\system32\ntdll.dll
2009-09-23 16:51:19 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-23 16:51:18 ----A---- C:\Windows\system32\winload.exe
2009-09-23 16:51:18 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-23 16:51:18 ----A---- C:\Windows\system32\msxml3.dll
2009-09-23 16:51:18 ----A---- C:\Windows\system32\mblctr.exe
2009-09-23 16:51:18 ----A---- C:\Windows\system32\EncDec.dll
2009-09-23 16:51:17 ----A---- C:\Windows\system32\uDWM.dll
2009-09-23 16:51:17 ----A---- C:\Windows\system32\riched20.dll
2009-09-23 16:51:17 ----A---- C:\Windows\system32\mmc.exe
2009-09-23 16:51:17 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-23 16:51:17 ----A---- C:\Windows\system32\dfsr.exe
2009-09-23 16:51:16 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-23 16:51:16 ----A---- C:\Windows\system32\fdBth.dll
2009-09-23 16:51:15 ----A---- C:\Windows\system32\kernel32.dll
2009-09-23 16:51:14 ----A---- C:\Windows\system32\spoolss.dll
2009-09-23 16:51:14 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-23 16:51:14 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-23 16:51:14 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-23 16:51:14 ----A---- C:\Windows\system32\milcore.dll
2009-09-23 16:51:14 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-23 16:51:14 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-23 16:51:13 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-23 16:51:12 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-23 16:51:12 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-23 16:51:12 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-23 16:51:12 ----A---- C:\Windows\system32\gpedit.dll
2009-09-23 16:51:12 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-23 16:51:11 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-23 16:51:10 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-23 16:51:10 ----A---- C:\Windows\system32\mstext40.dll
2009-09-23 16:51:10 ----A---- C:\Windows\system32\Magnify.exe
2009-09-23 16:51:10 ----A---- C:\Windows\system32\es.dll
2009-09-23 16:51:10 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-23 16:51:09 ----A---- C:\Windows\system32\advapi32.dll
2009-09-23 16:51:08 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-23 16:51:08 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-23 16:51:08 ----A---- C:\Windows\system32\slwmi.dll
2009-09-23 16:51:08 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-23 16:51:07 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-23 16:51:07 ----A---- C:\Windows\system32\vssapi.dll
2009-09-23 16:51:07 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-23 16:51:07 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-23 16:51:06 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-23 16:51:06 ----A---- C:\Windows\system32\authui.dll
2009-09-23 16:51:05 ----A---- C:\Windows\system32\propsys.dll
2009-09-23 16:51:05 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-23 16:51:05 ----A---- C:\Windows\system32\newdev.dll
2009-09-23 16:51:05 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-23 16:51:04 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-23 16:51:04 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-23 16:51:04 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-23 16:51:04 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-23 16:51:04 ----A---- C:\Windows\system32\crypt32.dll
2009-09-23 16:51:04 ----A---- C:\Windows\explorer.exe
2009-09-23 16:51:03 ----A---- C:\Windows\system32\setupapi.dll
2009-09-23 16:51:03 ----A---- C:\Windows\system32\rpcss.dll
2009-09-23 16:51:03 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-23 16:51:02 ----A---- C:\Windows\system32\msltus40.dll
2009-09-23 16:51:02 ----A---- C:\Windows\system32\mfc42.dll
2009-09-23 16:51:02 ----A---- C:\Windows\system32\davclnt.dll
2009-09-23 16:51:02 ----A---- C:\Windows\system32\d3d9.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-23 16:51:01 ----A---- C:\Windows\system32\browseui.dll
2009-09-23 16:51:00 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-23 16:51:00 ----A---- C:\Windows\system32\photowiz.dll
2009-09-23 16:51:00 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-23 16:50:59 ----A---- C:\Windows\system32\user32.dll
2009-09-23 16:50:59 ----A---- C:\Windows\system32\samsrv.dll
2009-09-23 16:50:59 ----A---- C:\Windows\system32\ci.dll
2009-09-23 16:50:58 ----A---- C:\Windows\system32\win32spl.dll
2009-09-23 16:50:58 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-23 16:50:58 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-23 16:50:58 ----A---- C:\Windows\system32\quartz.dll
2009-09-23 16:50:58 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-23 16:50:57 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-23 16:50:57 ----A---- C:\Windows\system32\netshell.dll
2009-09-23 16:50:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-23 16:50:57 ----A---- C:\Windows\system32\compcln.exe
2009-09-23 16:50:56 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-23 16:50:56 ----A---- C:\Windows\system32\winhttp.dll
2009-09-23 16:50:56 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-23 16:50:56 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-23 16:50:56 ----A---- C:\Windows\system32\apds.dll
2009-09-23 16:50:55 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-23 16:50:55 ----A---- C:\Windows\system32\msctf.dll
2009-09-23 16:50:55 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-23 16:50:54 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-23 16:50:54 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-23 16:50:54 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-23 16:50:54 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-23 16:50:54 ----A---- C:\Windows\system32\gdi32.dll
2009-09-23 16:50:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-23 16:50:53 ----A---- C:\Windows\system32\SLUI.exe
2009-09-23 16:50:53 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-23 16:50:53 ----A---- C:\Windows\system32\eapphost.dll
2009-09-23 16:50:52 ----A---- C:\Windows\system32\winresume.exe
2009-09-23 16:50:52 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-23 16:50:52 ----A---- C:\Windows\system32\propdefs.dll
2009-09-23 16:50:52 ----A---- C:\Windows\system32\odbc32.dll
2009-09-23 16:50:51 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-23 16:50:51 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-23 16:50:50 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-23 16:50:49 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-23 16:50:49 ----A---- C:\Windows\system32\swprv.dll
2009-09-23 16:50:49 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-23 16:50:48 ----A---- C:\Windows\system32\vds.exe
2009-09-23 16:50:48 ----A---- C:\Windows\system32\usp10.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\netlogon.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\msscb.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\msctfp.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\drvinst.exe
2009-09-23 16:50:47 ----A---- C:\Windows\system32\devmgr.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-23 16:50:47 ----A---- C:\Windows\system32\BFE.DLL
2009-09-23 16:50:47 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-23 16:50:46 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-23 16:50:46 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-23 16:50:46 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-23 16:50:46 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-23 16:50:46 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-23 16:50:46 ----A---- C:\Windows\system32\evr.dll
2009-09-23 16:50:45 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-23 16:50:45 ----A---- C:\Windows\system32\wercon.exe
2009-09-23 16:50:45 ----A---- C:\Windows\system32\services.exe
2009-09-23 16:50:44 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-23 16:50:44 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-23 16:50:44 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-23 16:50:44 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-23 16:50:44 ----A---- C:\Windows\system32\adtschema.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\taskeng.exe
2009-09-23 16:50:43 ----A---- C:\Windows\system32\reg.exe
2009-09-23 16:50:43 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\msjter40.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\msdrm.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-23 16:50:43 ----A---- C:\Windows\system32\certcli.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\w32time.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-23 16:50:42 ----A---- C:\Windows\system32\certutil.exe
2009-09-23 16:50:41 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-23 16:50:41 ----A---- C:\Windows\system32\msshooks.dll
2009-09-23 16:50:41 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-23 16:50:41 ----A---- C:\Windows\system32\msihnd.dll
2009-09-23 16:50:41 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-23 16:50:41 ----A---- C:\Windows\system32\bthserv.dll
2009-09-23 16:50:41 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-23 16:50:40 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-23 16:50:40 ----A---- C:\Windows\system32\msstrc.dll
2009-09-23 16:50:40 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\netapi32.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\mscories.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\inetpp.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\hidserv.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\fundisc.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\dfshim.dll
2009-09-23 16:50:38 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-23 16:50:37 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-23 16:50:37 ----A---- C:\Windows\system32\termsrv.dll
2009-09-23 16:50:37 ----A---- C:\Windows\system32\profsvc.dll
2009-09-23 16:50:37 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-23 16:50:36 ----A---- C:\Windows\system32\wdc.dll
2009-09-23 16:50:36 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-23 16:50:36 ----A---- C:\Windows\system32\msiexec.exe

[Jintan]

2009-09-23 16:50:36 ----A---- C:\Windows\system32\imapi.dll
2009-09-23 16:50:35 ----A---- C:\Windows\system32\rasmans.dll
2009-09-23 16:50:35 ----A---- C:\Windows\system32\pnidui.dll
2009-09-23 16:50:35 ----A---- C:\Windows\system32\iassdo.dll
2009-09-23 16:50:35 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-23 16:50:34 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-23 16:50:34 ----A---- C:\Windows\system32\scrrun.dll
2009-09-23 16:50:34 ----A---- C:\Windows\system32\icardres.dll
2009-09-23 16:50:34 ----A---- C:\Windows\system32\autofmt.exe
2009-09-23 16:50:33 ----A---- C:\Windows\system32\wersvc.dll
2009-09-23 16:50:33 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-23 16:50:33 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-23 16:50:33 ----A---- C:\Windows\system32\pdh.dll
2009-09-23 16:50:33 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-23 16:50:33 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-23 16:50:33 ----A---- C:\Windows\system32\azroles.dll
2009-09-23 16:50:32 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-23 16:50:32 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-23 16:50:31 ----A---- C:\Windows\system32\winlogon.exe
2009-09-23 16:50:31 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\sethc.exe
2009-09-23 16:50:30 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\kd1394.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\comuid.dll
2009-09-23 16:50:30 ----A---- C:\Windows\system32\certmgr.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\wisptis.exe
2009-09-23 16:50:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\untfs.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\spp.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\scrobj.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\rtutils.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\iassam.dll
2009-09-23 16:50:29 ----A---- C:\Windows\system32\dwm.exe
2009-09-23 16:50:28 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-23 16:50:28 ----A---- C:\Windows\system32\printui.dll
2009-09-23 16:50:28 ----A---- C:\Windows\system32\iasnap.dll
2009-09-23 16:50:28 ----A---- C:\Windows\system32\autochk.exe
2009-09-23 16:50:27 ----A---- C:\Windows\system32\winsrv.dll
2009-09-23 16:50:27 ----A---- C:\Windows\system32\autoconv.exe
2009-09-23 16:50:26 ----A---- C:\Windows\system32\wow32.dll
2009-09-23 16:50:26 ----A---- C:\Windows\system32\userenv.dll
2009-09-23 16:50:26 ----A---- C:\Windows\system32\onex.dll
2009-09-23 16:50:26 ----A---- C:\Windows\system32\kdcom.dll
2009-09-23 16:50:26 ----A---- C:\Windows\system32\cscript.exe
2009-09-23 16:50:26 ----A---- C:\Windows\system32\basecsp.dll
2009-09-23 16:50:26 ----A---- C:\Windows\system32\audiodg.exe
2009-09-23 16:50:25 ----A---- C:\Windows\system32\osk.exe
2009-09-23 16:50:25 ----A---- C:\Windows\system32\mswsock.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\winmm.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-23 16:50:24 ----A---- C:\Windows\system32\RelMon.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\msftedit.dll
2009-09-23 16:50:24 ----A---- C:\Windows\system32\kdusb.dll
2009-09-23 16:50:23 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-23 16:50:23 ----A---- C:\Windows\system32\offfilt.dll
2009-09-23 16:50:23 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\wsepno.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\WerFault.exe
2009-09-23 16:50:22 ----A---- C:\Windows\system32\Utilman.exe
2009-09-23 16:50:22 ----A---- C:\Windows\system32\stobject.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\mfplat.dll
2009-09-23 16:50:22 ----A---- C:\Windows\system32\diskraid.exe
2009-09-23 16:50:22 ----A---- C:\Windows\system32\apphelp.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\sysclass.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\SndVol.exe
2009-09-23 16:50:21 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\mscms.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\mcmde.dll
2009-09-23 16:50:21 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-23 16:50:20 ----A---- C:\Windows\system32\wscript.exe
2009-09-23 16:50:20 ----A---- C:\Windows\system32\ulib.dll
2009-09-23 16:50:20 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-23 16:50:20 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-23 16:50:20 ----A---- C:\Windows\system32\dsound.dll
2009-09-23 16:50:20 ----A---- C:\Windows\system32\cryptui.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\rastapi.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-23 16:50:19 ----A---- C:\Windows\system32\diskpart.exe
2009-09-23 16:50:19 ----A---- C:\Windows\system32\brcpl.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-23 16:50:18 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\rastls.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\logman.exe
2009-09-23 16:50:18 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-23 16:50:18 ----A---- C:\Windows\system32\gpapi.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\wusa.exe
2009-09-23 16:50:17 ----A---- C:\Windows\system32\wshext.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\regsvc.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\ntprint.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\mscorier.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\iasrad.dll
2009-09-23 16:50:17 ----A---- C:\Windows\system32\findstr.exe
2009-09-23 16:50:16 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-23 16:50:16 ----A---- C:\Windows\system32\netcenter.dll
2009-09-23 16:50:15 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-23 16:50:15 ----A---- C:\Windows\system32\wer.dll
2009-09-23 16:50:15 ----A---- C:\Windows\system32\themecpl.dll
2009-09-23 16:50:15 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-23 16:50:15 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-23 16:50:14 ----A---- C:\Windows\system32\uxsms.dll
2009-09-23 16:50:14 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-23 16:50:14 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\slcc.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\scansetting.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\powrprof.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\msutb.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-23 16:50:13 ----A---- C:\Windows\system32\iasads.dll
2009-09-23 16:50:12 ----A---- C:\Windows\system32\powercpl.dll
2009-09-23 16:50:12 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-23 16:50:12 ----A---- C:\Windows\system32\networkmap.dll
2009-09-23 16:50:12 ----A---- C:\Windows\system32\mstsc.exe
2009-09-23 16:50:12 ----A---- C:\Windows\system32\iasacct.dll
2009-09-23 16:50:12 ----A---- C:\Windows\system32\authz.dll
2009-09-23 16:50:11 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-23 16:50:11 ----A---- C:\Windows\system32\sud.dll
2009-09-23 16:50:11 ----A---- C:\Windows\system32\newdev.exe
2009-09-23 16:50:11 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-23 16:50:11 ----A---- C:\Windows\system32\connect.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\usercpl.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\themeui.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\samlib.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\pcaui.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\mmci.dll
2009-09-23 16:50:10 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-23 16:50:09 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-23 16:50:09 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-23 16:50:09 ----A---- C:\Windows\system32\qdvd.dll
2009-09-23 16:50:09 ----A---- C:\Windows\system32\autoplay.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\wpcao.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\scksp.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\regapi.dll
2009-09-23 16:50:08 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-23 16:50:07 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\scesrv.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-23 16:50:07 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\oleprn.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\mpr.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\imm32.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\feclient.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-23 16:50:07 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-23 16:50:06 ----A---- C:\Windows\system32\sdclt.exe
2009-09-23 16:50:06 ----A---- C:\Windows\system32\qedit.dll
2009-09-23 16:50:06 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-23 16:50:06 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-23 16:50:06 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-23 16:50:06 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-23 16:50:06 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-23 16:50:05 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-23 16:50:05 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-23 16:50:05 ----A---- C:\Windows\system32\scecli.dll
2009-09-23 16:50:05 ----A---- C:\Windows\system32\rasplap.dll
2009-09-23 16:50:05 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-23 16:50:05 ----A---- C:\Windows\system32\pnpui.dll
2009-09-23 16:50:05 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-23 16:50:05 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-23 16:50:05 ----A---- C:\Windows\system32\certreq.exe
2009-09-23 16:50:04 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-23 16:50:04 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-23 16:50:04 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-23 16:50:04 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-23 16:50:04 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-23 16:50:04 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-23 16:50:03 ----A---- C:\Windows\system32\whealogr.dll
2009-09-23 16:50:03 ----A---- C:\Windows\system32\srcore.dll
2009-09-23 16:50:03 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-23 16:50:03 ----A---- C:\Windows\system32\conime.exe
2009-09-23 16:50:03 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-23 16:50:02 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-23 16:50:02 ----A---- C:\Windows\system32\wlanui.dll
2009-09-23 16:50:02 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-23 16:50:02 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-23 16:50:02 ----A---- C:\Windows\system32\raschap.dll
2009-09-23 16:50:02 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-23 16:50:02 ----A---- C:\Windows\system32\fontext.dll
2009-09-23 16:50:01 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-23 16:50:01 ----A---- C:\Windows\system32\rasppp.dll
2009-09-23 16:50:01 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-23 16:50:01 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-23 16:50:01 ----A---- C:\Windows\system32\dsprop.dll
2009-09-23 16:50:01 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-23 16:50:00 ----A---- C:\Windows\system32\shsetup.dll
2009-09-23 16:50:00 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-23 16:50:00 ----A---- C:\Windows\system32\mscandui.dll
2009-09-23 16:50:00 ----A---- C:\Windows\system32\modemui.dll
2009-09-23 16:49:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-23 16:49:59 ----A---- C:\Windows\system32\dataclen.dll
2009-09-23 16:49:59 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\smss.exe
2009-09-23 16:49:58 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\credui.dll
2009-09-23 16:49:58 ----A---- C:\Windows\system32\blackbox.dll
2009-09-23 16:49:57 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-23 16:49:57 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-23 16:49:57 ----A---- C:\Windows\system32\logagent.exe
2009-09-23 16:49:57 ----A---- C:\Windows\system32\ifmon.dll
2009-09-23 16:49:57 ----A---- C:\Windows\system32\cipher.exe
2009-09-23 16:49:57 ----A---- C:\Windows\system32\certprop.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\wscapi.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\sendmail.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\msscp.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\msimtf.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\InkEd.dll
2009-09-23 16:49:56 ----A---- C:\Windows\system32\gpresult.exe
2009-09-23 16:49:55 ----A---- C:\Windows\system32\softkbd.dll
2009-09-23 16:49:55 ----A---- C:\Windows\system32\olepro32.dll
2009-09-23 16:49:55 ----A---- C:\Windows\system32\msctfui.dll
2009-09-23 16:49:55 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-23 16:49:55 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-23 16:49:54 ----A---- C:\Windows\system32\puiapi.dll
2009-09-23 16:49:54 ----A---- C:\Windows\system32\input.dll
2009-09-23 16:49:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-23 16:49:54 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-23 16:49:54 ----A---- C:\Windows\system32\cdd.dll
2009-09-23 16:49:53 ----A---- C:\Windows\system32\wshbth.dll
2009-09-23 16:49:53 ----A---- C:\Windows\system32\version.dll
2009-09-23 16:49:53 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-23 16:49:53 ----A---- C:\Windows\system32\msisip.dll
2009-09-23 16:49:53 ----A---- C:\Windows\system32\mprapi.dll
2009-09-23 16:49:53 ----A---- C:\Windows\system32\fc.exe
2009-09-23 16:49:52 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\msjint40.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\ftp.exe
2009-09-23 16:49:52 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\dmusic.dll
2009-09-23 16:49:52 ----A---- C:\Windows\system32\cscapi.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\Storprop.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\rasdial.exe
2009-09-23 16:49:51 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\cscdll.dll
2009-09-23 16:49:51 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-23 16:49:51 ----A---- C:\Windows\system32\bthci.dll
2009-09-23 16:49:50 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-23 16:49:50 ----A---- C:\Windows\system32\slcinst.dll
2009-09-23 16:49:50 ----A---- C:\Windows\system32\nslookup.exe
2009-09-23 16:49:50 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-23 16:49:50 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-23 16:49:50 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-23 16:49:50 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-23 16:49:50 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-23 16:49:49 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-23 16:49:49 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-23 16:49:49 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-23 16:49:49 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-23 16:49:49 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-23 16:49:48 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-23 16:49:48 ----A---- C:\Windows\system32\mmcico.dll
2009-09-23 16:49:47 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-23 16:49:47 ----A---- C:\Windows\system32\csrstub.exe
2009-09-23 16:49:47 ----A---- C:\Windows\system32\cbsra.exe
2009-09-23 16:49:47 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-23 16:49:46 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-23 16:49:46 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-23 16:49:46 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-23 16:49:46 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-23 16:49:45 ----A---- C:\Windows\system32\winrnr.dll
2009-09-23 16:49:45 ----A---- C:\Windows\system32\slwga.dll
2009-09-23 16:49:45 ----A---- C:\Windows\system32\midimap.dll
2009-09-23 16:49:45 ----A---- C:\Windows\system32\inetppui.dll
2009-09-23 16:49:41 ----A---- C:\Windows\system32\msimsg.dll
2009-09-23 16:49:41 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-23 16:48:25 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-23 16:48:07 ----A---- C:\Windows\system32\wdscore.dll
2009-09-23 16:48:07 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-23 16:46:57 ----A---- C:\Windows\system32\drvstore.dll
2009-09-23 15:58:32 ----A---- C:\Windows\system32\jscript.dll
2009-09-23 15:25:43 ----D---- C:\Users\PHVDM\AppData\Roaming\PoivY
2009-09-23 15:24:56 ----D---- C:\Program Files\PoivY.com
2009-09-23 15:02:11 ----D---- C:\PerfLogs
2009-09-23 14:45:27 ----D---- C:\Program Files\Defraggler
2009-09-23 14:41:28 ----D---- C:\Program Files\CCleaner
2009-09-23 14:01:08 ----D---- C:\Users\PHVDM\AppData\Roaming\Adobe
2009-09-23 14:01:05 ----D---- C:\Users\PHVDM\AppData\Roaming\Google
2009-09-23 14:00:08 ----D---- C:\ProgramData\Google
2009-09-23 14:00:08 ----D---- C:\Program Files\Google
2009-09-23 13:40:09 ----A---- C:\Windows\system32\imagesp1.dll
2009-09-23 13:40:04 ----A---- C:\Windows\system32\sstpsvc.dll
2009-09-23 13:40:02 ----A---- C:\Windows\system32\winrscmd.dll
2009-09-23 13:39:52 ----A---- C:\Windows\system32\xpssvcs.dll
2009-09-23 13:39:41 ----A---- C:\Windows\system32\spwizimg.dll
2009-09-23 13:39:41 ----A---- C:\Windows\system32\lpremove.exe
2009-09-23 13:39:41 ----A---- C:\Windows\bfsvc.exe
2009-09-23 13:39:34 ----A---- C:\Windows\system32\recdisc.exe
2009-09-23 13:39:33 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2009-09-23 13:39:30 ----A---- C:\Windows\system32\msvbvm60.dll
2009-09-23 13:39:25 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2009-09-23 13:39:24 ----A---- C:\Windows\system32\xolehlp.dll
2009-09-23 13:39:22 ----A---- C:\Windows\system32\SSShim.dll
2009-09-23 13:39:21 ----A---- C:\Windows\system32\nlmgp.dll
2009-09-23 13:39:21 ----A---- C:\Windows\system32\DfsShlEx.dll
2009-09-23 13:39:19 ----A---- C:\Windows\system32\clusapi.dll
2009-09-23 13:39:17 ----A---- C:\Windows\system32\winrsmgr.dll
2009-09-23 13:39:15 ----A---- C:\Windows\system32\vdsbas.dll
2009-09-23 13:39:14 ----A---- C:\Windows\system32\comctl32.dll
2009-09-23 13:39:12 ----A---- C:\Windows\system32\XPSSHHDR.dll
2009-09-23 13:39:12 ----A---- C:\Windows\system32\msdtckrm.dll
2009-09-23 13:39:11 ----A---- C:\Windows\system32\wecutil.exe
2009-09-23 13:39:11 ----A---- C:\Windows\system32\sdengin2.dll
2009-09-23 13:39:11 ----A---- C:\Windows\system32\sbe.dll
2009-09-23 13:39:10 ----A---- C:\Windows\system32\gacinstall.dll
2009-09-23 13:39:10 ----A---- C:\Windows\system32\cmipnpinstall.dll
2009-09-23 13:39:10 ----A---- C:\Windows\system32\cmicryptinstall.dll
2009-09-23 13:39:08 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-09-23 13:39:06 ----A---- C:\Windows\system32\sqlceqp30.dll
2009-09-23 13:39:06 ----A---- C:\Windows\system32\lsm.exe
2009-09-23 13:39:06 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-09-23 13:39:05 ----A---- C:\Windows\system32\wecsvc.dll
2009-09-23 13:39:04 ----A---- C:\Windows\system32\thumbcache.dll
2009-09-23 13:39:02 ----A---- C:\Windows\system32\d3d10_1.dll
2009-09-23 13:39:01 ----A---- C:\Windows\system32\authfwcfg.dll
2009-09-23 13:39:00 ----A---- C:\Windows\system32\dmvdsitf.dll
2009-09-23 13:39:00 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-09-23 13:38:59 ----A---- C:\Windows\system32\wevtfwd.dll
2009-09-23 13:38:59 ----A---- C:\Windows\system32\uexfat.dll
2009-09-23 13:38:58 ----A---- C:\Windows\system32\DfrgNtfs.exe
2009-09-23 13:38:57 ----A---- C:\Windows\system32\sqlcese30.dll
2009-09-23 13:38:52 ----A---- C:\Windows\system32\mssha.dll
2009-09-23 13:38:51 ----A---- C:\Windows\system32\WsmAuto.dll
2009-09-23 13:38:51 ----A---- C:\Windows\system32\nlasvc.dll
2009-09-23 13:38:51 ----A---- C:\Windows\system32\dfrgui.exe
2009-09-23 13:38:49 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-09-23 13:38:49 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-09-23 13:38:49 ----A---- C:\Windows\system32\ddraw.dll
2009-09-23 13:38:48 ----A---- C:\Windows\system32\objsel.dll
2009-09-23 13:38:47 ----A---- C:\Windows\system32\QAGENT.DLL
2009-09-23 13:38:47 ----A---- C:\Windows\system32\dbghelp.dll
2009-09-23 13:38:46 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-09-23 13:38:46 ----A---- C:\Windows\system32\icm32.dll
2009-09-23 13:38:45 ----A---- C:\Windows\system32\iprtrmgr.dll
2009-09-23 13:38:44 ----A---- C:\Windows\system32\taskschd.dll
2009-09-23 13:38:44 ----A---- C:\Windows\system32\bcdedit.exe
2009-09-23 13:38:43 ----A---- C:\Windows\system32\AudioEng.dll
2009-09-23 13:38:42 ----A---- C:\Windows\system32\winsta.dll
2009-09-23 13:38:42 ----A---- C:\Windows\system32\netprofm.dll
2009-09-23 13:38:42 ----A---- C:\Windows\system32\hcrstco.dll
2009-09-23 13:38:41 ----A---- C:\Windows\system32\netcfgx.dll
2009-09-23 13:38:40 ----A---- C:\Windows\system32\lpksetup.exe
2009-09-23 13:38:40 ----A---- C:\Windows\system32\cdosys.dll
2009-09-23 13:38:39 ----A---- C:\Windows\system32\msdtcuiu.dll
2009-09-23 13:38:38 ----A---- C:\Windows\system32\mprddm.dll
2009-09-23 13:38:37 ----A---- C:\Windows\system32\eapsvc.dll
2009-09-23 13:38:37 ----A---- C:\Windows\system32\bcdsrv.dll
2009-09-23 13:38:37 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-09-23 13:38:35 ----A---- C:\Windows\system32\msidcrl30.dll
2009-09-23 13:38:34 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-09-23 13:38:34 ----A---- C:\Windows\system32\pla.dll
2009-09-23 13:38:33 ----A---- C:\Windows\system32\dxgi.dll
2009-09-23 13:38:33 ----A---- C:\Windows\system32\dot3gpui.dll
2009-09-23 13:38:31 ----A---- C:\Windows\system32\cryptnet.dll
2009-09-23 13:38:31 ----A---- C:\Windows\system32\comsnap.dll
2009-09-23 13:38:30 ----A---- C:\Windows\system32\synceng.dll
2009-09-23 13:38:29 ----A---- C:\Windows\system32\cmifw.dll
2009-09-23 13:38:28 ----A---- C:\Windows\system32\msconfig.exe
2009-09-23 13:38:26 ----A---- C:\Windows\system32\uxtheme.dll
2009-09-23 13:38:26 ----A---- C:\Windows\system32\tdh.dll
2009-09-23 13:38:26 ----A---- C:\Windows\system32\SessEnv.dll
2009-09-23 13:38:26 ----A---- C:\Windows\system32\dot3api.dll
2009-09-23 13:38:26 ----A---- C:\Windows\system32\dmdskmgr.dll
2009-09-23 13:38:25 ----A---- C:\Windows\system32\cmd.exe
2009-09-23 13:38:25 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2009-09-23 13:38:24 ----A---- C:\Windows\system32\WUDFx.dll
2009-09-23 13:38:24 ----A---- C:\Windows\system32\wlancfg.dll
2009-09-23 13:38:24 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2009-09-23 13:38:24 ----A---- C:\Windows\system32\loadperf.dll
2009-09-23 13:38:24 ----A---- C:\Windows\system32\comres.dll
2009-09-23 13:38:23 ----A---- C:\Windows\system32\rstrui.exe
2009-09-23 13:38:23 ----A---- C:\Windows\system32\rdpdd.dll
2009-09-23 13:38:23 ----A---- C:\Windows\system32\localsec.dll
2009-09-23 13:38:23 ----A---- C:\Windows\system32\hnetcfg.dll
2009-09-23 13:38:22 ----A---- C:\Windows\system32\WinSATAPI.dll
2009-09-23 13:38:19 ----A---- C:\Windows\system32\wsqmcons.exe
2009-09-23 13:38:18 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-09-23 13:38:18 ----A---- C:\Windows\system32\NAPMONTR.DLL
2009-09-23 13:38:17 ----A---- C:\Windows\system32\RDPENCDD.dll
2009-09-23 13:38:17 ----A---- C:\Windows\system32\profprov.dll
2009-09-23 13:38:17 ----A---- C:\Windows\system32\MuiUnattend.exe
2009-09-23 13:38:17 ----A---- C:\Windows\system32\filemgmt.dll
2009-09-23 13:38:16 ----A---- C:\Windows\system32\wsecedit.dll
2009-09-23 13:38:16 ----A---- C:\Windows\system32\tracerpt.exe
2009-09-23 13:38:16 ----A---- C:\Windows\system32\dwmredir.dll
2009-09-23 13:38:15 ----A---- C:\Windows\system32\wininit.exe
2009-09-23 13:38:15 ----A---- C:\Windows\system32\QSHVHOST.DLL
2009-09-23 13:38:14 ----A---- C:\Windows\system32\iashost.exe
2009-09-23 13:38:14 ----A---- C:\Windows\system32\azroleui.dll
2009-09-23 13:38:14 ----A---- C:\Windows\HelpPane.exe
2009-09-23 13:38:13 ----A---- C:\Windows\system32\spwizeng.dll
2009-09-23 13:38:13 ----A---- C:\Windows\system32\mcbuilder.exe
2009-09-23 13:38:12 ----A---- C:\Windows\system32\wecapi.dll
2009-09-23 13:38:12 ----A---- C:\Windows\system32\unbcl.dll
2009-09-23 13:38:12 ----A---- C:\Windows\system32\srrstr.dll
2009-09-23 13:38:12 ----A---- C:\Windows\system32\shrink.dll
2009-09-23 13:38:12 ----A---- C:\Windows\system32\msra.exe
2009-09-23 13:38:12 ----A---- C:\Windows\system32\lltdsvc.dll
2009-09-23 13:38:11 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-09-23 13:38:10 ----A---- C:\Windows\system32\oleacc.dll
2009-09-23 13:38:10 ----A---- C:\Windows\system32\msdri.dll
2009-09-23 13:38:09 ----A---- C:\Windows\system32\framedynos.dll
2009-09-23 13:38:08 ----A---- C:\Windows\system32\vsstrace.dll
2009-09-23 13:38:08 ----A---- C:\Windows\system32\ntvdm.exe
2009-09-23 13:38:07 ----A---- C:\Windows\system32\wpdshext.dll
2009-09-23 13:38:07 ----A---- C:\Windows\system32\ntlanman.dll
2009-09-23 13:38:06 ----A---- C:\Windows\system32\netman.dll
2009-09-23 13:38:06 ----A---- C:\Windows\system32\framedyn.dll
2009-09-23 13:38:06 ----A---- C:\Windows\system32\dssenh.dll
2009-09-23 13:38:05 ----A---- C:\Windows\system32\WlanMM.dll
2009-09-23 13:38:05 ----A---- C:\Windows\system32\adsnt.dll
2009-09-23 13:38:04 ----A---- C:\Windows\system32\WsmProv.dll
2009-09-23 13:38:04 ----A---- C:\Windows\system32\WLanConn.dll
2009-09-23 13:38:04 ----A---- C:\Windows\system32\sxs.dll
2009-09-23 13:38:04 ----A---- C:\Windows\system32\KMSVC.DLL
2009-09-23 13:38:04 ----A---- C:\Windows\system32\IPBusEnum.dll
2009-09-23 13:38:03 ----A---- C:\Windows\system32\WUDFHost.exe
2009-09-23 13:38:03 ----A---- C:\Windows\system32\VAN.dll
2009-09-23 13:38:03 ----A---- C:\Windows\system32\umb.dll
2009-09-23 13:38:03 ----A---- C:\Windows\system32\ncsi.dll
2009-09-23 13:38:02 ----A---- C:\Windows\system32\puiobj.dll
2009-09-23 13:38:02 ----A---- C:\Windows\system32\catsrvut.dll
2009-09-23 13:38:01 ----A---- C:\Windows\system32\netid.dll
2009-09-23 13:38:01 ----A---- C:\Windows\system32\MdSched.exe
2009-09-23 13:38:01 ----A---- C:\Windows\system32\dps.dll
2009-09-23 13:38:00 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-09-23 13:37:59 ----A---- C:\Windows\system32\ws2_32.dll
2009-09-23 13:37:59 ----A---- C:\Windows\system32\winrs.exe
2009-09-23 13:37:59 ----A---- C:\Windows\system32\spbcd.dll
2009-09-23 13:37:59 ----A---- C:\Windows\system32\odbcjt32.dll
2009-09-23 13:37:59 ----A---- C:\Windows\system32\ntdsapi.dll
2009-09-23 13:37:59 ----A---- C:\Windows\system32\NAPSTAT.EXE
2009-09-23 13:37:56 ----A---- C:\Windows\system32\schtasks.exe
2009-09-23 13:37:56 ----A---- C:\Windows\system32\netdiagfx.dll
2009-09-23 13:37:56 ----A---- C:\Windows\system32\dmdlgs.dll
2009-09-23 13:37:56 ----A---- C:\Windows\system32\dhcpsapi.dll
2009-09-23 13:37:56 ----A---- C:\Windows\system32\catsrv.dll
2009-09-23 13:37:56 ----A---- C:\Windows\system32\activeds.dll
2009-09-23 13:37:55 ----A---- C:\Windows\system32\TSpkg.dll
2009-09-23 13:37:55 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2009-09-23 13:37:55 ----A---- C:\Windows\system32\dfrgfat.exe
2009-09-23 13:37:54 ----A---- C:\Windows\system32\wvc.dll
2009-09-23 13:37:54 ----A---- C:\Windows\system32\winrm.vbs
2009-09-23 13:37:54 ----A---- C:\Windows\system32\qwave.dll
2009-09-23 13:37:53 ----A---- C:\Windows\system32\netcorehc.dll
2009-09-23 13:37:53 ----A---- C:\Windows\system32\NAPHLPR.DLL
2009-09-23 13:37:53 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-09-23 13:37:53 ----A---- C:\Windows\system32\msacm32.dll
2009-09-23 13:37:52 ----A---- C:\Windows\system32\adsldp.dll
2009-09-23 13:37:51 ----A---- C:\Windows\system32\ntshrui.dll
2009-09-23 13:37:51 ----A---- C:\Windows\system32\msdt.dll
2009-09-23 13:37:51 ----A---- C:\Windows\system32\els.dll
2009-09-23 13:37:51 ----A---- C:\Windows\system32\clbcatq.dll
2009-09-23 13:37:50 ----A---- C:\Windows\system32\sdrsvc.dll
2009-09-23 13:37:50 ----A---- C:\Windows\system32\QUTIL.DLL
2009-09-23 13:37:50 ----A---- C:\Windows\system32\net1.exe
2009-09-23 13:37:50 ----A---- C:\Windows\system32\ipnathlp.dll
2009-09-23 13:37:49 ----A---- C:\Windows\system32\Defrag.exe
2009-09-23 13:37:48 ----A---- C:\Windows\system32\upnphost.dll
2009-09-23 13:37:48 ----A---- C:\Windows\system32\nci.dll
2009-09-23 13:37:48 ----A---- C:\Windows\system32\mprmsg.dll
2009-09-23 13:37:47 ----A---- C:\Windows\system32\rasman.dll
2009-09-23 13:37:47 ----A---- C:\Windows\system32\P2P.dll
2009-09-23 13:37:47 ----A---- C:\Windows\system32\CompatUI.dll
2009-09-23 13:37:47 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2009-09-23 13:37:46 ----A---- C:\Windows\system32\rascfg.dll
2009-09-23 13:37:46 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-09-23 13:37:46 ----A---- C:\Windows\system32\loghours.dll
2009-09-23 13:37:46 ----A---- C:\Windows\system32\fde.dll
2009-09-23 13:37:45 ----A---- C:\Windows\system32\Wpc.dll
2009-09-23 13:37:45 ----A---- C:\Windows\system32\MigAutoPlay.exe
2009-09-23 13:37:45 ----A---- C:\Windows\system32\dxdiag.exe
2009-09-23 13:37:45 ----A---- C:\Windows\system32\DFDWiz.exe
2009-09-23 13:37:44 ----A---- C:\Windows\system32\setupcl.exe
2009-09-23 13:37:44 ----A---- C:\Windows\system32\mprdim.dll
2009-09-23 13:37:43 ----A---- C:\Windows\system32\rtm.dll
2009-09-23 13:37:42 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2009-09-23 13:37:42 ----A---- C:\Windows\system32\ifsutil.dll
2009-09-23 13:37:41 ----A---- C:\Windows\system32\wdi.dll
2009-09-23 13:37:41 ----A---- C:\Windows\system32\actxprxy.dll
2009-09-23 13:37:40 ----A---- C:\Windows\system32\usbmon.dll
2009-09-23 13:37:40 ----A---- C:\Windows\system32\mswmdm.dll
2009-09-23 13:37:40 ----A---- C:\Windows\system32\imagehlp.dll
2009-09-23 13:37:40 ----A---- C:\Windows\system32\BOOTVID.DLL
2009-09-23 13:37:39 ----A---- C:\Windows\system32\wlandlg.dll
2009-09-23 13:37:39 ----A---- C:\Windows\system32\vssadmin.exe
2009-09-23 13:37:39 ----A---- C:\Windows\system32\uudf.dll
2009-09-23 13:37:39 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-09-23 13:37:39 ----A---- C:\Windows\system32\mycomput.dll
2009-09-23 13:37:37 ----A---- C:\Windows\system32\mstask.dll
2009-09-23 13:37:37 ----A---- C:\Windows\system32\mspaint.exe
2009-09-23 13:37:36 ----A---- C:\Windows\system32\termmgr.dll
2009-09-23 13:37:36 ----A---- C:\Windows\system32\ssdpsrv.dll
2009-09-23 13:37:36 ----A---- C:\Windows\system32\mtxoci.dll
2009-09-23 13:37:36 ----A---- C:\Windows\system32\duser.dll
2009-09-23 13:37:35 ----A---- C:\Windows\system32\Robocopy.exe
2009-09-23 13:37:35 ----A---- C:\Windows\system32\cic.dll
2009-09-23 13:37:35 ----A---- C:\Windows\system32\AzSqlExt.dll
2009-09-23 13:37:33 ----A---- C:\Windows\system32\sdshext.dll
2009-09-23 13:37:32 ----A---- C:\Windows\system32\WUDFPlatform.dll
2009-09-23 13:37:32 ----A---- C:\Windows\system32\verifier.exe
2009-09-23 13:37:32 ----A---- C:\Windows\system32\msdtclog.dll
2009-09-23 13:37:32 ----A---- C:\Windows\system32\msdt.exe
2009-09-23 13:37:32 ----A---- C:\Windows\system32\d3d8.dll
2009-09-23 13:37:31 ----A---- C:\Windows\system32\wintrust.dll
2009-09-23 13:37:31 ----A---- C:\Windows\system32\oledlg.dll
2009-09-23 13:37:31 ----A---- C:\Windows\system32\clfsw32.dll
2009-09-23 13:37:30 ----A---- C:\Windows\system32\vdsldr.exe
2009-09-23 13:37:30 ----A---- C:\Windows\system32\mmcbase.dll
2009-09-23 13:37:30 ----A---- C:\Windows\system32\icfupgd.dll
2009-09-23 13:37:29 ----A---- C:\Windows\system32\rasqec.dll
2009-09-23 13:37:29 ----A---- C:\Windows\system32\ncobjapi.dll
2009-09-23 13:37:29 ----A---- C:\Windows\system32\msaatext.dll
2009-09-23 13:37:29 ----A---- C:\Windows\system32\mlang.dll
2009-09-23 13:37:28 ----A---- C:\Windows\system32\wtsapi32.dll
2009-09-23 13:37:28 ----A---- C:\Windows\system32\wpd_ci.dll
2009-09-23 13:37:28 ----A---- C:\Windows\system32\unlodctr.exe
2009-09-23 13:37:28 ----A---- C:\Windows\system32\syssetup.dll
2009-09-23 13:37:28 ----A---- C:\Windows\system32\lodctr.exe
2009-09-23 13:37:26 ----A---- C:\Windows\system32\Mcx2Svc.dll
2009-09-23 13:37:26 ----A---- C:\Windows\system32\dxdiagn.dll
2009-09-23 13:37:26 ----A---- C:\Windows\system32\cabinet.dll
2009-09-23 13:37:25 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-09-23 13:37:25 ----A---- C:\Windows\system32\unattend.dll
2009-09-23 13:37:25 ----A---- C:\Windows\system32\trkwks.dll
2009-09-23 13:37:25 ----A---- C:\Windows\system32\lnkstub.exe
2009-09-23 13:37:24 ----A---- C:\Windows\system32\wermgr.exe
2009-09-23 13:37:24 ----A---- C:\Windows\system32\ogldrv.dll
2009-09-23 13:37:24 ----A---- C:\Windows\system32\dfdts.dll
2009-09-23 13:37:24 ----A---- C:\Windows\system32\cabview.dll
2009-09-23 13:37:22 ----A---- C:\Windows\system32\sdspres.dll
2009-09-23 13:37:22 ----A---- C:\Windows\system32\p2pcollab.dll
2009-09-23 13:37:22 ----A---- C:\Windows\system32\basesrv.dll
2009-09-23 13:37:21 ----A---- C:\Windows\system32\dispdiag.exe
2009-09-23 13:37:21 ----A---- C:\Windows\system32\DHCPQEC.DLL
2009-09-23 13:37:17 ----A---- C:\Windows\system32\mmcss.dll
2009-09-23 13:37:17 ----A---- C:\Windows\system32\dsquery.dll
2009-09-23 13:37:16 ----A---- C:\Windows\system32\verifier.dll
2009-09-23 13:37:16 ----A---- C:\Windows\system32\RstrtMgr.dll
2009-09-23 13:37:16 ----A---- C:\Windows\system32\efsadu.dll
2009-09-23 13:37:14 ----A---- C:\Windows\system32\WPDSp.dll
2009-09-23 13:37:14 ----A---- C:\Windows\system32\wercplsupport.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\wiascanprofiles.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\setupugc.exe
2009-09-23 13:37:13 ----A---- C:\Windows\system32\pnrpnsp.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\msoeacct.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\iscsiexe.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\icacls.exe
2009-09-23 13:37:13 ----A---- C:\Windows\system32\d3d10core.dll
2009-09-23 13:37:13 ----A---- C:\Windows\system32\consent.exe
2009-09-23 13:37:12 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2009-09-23 13:37:12 ----A---- C:\Windows\system32\p2pnetsh.dll
2009-09-23 13:37:12 ----A---- C:\Windows\system32\msrdc.dll
2009-09-23 13:37:12 ----A---- C:\Windows\system32\msdmo.dll
2009-09-23 13:37:11 ----A---- C:\Windows\system32\xactsrv.dll
2009-09-23 13:37:11 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2009-09-23 13:37:10 ----A---- C:\Windows\system32\systeminfo.exe
2009-09-23 13:37:10 ----A---- C:\Windows\system32\pcadm.dll
2009-09-23 13:37:10 ----A---- C:\Windows\system32\netcfg.exe
2009-09-23 13:37:10 ----A---- C:\Windows\system32\eappprxy.dll
2009-09-23 13:37:09 ----A---- C:\Windows\system32\xwizards.dll
2009-09-23 13:37:09 ----A---- C:\Windows\system32\resutils.dll
2009-09-23 13:37:09 ----A---- C:\Windows\system32\DWWIN.EXE
2009-09-23 13:37:09 ----A---- C:\Windows\system32\cmdl32.exe
2009-09-23 13:37:08 ----A---- C:\Windows\system32\dssec.dll
2009-09-23 13:37:08 ----A---- C:\Windows\system32\dot3ui.dll
2009-09-23 13:37:08 ----A---- C:\Windows\system32\dfrgifc.exe
2009-09-23 13:37:08 ----A---- C:\Windows\system32\dbnetlib.dll
2009-09-23 13:37:08 ----A---- C:\Windows\system32\alg.exe
2009-09-23 13:37:07 ----A---- C:\Windows\system32\nshhttp.dll
2009-09-23 13:37:07 ----A---- C:\Windows\system32\netprof.dll
2009-09-23 13:37:07 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2009-09-23 13:37:07 ----A---- C:\Windows\system32\btpanui.dll
2009-09-23 13:37:07 ----A---- C:\Windows\regedit.exe
2009-09-23 13:37:06 ----A---- C:\Windows\system32\txflog.dll
2009-09-23 13:37:06 ----A---- C:\Windows\system32\apircl.dll
2009-09-23 13:37:03 ----A---- C:\Windows\system32\taskkill.exe
2009-09-23 13:37:02 ----A---- C:\Windows\system32\tbssvc.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\msieftp.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\dxva2.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\dwmapi.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\d3d10.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\bcdprov.dll
2009-09-23 13:37:02 ----A---- C:\Windows\system32\ActionQueue.dll
2009-09-23 13:37:01 ----A---- C:\Windows\system32\svchost.exe
2009-09-23 13:37:01 ----A---- C:\Windows\system32\RASMM.dll
2009-09-23 13:37:01 ----A---- C:\Windows\system32\provthrd.dll
2009-09-23 13:37:01 ----A---- C:\Windows\system32\EAPQEC.DLL
2009-09-23 13:37:00 ----A---- C:\Windows\system32\syncui.dll
2009-09-23 13:37:00 ----A---- C:\Windows\system32\dmocx.dll
2009-09-23 13:36:59 ----A---- C:\Windows\system32\WMASF.DLL
2009-09-23 13:36:59 ----A---- C:\Windows\system32\raserver.exe
2009-09-23 13:36:59 ----A---- C:\Windows\system32\aclui.dll
2009-09-23 13:36:58 ----A---- C:\Windows\system32\xcopy.exe
2009-09-23 13:36:58 ----A---- C:\Windows\system32\taskmgr.exe
2009-09-23 13:36:58 ----A---- C:\Windows\system32\ias.dll
2009-09-23 13:36:58 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-09-23 13:36:58 ----A---- C:\Windows\system32\brcplsdw.dll
2009-09-23 13:36:58 ----A---- C:\Windows\system32\audiodev.dll
2009-09-23 13:36:57 ----A---- C:\Windows\system32\upnp.dll
2009-09-23 13:36:57 ----A---- C:\Windows\system32\UIHub.dll
2009-09-23 13:36:57 ----A---- C:\Windows\system32\QCLIPROV.DLL
2009-09-23 13:36:57 ----A---- C:\Windows\system32\icsfiltr.dll
2009-09-23 13:36:57 ----A---- C:\Windows\system32\cmstp.exe
2009-09-23 13:36:57 ----A---- C:\Windows\system32\appinfo.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\wlanext.exe
2009-09-23 13:36:56 ----A---- C:\Windows\system32\perfts.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\NapiNSP.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\msoert2.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\mountvol.exe
2009-09-23 13:36:56 ----A---- C:\Windows\system32\mmcshext.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\browser.dll
2009-09-23 13:36:56 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-09-23 13:36:55 ----A---- C:\Windows\system32\PING.EXE
2009-09-23 13:36:55 ----A---- C:\Windows\system32\inetmib1.dll
2009-09-23 13:36:55 ----A---- C:\Windows\system32\dskquoui.dll
2009-09-23 13:36:55 ----A---- C:\Windows\system32\cewmdm.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\SoundRecorder.exe
2009-09-23 13:36:54 ----A---- C:\Windows\system32\qcap.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\qasf.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\httpapi.dll
2009-09-23 13:36:54 ----A---- C:\Windows\system32\bitsadmin.exe
2009-09-23 13:36:53 ----A---- C:\Windows\system32\SysFxUI.dll
2009-09-23 13:36:53 ----A---- C:\Windows\system32\dsuiext.dll
2009-09-23 13:36:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2009-09-23 13:36:52 ----A---- C:\Windows\system32\wmpsrcwp.dll
2009-09-23 13:36:52 ----A---- C:\Windows\system32\SecEdit.exe
2009-09-23 13:36:52 ----A---- C:\Windows\system32\mtstocom.exe
2009-09-23 13:36:52 ----A---- C:\Windows\system32\auditpol.exe
2009-09-23 13:36:51 ----A---- C:\Windows\system32\WMVSENCD.DLL
2009-09-23 13:36:51 ----A---- C:\Windows\system32\shimgvw.dll
2009-09-23 13:36:51 ----A---- C:\Windows\system32\Sens.dll
2009-09-23 13:36:51 ----A---- C:\Windows\system32\makecab.exe
2009-09-23 13:36:51 ----A---- C:\Windows\system32\lsmproxy.dll
2009-09-23 13:36:51 ----A---- C:\Windows\system32\batt.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\xwtpw32.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\wzcdlg.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\sppnp.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\seclogon.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\sbeio.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\ndfapi.dll
2009-09-23 13:36:50 ----A---- C:\Windows\system32\msdadiag.dll

[Jintan]

2009-09-23 13:36:50 ----A---- C:\Windows\system32\dot3gpclnt.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\wscmisetup.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\wiashext.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\wiadefui.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\userinit.exe
2009-09-23 13:36:49 ----A---- C:\Windows\system32\shacct.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\p2phost.exe
2009-09-23 13:36:49 ----A---- C:\Windows\system32\msorcl32.dll
2009-09-23 13:36:49 ----A---- C:\Windows\system32\apss.dll
2009-09-23 13:36:48 ----A---- C:\Windows\system32\wpdwcn.dll
2009-09-23 13:36:48 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2009-09-23 13:36:48 ----A---- C:\Windows\system32\sxstrace.exe
2009-09-23 13:36:48 ----A---- C:\Windows\system32\perfmon.exe
2009-09-23 13:36:48 ----A---- C:\Windows\system32\napipsec.dll
2009-09-23 13:36:48 ----A---- C:\Windows\system32\ktmutil.exe
2009-09-23 13:36:48 ----A---- C:\Windows\system32\keymgr.dll
2009-09-23 13:36:48 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2009-09-23 13:36:47 ----A---- C:\Windows\system32\winrshost.exe
2009-09-23 13:36:47 ----A---- C:\Windows\system32\tasklist.exe
2009-09-23 13:36:47 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2009-09-23 13:36:47 ----A---- C:\Windows\system32\prntvpt.dll
2009-09-23 13:36:47 ----A---- C:\Windows\system32\notepad.exe
2009-09-23 13:36:47 ----A---- C:\Windows\system32\MP4SDECD.DLL
2009-09-23 13:36:47 ----A---- C:\Windows\system32\fmifs.dll
2009-09-23 13:36:47 ----A---- C:\Windows\system32\csrsrv.dll
2009-09-23 13:36:47 ----A---- C:\Windows\system32\colorui.dll
2009-09-23 13:36:47 ----A---- C:\Windows\notepad.exe
2009-09-23 13:36:46 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-09-23 13:36:46 ----A---- C:\Windows\system32\netiougc.exe
2009-09-23 13:36:46 ----A---- C:\Windows\system32\d3dim700.dll
2009-09-23 13:36:45 ----A---- C:\Windows\system32\wscproxystub.dll
2009-09-23 13:36:45 ----A---- C:\Windows\system32\winethc.dll
2009-09-23 13:36:45 ----A---- C:\Windows\system32\takeown.exe
2009-09-23 13:36:45 ----A---- C:\Windows\system32\pcasvc.dll
2009-09-23 13:36:45 ----A---- C:\Windows\system32\nshipsec.dll
2009-09-23 13:36:45 ----A---- C:\Windows\system32\driverquery.exe
2009-09-23 13:36:45 ----A---- C:\Windows\system32\cryptdll.dll
2009-09-23 13:36:44 ----A---- C:\Windows\system32\wmiprop.dll
2009-09-23 13:36:44 ----A---- C:\Windows\system32\txfw32.dll
2009-09-23 13:36:44 ----A---- C:\Windows\system32\pots.dll
2009-09-23 13:36:44 ----A---- C:\Windows\system32\findnetprinters.dll
2009-09-23 13:36:43 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-09-23 13:36:43 ----A---- C:\Windows\system32\fsutil.exe
2009-09-23 13:36:43 ----A---- C:\Windows\system32\dnshc.dll
2009-09-23 13:36:43 ----A---- C:\Windows\system32\capisp.dll
2009-09-23 13:36:42 ----A---- C:\Windows\system32\shrpubw.exe
2009-09-23 13:36:42 ----A---- C:\Windows\system32\sfc_os.dll
2009-09-23 13:36:42 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2009-09-23 13:36:42 ----A---- C:\Windows\system32\perfnet.dll
2009-09-23 13:36:42 ----A---- C:\Windows\system32\olecli32.dll
2009-09-23 13:36:42 ----A---- C:\Windows\system32\nsisvc.dll
2009-09-23 13:36:42 ----A---- C:\Windows\system32\luainstall.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\WLanHC.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\TMM.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\shgina.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\runonce.exe
2009-09-23 13:36:41 ----A---- C:\Windows\system32\rshx32.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\RpcPing.exe
2009-09-23 13:36:41 ----A---- C:\Windows\system32\ktmw32.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\fdPHost.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\d3dim.dll
2009-09-23 13:36:41 ----A---- C:\Windows\system32\compstui.dll
2009-09-23 13:36:40 ----A---- C:\Windows\system32\WMADMOE.DLL
2009-09-23 13:36:40 ----A---- C:\Windows\system32\wiaacmgr.exe
2009-09-23 13:36:40 ----A---- C:\Windows\system32\getmac.exe
2009-09-23 13:36:40 ----A---- C:\Windows\system32\dimsjob.dll
2009-09-23 13:36:40 ----A---- C:\Windows\system32\cmlua.dll
2009-09-23 13:36:39 ----A---- C:\Windows\system32\w32tm.exe
2009-09-23 13:36:39 ----A---- C:\Windows\system32\UI0Detect.exe
2009-09-23 13:36:39 ----A---- C:\Windows\system32\net.exe
2009-09-23 13:36:39 ----A---- C:\Windows\system32\MPG4DECD.DLL
2009-09-23 13:36:39 ----A---- C:\Windows\system32\MP43DECD.DLL
2009-09-23 13:36:39 ----A---- C:\Windows\system32\mdminst.dll
2009-09-23 13:36:39 ----A---- C:\Windows\system32\dsauth.dll
2009-09-23 13:36:38 ----A---- C:\Windows\system32\wmpshell.dll
2009-09-23 13:36:38 ----A---- C:\Windows\system32\srdelayed.exe
2009-09-23 13:36:38 ----A---- C:\Windows\system32\ACW.exe
2009-09-23 13:36:37 ----A---- C:\Windows\system32\sdchange.exe
2009-09-23 13:36:37 ----A---- C:\Windows\system32\pnpts.dll
2009-09-23 13:36:37 ----A---- C:\Windows\system32\migisol.dll
2009-09-23 13:36:37 ----A---- C:\Windows\system32\cmutil.dll
2009-09-23 13:36:36 ----A---- C:\Windows\system32\sfc.exe
2009-09-23 13:36:36 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2009-09-23 13:36:36 ----A---- C:\Windows\system32\dispci.dll
2009-09-23 13:36:36 ----A---- C:\Windows\system32\dinput8.dll
2009-09-23 13:36:36 ----A---- C:\Windows\system32\diantz.exe
2009-09-23 13:36:36 ----A---- C:\Windows\system32\comrepl.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-09-23 13:36:34 ----A---- C:\Windows\system32\wmidx.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\vdmredir.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\remotepg.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\pdhui.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\nlaapi.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\fwcfg.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\expand.exe
2009-09-23 13:36:34 ----A---- C:\Windows\system32\EncDump.dll
2009-09-23 13:36:34 ----A---- C:\Windows\system32\cfgbkend.dll
2009-09-23 13:36:33 ----A---- C:\Windows\system32\utildll.dll
2009-09-23 13:36:33 ----A---- C:\Windows\system32\TpmInit.exe
2009-09-23 13:36:33 ----A---- C:\Windows\system32\McxDriv.dll
2009-09-23 13:36:33 ----A---- C:\Windows\system32\hlink.dll
2009-09-23 13:36:33 ----A---- C:\Windows\system32\colbact.dll
2009-09-23 13:36:33 ----A---- C:\Windows\system32\bridgeunattend.exe
2009-09-23 13:36:32 ----A---- C:\Windows\system32\wmvdspa.dll
2009-09-23 13:36:32 ----A---- C:\Windows\system32\sti_ci.dll
2009-09-23 13:36:32 ----A---- C:\Windows\system32\bootcfg.exe
2009-09-23 13:36:32 ----A---- C:\Windows\system32\amstream.dll
2009-09-23 13:36:31 ----A---- C:\Windows\system32\waitfor.exe
2009-09-23 13:36:31 ----A---- C:\Windows\system32\vds_ps.dll
2009-09-23 13:36:31 ----A---- C:\Windows\system32\tabcal.exe
2009-09-23 13:36:31 ----A---- C:\Windows\system32\rdrleakdiag.exe
2009-09-23 13:36:31 ----A---- C:\Windows\system32\iscsium.dll
2009-09-23 13:36:31 ----A---- C:\Windows\system32\esentutl.exe
2009-09-23 13:36:31 ----A---- C:\Windows\system32\cmcfg32.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\WsmCl.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\wfapigp.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\shutdown.exe
2009-09-23 13:36:30 ----A---- C:\Windows\system32\qdv.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\osblprov.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\dpnet.dll
2009-09-23 13:36:30 ----A---- C:\Windows\system32\cacls.exe
2009-09-23 13:36:29 ----A---- C:\Windows\system32\wmpcm.dll
2009-09-23 13:36:29 ----A---- C:\Windows\system32\olesvr32.dll
2009-09-23 13:36:29 ----A---- C:\Windows\system32\msdtc.exe
2009-09-23 13:36:29 ----A---- C:\Windows\system32\DpiScaling.exe
2009-09-23 13:36:29 ----A---- C:\Windows\system32\COLORCNV.DLL
2009-09-23 13:36:28 ----A---- C:\Windows\system32\wpnpinst.exe
2009-09-23 13:36:28 ----A---- C:\Windows\system32\werdiagcontroller.dll
2009-09-23 13:36:28 ----A---- C:\Windows\system32\rasauto.dll
2009-09-23 13:36:28 ----A---- C:\Windows\system32\olethk32.dll
2009-09-23 13:36:28 ----A---- C:\Windows\system32\mfvdsp.dll
2009-09-23 13:36:28 ----A---- C:\Windows\system32\iscsiwmi.dll
2009-09-23 13:36:27 ----A---- C:\Windows\system32\wavemsp.dll
2009-09-23 13:36:27 ----A---- C:\Windows\system32\ufat.dll
2009-09-23 13:36:27 ----A---- C:\Windows\system32\sxproxy.dll
2009-09-23 13:36:27 ----A---- C:\Windows\system32\odbctrac.dll
2009-09-23 13:36:27 ----A---- C:\Windows\system32\at.exe
2009-09-23 13:36:26 ----A---- C:\Windows\system32\WpdConns.dll
2009-09-23 13:36:26 ----A---- C:\Windows\system32\ucsvc.exe
2009-09-23 13:36:26 ----A---- C:\Windows\system32\rgb9rast.dll
2009-09-23 13:36:26 ----A---- C:\Windows\system32\RegCtrl.dll
2009-09-23 13:36:26 ----A---- C:\Windows\system32\convert.exe
2009-09-23 13:36:25 ----A---- C:\Windows\system32\xmlprovi.dll
2009-09-23 13:36:25 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2009-09-23 13:36:25 ----A---- C:\Windows\system32\prevhost.exe
2009-09-23 13:36:25 ----A---- C:\Windows\system32\mobsync.exe
2009-09-23 13:36:25 ----A---- C:\Windows\system32\itss.dll
2009-09-23 13:36:25 ----A---- C:\Windows\system32\AuthFWGP.dll
2009-09-23 13:36:24 ----A---- C:\Windows\system32\tbs.dll
2009-09-23 13:36:24 ----A---- C:\Windows\system32\netbtugc.exe
2009-09-23 13:36:24 ----A---- C:\Windows\system32\iscsied.dll
2009-09-23 13:36:24 ----A---- C:\Windows\system32\dskquota.dll
2009-09-23 13:36:24 ----A---- C:\Windows\system32\AtBroker.exe
2009-09-23 13:36:23 ----A---- C:\Windows\system32\unattendedjoin.exe
2009-09-23 13:36:23 ----A---- C:\Windows\system32\srclient.dll
2009-09-23 13:36:23 ----A---- C:\Windows\system32\setupcln.dll
2009-09-23 13:36:23 ----A---- C:\Windows\system32\GuidedHelp.dll
2009-09-23 13:36:23 ----A---- C:\Windows\system32\fphc.dll
2009-09-23 13:36:23 ----A---- C:\Windows\system32\dmime.dll
2009-09-23 13:36:22 ----A---- C:\Windows\system32\winnsi.dll
2009-09-23 13:36:22 ----A---- C:\Windows\system32\regini.exe
2009-09-23 13:36:22 ----A---- C:\Windows\system32\mydocs.dll
2009-09-23 13:36:22 ----A---- C:\Windows\system32\l2gpstore.dll
2009-09-23 13:36:22 ----A---- C:\Windows\system32\dsdmo.dll
2009-09-23 13:36:22 ----A---- C:\Windows\system32\cmpbk32.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\usbui.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\odbccu32.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\odbccr32.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\napdsnap.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\msident.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\msdart.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\dot3dlg.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\devenum.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\cmstplua.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\apilogen.dll
2009-09-23 13:36:21 ----A---- C:\Windows\system32\amxread.dll
2009-09-23 13:36:20 ----A---- C:\Windows\system32\wpclsp.dll
2009-09-23 13:36:20 ----A---- C:\Windows\system32\WINSRPC.DLL
2009-09-23 13:36:20 ----A---- C:\Windows\system32\VIDRESZR.DLL
2009-09-23 13:36:20 ----A---- C:\Windows\system32\upnpcont.exe
2009-09-23 13:36:20 ----A---- C:\Windows\system32\RacAgent.exe
2009-09-23 13:36:20 ----A---- C:\Windows\system32\mtxlegih.dll
2009-09-23 13:36:20 ----A---- C:\Windows\system32\mtxdm.dll
2009-09-23 13:36:20 ----A---- C:\Windows\system32\avrt.dll
2009-09-23 13:36:19 ----A---- C:\Windows\system32\vss_ps.dll
2009-09-23 13:36:19 ----A---- C:\Windows\system32\srwmi.dll
2009-09-23 13:36:19 ----A---- C:\Windows\system32\nsi.dll
2009-09-23 13:36:19 ----A---- C:\Windows\system32\nbtstat.exe
2009-09-23 13:36:19 ----A---- C:\Windows\system32\graftabl.com
2009-09-23 13:36:18 ----A---- C:\Windows\system32\wsock32.dll
2009-09-23 13:36:18 ----A---- C:\Windows\system32\WavDest.dll
2009-09-23 13:36:18 ----A---- C:\Windows\system32\vfwwdm32.dll
2009-09-23 13:36:18 ----A---- C:\Windows\system32\syskey.exe
2009-09-23 13:36:18 ----A---- C:\Windows\system32\rasphone.exe
2009-09-23 13:36:18 ----A---- C:\Windows\system32\mfcsubs.dll
2009-09-23 13:36:17 ----A---- C:\Windows\system32\wiarpc.dll
2009-09-23 13:36:17 ----A---- C:\Windows\system32\odbcbcp.dll
2009-09-23 13:36:17 ----A---- C:\Windows\system32\ndfetw.dll
2009-09-23 13:36:17 ----A---- C:\Windows\system32\extrac32.exe
2009-09-23 13:36:16 ----A---- C:\Windows\system32\procinst.dll
2009-09-23 13:36:16 ----A---- C:\Windows\system32\MP3DMOD.DLL
2009-09-23 13:36:16 ----A---- C:\Windows\system32\eventcls.dll
2009-09-23 13:36:16 ----A---- C:\Windows\system32\csrss.exe
2009-09-23 13:36:15 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2009-09-23 13:36:15 ----A---- C:\Windows\system32\d3dxof.dll
2009-09-23 13:36:08 ----A---- C:\Windows\system32\wiadss.dll
2009-09-23 13:36:08 ----A---- C:\Windows\system32\TabbtnEx.dll
2009-09-23 13:36:08 ----A---- C:\Windows\system32\dmscript.dll
2009-09-23 13:36:07 ----A---- C:\Windows\system32\WlanMmHC.dll
2009-09-23 13:36:07 ----A---- C:\Windows\system32\Tabbtn.dll
2009-09-23 13:36:07 ----A---- C:\Windows\system32\psbase.dll
2009-09-23 13:36:07 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2009-09-23 13:36:07 ----A---- C:\Windows\fveupdate.exe
2009-09-23 13:36:06 ----A---- C:\Windows\system32\Netplwiz.exe
2009-09-23 13:36:06 ----A---- C:\Windows\system32\dmloader.dll
2009-09-23 13:36:06 ----A---- C:\Windows\system32\credssp.dll
2009-09-23 13:36:05 ----A---- C:\Windows\system32\wshcon.dll
2009-09-23 13:36:05 ----A---- C:\Windows\system32\icsunattend.exe
2009-09-23 13:36:04 ----A---- C:\Windows\system32\WsmRes.dll
2009-09-23 13:36:04 ----A---- C:\Windows\system32\wship6.dll
2009-09-23 13:36:04 ----A---- C:\Windows\system32\PlaySndSrv.dll
2009-09-23 13:36:04 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2009-09-23 13:36:03 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2009-09-23 13:36:03 ----A---- C:\Windows\system32\sxsstore.dll
2009-09-23 13:36:03 ----A---- C:\Windows\system32\setupSNK.exe
2009-09-23 13:36:03 ----A---- C:\Windows\system32\localui.dll
2009-09-23 13:36:03 ----A---- C:\Windows\system32\lltdapi.dll
2009-09-23 13:36:03 ----A---- C:\Windows\system32\icaapi.dll
2009-09-23 13:36:03 ----A---- C:\Windows\system32\ComputerDefaults.exe
2009-09-23 13:36:02 ----A---- C:\Windows\system32\tcpmon.ini
2009-09-23 13:36:02 ----A---- C:\Windows\system32\OptionalFeatures.exe
2009-09-23 13:36:02 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2009-09-23 13:36:01 ----A---- C:\Windows\system32\sbunattend.exe
2009-09-23 13:36:01 ----A---- C:\Windows\system32\dmutil.dll
2009-09-23 13:36:00 ----A---- C:\Windows\system32\usbperf.dll
2009-09-23 13:36:00 ----A---- C:\Windows\system32\spopk.dll
2009-09-23 13:36:00 ----A---- C:\Windows\system32\serialui.dll
2009-09-23 13:35:59 ----A---- C:\Windows\system32\cofiredm.dll
2009-09-23 13:35:57 ----A---- C:\Windows\system32\rasctrs.dll
2009-09-23 13:35:57 ----A---- C:\Windows\system32\msobjs.dll
2009-09-23 13:35:56 ----A---- C:\Windows\system32\hnetmon.dll
2009-09-23 13:35:55 ----A---- C:\Windows\system32\nlsbres.dll
2009-09-23 13:35:55 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2009-09-23 13:35:55 ----A---- C:\Windows\system32\esentprf.dll
2009-09-23 13:35:54 ----A---- C:\Windows\system32\LogonUI.exe
2009-09-23 13:35:54 ----A---- C:\Windows\system32\iprtprio.dll
2009-09-23 13:35:52 ----A---- C:\Windows\system32\osbaseln.dll
2009-09-23 13:35:52 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-09-23 13:35:50 ----A---- C:\Windows\system32\msmmsp.dll
2009-09-23 13:35:49 ----A---- C:\Windows\system32\dispex.dll
2009-09-23 13:35:48 ----A---- C:\Windows\system32\winusb.dll
2009-09-23 13:35:48 ----A---- C:\Windows\system32\rdpcfgex.dll
2009-09-23 13:35:44 ----A---- C:\Windows\system32\riched32.dll
2009-09-23 13:35:44 ----A---- C:\Windows\system32\Nlsdl.dll
2009-09-23 13:35:44 ----A---- C:\Windows\system32\msidle.dll
2009-09-23 13:35:43 ----A---- C:\Windows\system32\idndl.dll
2009-09-23 13:35:40 ----A---- C:\Windows\system32\KBDKOR.DLL
2009-09-23 13:35:40 ----A---- C:\Windows\system32\KBDJPN.DLL
2009-09-23 13:35:38 ----A---- C:\Windows\system32\vga256.dll
2009-09-23 13:35:37 ----A---- C:\Windows\system32\tsddd.dll
2009-09-23 13:35:37 ----A---- C:\Windows\system32\framebuf.dll
2009-09-23 13:35:36 ----A---- C:\Windows\system32\vga64k.dll
2009-09-23 13:35:36 ----A---- C:\Windows\system32\vga.dll
2009-09-23 13:35:35 ----A---- C:\Windows\system32\dmdskres2.dll
2009-09-23 13:35:35 ----A---- C:\Windows\system32\bootstr.dll
2009-09-23 13:35:34 ----A---- C:\Windows\system32\spwizres.dll
2009-09-23 13:35:32 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2009-09-23 13:35:30 ----A---- C:\Windows\system32\fsmgmt.msc
2009-09-23 13:35:23 ----A---- C:\Windows\system32\perfmon.msc
2009-09-23 13:33:33 ----A---- C:\Windows\system32\WpdMtp.dll
2009-09-23 13:33:00 ----A---- C:\Windows\system32\xmllite.dll
2009-09-23 13:32:56 ----A---- C:\Windows\system32\wbemcomn.dll
2009-09-23 13:32:14 ----A---- C:\Windows\system32\sqmapi.dll
2009-09-23 13:32:13 ----A---- C:\Windows\system32\SmiInstaller.dll
2009-09-23 13:29:16 ----A---- C:\Windows\system32\mspatcha.dll
2009-09-23 13:29:16 ----A---- C:\Windows\system32\msdelta.dll
2009-09-23 13:29:16 ----A---- C:\Windows\system32\dpx.dll
2009-09-23 13:00:16 ----A---- C:\Windows\system32\mshtmled.dll
2009-09-23 13:00:15 ----A---- C:\Windows\system32\msls31.dll
2009-09-23 13:00:15 ----A---- C:\Windows\system32\mshtmler.dll
2009-09-23 13:00:15 ----A---- C:\Windows\system32\icardie.dll
2009-09-23 13:00:15 ----A---- C:\Windows\system32\corpol.dll
2009-09-23 13:00:15 ----A---- C:\Windows\system32\admparse.dll
2009-09-23 13:00:14 ----A---- C:\Windows\system32\imgutil.dll
2009-09-23 13:00:14 ----A---- C:\Windows\system32\ieakeng.dll
2009-09-23 13:00:14 ----A---- C:\Windows\system32\dxtrans.dll
2009-09-23 13:00:14 ----A---- C:\Windows\system32\dxtmsft.dll
2009-09-23 13:00:13 ----A---- C:\Windows\system32\webcheck.dll
2009-09-23 13:00:13 ----A---- C:\Windows\system32\msrating.dll
2009-09-23 13:00:13 ----A---- C:\Windows\system32\licmgr10.dll
2009-09-23 13:00:13 ----A---- C:\Windows\system32\inseng.dll
2009-09-23 13:00:13 ----A---- C:\Windows\system32\ieaksie.dll
2009-09-23 13:00:12 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-09-23 13:00:12 ----A---- C:\Windows\system32\wextract.exe
2009-09-23 13:00:12 ----A---- C:\Windows\system32\mstime.dll
2009-09-23 13:00:12 ----A---- C:\Windows\system32\ieakui.dll
2009-09-23 13:00:10 ----A---- C:\Windows\system32\vbscript.dll
2009-09-23 13:00:10 ----A---- C:\Windows\system32\pngfilt.dll
2009-09-23 13:00:10 ----A---- C:\Windows\system32\ieapfltr.dll
2009-09-23 13:00:10 ----A---- C:\Windows\system32\advpack.dll
2009-09-23 13:00:09 ----A---- C:\Windows\system32\url.dll
2009-09-23 13:00:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-09-23 13:00:08 ----A---- C:\Windows\system32\mshta.exe
2009-09-23 13:00:08 ----A---- C:\Windows\system32\iexpress.exe
2009-09-23 13:00:07 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-09-23 13:00:07 ----A---- C:\Windows\system32\SetDepNx.exe
2009-09-23 13:00:07 ----A---- C:\Windows\system32\PDMSetup.exe
2009-09-23 11:31:41 ----A---- C:\Windows\system32\tzres.dll
2009-09-23 11:30:24 ----A---- C:\Windows\system32\winipsec.dll
2009-09-23 11:30:23 ----A---- C:\Windows\system32\polstore.dll
2009-09-23 11:27:16 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-23 11:27:16 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-23 11:27:16 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-23 11:27:16 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-23 11:27:16 ----A---- C:\Windows\system32\netevent.dll
2009-09-23 11:27:16 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-23 11:27:16 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-23 11:27:16 ----A---- C:\Windows\system32\finger.exe
2009-09-23 11:27:16 ----A---- C:\Windows\system32\ARP.EXE
2009-09-23 11:25:27 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-23 11:25:26 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-23 11:25:26 ----A---- C:\Windows\system32\wlansec.dll
2009-09-23 11:25:26 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-23 11:25:26 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-23 11:25:26 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-23 11:25:24 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2009-09-23 11:24:31 ----A---- C:\Windows\system32\t2embed.dll
2009-09-23 11:24:31 ----A---- C:\Windows\system32\lpk.dll
2009-09-23 11:24:31 ----A---- C:\Windows\system32\fontsub.dll
2009-09-23 11:24:31 ----A---- C:\Windows\system32\dciman32.dll
2009-09-23 11:24:31 ----A---- C:\Windows\system32\atmlib.dll
2009-09-23 11:24:31 ----A---- C:\Windows\system32\atmfd.dll
2009-09-23 11:24:01 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-23 11:24:01 ----A---- C:\Windows\system32\mfps.dll
2009-09-23 11:24:01 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-23 11:24:01 ----A---- C:\Windows\system32\mferror.dll
2009-09-23 11:24:01 ----A---- C:\Windows\system32\mf.dll
2009-09-23 11:24:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-23 11:22:25 ----A---- C:\Windows\system32\atl.dll
2009-09-23 11:18:50 ----A---- C:\Windows\system32\wkssvc.dll
2009-09-23 11:18:22 ----A---- C:\Windows\system32\tsgqec.dll
2009-09-23 11:18:22 ----A---- C:\Windows\system32\mstscax.dll
2009-09-23 11:18:22 ----A---- C:\Windows\system32\aaclient.dll
2009-09-23 11:17:24 ----A---- C:\Windows\system32\msxml3r.dll
2009-09-23 11:14:38 ----A---- C:\Windows\system32\localspl.dll
2009-09-23 11:14:22 ----A---- C:\Windows\system32\msvidc32.dll
2009-09-23 11:14:22 ----A---- C:\Windows\system32\msvfw32.dll
2009-09-23 11:14:22 ----A---- C:\Windows\system32\mciavi32.dll
2009-09-23 11:14:22 ----A---- C:\Windows\system32\avifil32.dll
2009-09-23 11:14:22 ----A---- C:\Windows\system32\avicap32.dll
2009-09-23 11:14:21 ----A---- C:\Windows\system32\msrle32.dll
2009-09-23 11:13:02 ----A---- C:\Windows\system32\wdigest.dll
2009-09-23 11:13:02 ----A---- C:\Windows\system32\secur32.dll
2009-09-23 11:13:02 ----A---- C:\Windows\system32\lsass.exe
2009-09-23 11:13:02 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-23 11:13:02 ----A---- C:\Windows\system32\kerberos.dll
2009-09-23 11:13:01 ----A---- C:\Windows\system32\schannel.dll
2009-09-23 11:11:34 ----A---- C:\Windows\system32\wmpdxm.dll
2009-09-23 11:11:32 ----A---- C:\Windows\system32\spwmp.dll
2009-09-23 11:11:32 ----A---- C:\Windows\system32\dxmasf.dll
2009-09-23 10:11:05 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-09-23 10:11:05 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-09-23 10:11:05 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-09-23 10:11:05 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-09-23 10:11:05 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-09-23 10:11:04 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-09-23 10:11:04 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-09-23 10:11:03 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-09-23 10:11:03 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-09-23 10:11:02 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-09-23 10:11:02 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-09-23 10:11:01 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-09-23 10:11:01 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-09-23 10:11:00 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-09-23 10:11:00 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-09-23 10:11:00 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-09-23 10:10:59 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-09-23 10:10:59 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-09-23 10:10:58 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-09-23 10:10:57 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-09-23 10:10:57 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-09-23 10:10:56 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-09-23 10:10:56 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-09-23 10:10:55 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-09-23 10:10:55 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-09-23 10:10:54 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-09-23 10:10:54 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-09-23 10:10:53 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-09-23 10:10:52 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-09-23 10:10:52 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-09-23 10:10:52 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-09-23 10:10:51 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-09-23 10:10:51 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-09-23 10:10:51 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-09-23 10:10:50 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-09-23 10:10:49 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-09-23 10:10:49 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-09-23 10:10:49 ----A---- C:\Windows\system32\NlsData0045.dll
2009-09-23 10:10:48 ----A---- C:\Windows\system32\NlsData0049.dll
2009-09-23 10:10:48 ----A---- C:\Windows\system32\NlsData0047.dll
2009-09-23 10:10:48 ----A---- C:\Windows\system32\NlsData0046.dll
2009-09-23 10:10:47 ----A---- C:\Windows\system32\NlsData0039.dll
2009-09-23 10:10:47 ----A---- C:\Windows\system32\NlsData0021.dll
2009-09-23 10:10:47 ----A---- C:\Windows\system32\NlsData0020.dll
2009-09-23 10:10:46 ----A---- C:\Windows\system32\NlsData0027.dll
2009-09-23 10:10:46 ----A---- C:\Windows\system32\NlsData0026.dll
2009-09-23 10:10:46 ----A---- C:\Windows\system32\NlsData0024.dll
2009-09-23 10:10:46 ----A---- C:\Windows\system32\NlsData0022.dll
2009-09-23 10:10:45 ----A---- C:\Windows\system32\NlsData0018.dll
2009-09-23 10:10:45 ----A---- C:\Windows\system32\NlsData0013.dll
2009-09-23 10:10:45 ----A---- C:\Windows\system32\NlsData0011.dll
2009-09-23 10:10:45 ----A---- C:\Windows\system32\NlsData0010.dll
2009-09-23 10:10:44 ----A---- C:\Windows\system32\NlsData0019.dll
2009-09-23 10:10:44 ----A---- C:\Windows\system32\NlsData0001.dll
2009-09-23 10:10:44 ----A---- C:\Windows\system32\NlsData0000.dll
2009-09-23 10:10:43 ----A---- C:\Windows\system32\NlsData0007.dll
2009-09-23 10:10:43 ----A---- C:\Windows\system32\NlsData0003.dll
2009-09-23 10:10:43 ----A---- C:\Windows\system32\NlsData0002.dll
2009-09-23 10:10:42 ----A---- C:\Windows\system32\NlsData004b.dll
2009-09-23 10:10:42 ----A---- C:\Windows\system32\NlsData004a.dll
2009-09-23 10:10:42 ----A---- C:\Windows\system32\NlsData0009.dll
2009-09-23 10:10:41 ----A---- C:\Windows\system32\NlsData004e.dll
2009-09-23 10:10:41 ----A---- C:\Windows\system32\NlsData004c.dll
2009-09-23 10:10:41 ----A---- C:\Windows\system32\NlsData003e.dll
2009-09-23 10:10:41 ----A---- C:\Windows\system32\NlsData002a.dll
2009-09-23 10:10:40 ----A---- C:\Windows\system32\NlsData001d.dll
2009-09-23 10:10:40 ----A---- C:\Windows\system32\NlsData001b.dll
2009-09-23 10:10:40 ----A---- C:\Windows\system32\NlsData001a.dll
2009-09-23 10:10:39 ----A---- C:\Windows\system32\NlsData000c.dll
2009-09-23 10:10:39 ----A---- C:\Windows\system32\NlsData000a.dll
2009-09-23 10:10:38 ----A---- C:\Windows\system32\NlsData0414.dll
2009-09-23 10:10:38 ----A---- C:\Windows\system32\NlsData000f.dll
2009-09-23 10:10:38 ----A---- C:\Windows\system32\NlsData000d.dll
2009-09-23 10:10:37 ----A---- C:\Windows\system32\NlsData0816.dll
2009-09-23 10:10:37 ----A---- C:\Windows\system32\NlsData0416.dll
2009-09-23 10:10:36 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-09-23 10:10:36 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-09-23 10:10:36 ----A---- C:\Windows\system32\NlsData081a.dll
2009-09-23 10:07:43 ----A---- C:\Windows\system32\kbd106n.dll
2009-09-23 09:55:25 ----A---- C:\Windows\system32\printcom.dll
2009-09-23 09:54:53 ----A---- C:\Windows\system32\wshrm.dll
2009-09-23 09:40:47 ----A---- C:\Windows\system32\netfxperf.dll
2009-09-23 09:33:23 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-23 09:33:21 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-23 09:33:21 ----A---- C:\Windows\system32\gameux.dll
2009-09-23 09:32:31 ----A---- C:\Windows\system32\INETRES.dll
2009-09-23 09:32:08 ----A---- C:\Windows\system32\rpcrt4.dll
2009-09-23 09:31:23 ----A---- C:\Windows\system32\msxml6r.dll
2009-09-23 08:12:01 ----D---- C:\Users\PHVDM\AppData\Roaming\Infineon
2009-09-23 08:11:51 ----D---- C:\Users\PHVDM\AppData\Roaming\Macromedia
2009-09-23 08:11:48 ----SHD---- C:\$RECYCLE.BIN
2009-09-23 08:10:45 ----D---- C:\Users\PHVDM\AppData\Roaming\Identities
2009-09-23 08:10:04 ----A---- C:\Windows\system32\acovcnt.exe
2009-09-23 08:10:02 ----D---- C:\Users\PHVDM\AppData\Roaming\InstallShield
2009-09-23 08:09:57 ----SD---- C:\Users\PHVDM\AppData\Roaming\Microsoft
2009-09-23 08:09:57 ----D---- C:\Users\PHVDM\AppData\Roaming\Media Center Programs
2009-09-23 08:00:24 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 2 months======

2009-11-07 23:05:09 ----D---- C:\Windows\Temp
2009-11-07 23:05:04 ----D---- C:\Windows\Prefetch
2009-11-07 23:02:49 ----RD---- C:\Program Files
2009-11-07 18:29:32 ----D---- C:\Windows\system32\drivers
2009-11-07 18:26:21 ----SHD---- C:\Boot
2009-11-07 18:26:21 ----D---- C:\Windows\system32\config
2009-11-07 18:24:33 ----D---- C:\Windows\System32
2009-11-07 18:24:23 ----D---- C:\Windows
2009-11-07 18:22:53 ----D---- C:\Windows\system32\catroot2
2009-11-06 23:42:53 ----D---- C:\ProgramData\Symantec
2009-11-06 16:27:46 ----SHD---- C:\Windows\Installer
2009-11-05 19:00:39 ----D---- C:\Windows\inf
2009-11-05 19:00:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-05 03:02:13 ----D---- C:\Windows\winsxs
2009-11-04 11:50:17 ----D---- C:\Windows\system32\catroot
2009-11-03 11:23:20 ----D---- C:\Windows\system32\NDF
2009-11-01 14:32:44 ----HD---- C:\ProgramData
2009-10-30 21:54:54 ----D---- C:\Windows\rescache
2009-10-30 21:37:36 ----D---- C:\Windows\system32\nl-NL
2009-10-29 11:55:58 ----D---- C:\Program Files\Internet Explorer
2009-10-29 11:55:19 ----D---- C:\Program Files\Windows Media Player
2009-10-26 12:47:13 ----D---- C:\Windows\system32\Tasks
2009-10-19 23:16:51 ----D---- C:\Windows\Tasks
2009-10-17 10:23:18 ----D---- C:\Windows\Debug
2009-10-16 21:00:13 ----D---- C:\Windows\system32\WDI
2009-10-15 03:01:42 ----D---- C:\Windows\Microsoft.NET
2009-10-15 02:58:26 ----RSD---- C:\Windows\assembly
2009-10-15 02:40:37 ----D---- C:\Windows\ehome
2009-10-15 02:40:37 ----D---- C:\Program Files\Windows Mail
2009-10-15 02:40:35 ----D---- C:\Windows\system32\migration
2009-10-11 16:32:56 ----D---- C:\Program Files\Common Files
2009-10-07 23:04:49 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-07 22:54:10 ----SD---- C:\ProgramData\Microsoft
2009-10-06 13:51:00 ----D---- C:\Program Files\Windows Sidebar
2009-10-04 21:57:02 ----D---- C:\Windows\system32\wbem
2009-10-04 21:56:12 ----D---- C:\Windows\system32\spool
2009-10-04 21:56:12 ----D---- C:\Windows\system32\Msdtc
2009-10-04 21:56:12 ----D---- C:\Windows\system32\CodeIntegrity
2009-10-04 21:56:10 ----D---- C:\Windows\registration
2009-10-04 21:12:55 ----RSD---- C:\Windows\Fonts
2009-10-02 22:43:41 ----D---- C:\Windows\Panther
2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe
2009-10-01 17:07:45 ----D---- C:\Windows\system32\LogFiles
2009-09-30 15:39:43 ----D---- C:\Windows\ShellNew
2009-09-30 15:32:42 ----D---- C:\Windows\system
2009-09-30 14:48:10 ----D---- C:\ProgramData\Microsoft Help
2009-09-30 12:40:50 ----SD---- C:\Windows\Downloaded Program Files
2009-09-30 12:15:56 ----D---- C:\Program Files\Common Files\System
2009-09-30 12:15:46 ----A---- C:\Windows\win.ini
2009-09-25 10:16:56 ----D---- C:\Program Files\Windows Calendar
2009-09-25 10:16:56 ----D---- C:\Program Files\Movie Maker
2009-09-25 10:16:54 ----D---- C:\Program Files\Windows Journal
2009-09-25 10:16:54 ----D---- C:\Program Files\Windows Collaboration
2009-09-25 10:16:52 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-25 10:16:49 ----D---- C:\Windows\servicing
2009-09-25 10:16:49 ----D---- C:\Program Files\Windows Defender
2009-09-25 10:16:31 ----D---- C:\Windows\system32\XPSViewer
2009-09-25 10:16:31 ----D---- C:\Windows\system32\sk-SK
2009-09-25 10:16:31 ----D---- C:\Windows\system32\lv-LV
2009-09-25 10:16:31 ----D---- C:\Windows\system32\ko-KR
2009-09-25 10:16:31 ----D---- C:\Windows\system32\hr-HR
2009-09-25 10:16:31 ----D---- C:\Windows\system32\et-EE
2009-09-25 10:16:31 ----D---- C:\Windows\system32\en-US
2009-09-25 10:16:31 ----D---- C:\Windows\system32\de-DE
2009-09-25 10:16:31 ----D---- C:\Windows\system32\da-DK
2009-09-25 10:16:31 ----D---- C:\Windows\IME
2009-09-25 10:16:30 ----D---- C:\Windows\system32\oobe
2009-09-25 10:16:30 ----D---- C:\Windows\system32\it-IT
2009-09-25 10:16:30 ----D---- C:\Windows\system32\el-GR
2009-09-25 10:16:26 ----D---- C:\Windows\system32\sv-SE
2009-09-25 10:16:26 ----D---- C:\Windows\system32\SLUI
2009-09-25 10:16:26 ----D---- C:\Windows\system32\setup
2009-09-25 10:16:26 ----D---- C:\Windows\system32\ru-RU
2009-09-25 10:16:26 ----D---- C:\Windows\system32\pt-PT
2009-09-25 10:16:26 ----D---- C:\Windows\system32\hu-HU
2009-09-25 10:16:26 ----D---- C:\Windows\system32\he-IL
2009-09-25 10:16:26 ----D---- C:\Windows\system32\fr-FR
2009-09-25 10:16:26 ----D---- C:\Windows\system32\fi-FI
2009-09-25 10:16:26 ----D---- C:\Windows\system32\cs-CZ
2009-09-25 10:16:26 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-25 10:16:23 ----D---- C:\Windows\system32\zh-CN
2009-09-25 10:16:23 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-25 10:16:23 ----D---- C:\Windows\system32\manifeststore
2009-09-25 10:16:22 ----D---- C:\Windows\system32\zh-TW
2009-09-25 10:16:22 ----D---- C:\Windows\system32\uk-UA
2009-09-25 10:16:22 ----D---- C:\Windows\system32\th-TH
2009-09-25 10:16:22 ----D---- C:\Windows\system32\sl-SI
2009-09-25 10:16:22 ----D---- C:\Windows\system32\ro-RO
2009-09-25 10:16:22 ----D---- C:\Windows\system32\pl-PL
2009-09-25 10:16:22 ----D---- C:\Windows\system32\ja-JP
2009-09-25 10:16:22 ----D---- C:\Windows\system32\es-ES
2009-09-25 10:16:22 ----D---- C:\Windows\system32\bg-BG
2009-09-25 10:16:21 ----D---- C:\Windows\system32\tr-TR
2009-09-25 10:16:20 ----D---- C:\Windows\system32\nb-NO
2009-09-25 10:16:17 ----D---- C:\Windows\system32\pt-BR
2009-09-25 10:16:17 ----D---- C:\Windows\system32\migwiz
2009-09-25 10:16:17 ----D---- C:\Windows\system32\lt-LT
2009-09-25 10:16:17 ----D---- C:\Windows\system32\ar-SA
2009-09-25 10:15:36 ----D---- C:\Windows\AppPatch
2009-09-25 10:15:28 ----D---- C:\Windows\system32\Boot
2009-09-25 10:12:51 ----D---- C:\Windows\system32\RTCOM
2009-09-23 18:25:13 ----D---- C:\Windows\Logs
2009-09-23 17:45:51 ----D---- C:\Windows\PolicyDefinitions
2009-09-23 17:36:07 ----D---- C:\Windows\system32\zh-HK
2009-09-23 15:18:06 ----ASH---- C:\Program Files\desktop.ini
2009-09-23 15:05:27 ----D---- C:\Windows\MSAgent
2009-09-23 15:05:23 ----D---- C:\Windows\L2Schemas
2009-09-23 15:05:23 ----D---- C:\Windows\DigitalLocker
2009-09-23 15:05:22 ----D---- C:\Windows\system32\com
2009-09-23 15:04:36 ----D---- C:\Windows\system32\sysprep
2009-09-23 15:04:29 ----D---- C:\Windows\system32\ias
2009-09-23 15:02:18 ----D---- C:\Windows\Boot
2009-09-23 14:35:59 ----A---- C:\Windows\system32\ifxcardm.dll
2009-09-23 14:35:53 ----A---- C:\Windows\system32\axaltocm.dll
2009-09-23 13:19:19 ----D---- C:\Program Files\Norton Internet Security
2009-09-23 12:30:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-09-23 12:17:25 ----D---- C:\Program Files\Symantec
2009-09-23 11:49:45 ----D---- C:\Windows\system32\ras
2009-09-23 11:49:45 ----D---- C:\Windows\system32\icsxml
2009-09-23 09:30:40 ----D---- C:\Windows\SoftwareDistribution
2009-09-23 08:09:56 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-09-17 371248]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-12-09 20392]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20091105.001\IDSvix86.sys [2009-08-26 272432]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-03-26 37040]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-03-26 39472]
R1 ItSDisk;ItSDisk; C:\Windows\System32\Drivers\ItSDisk.sys [2006-05-16 23496]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2007-01-23 39080]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-08-03 188080]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-02-05 11632]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\atl01v32.sys [2007-03-15 48128]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-29 140424]
R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming-filterapparaat; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091107.004\NAVENG.SYS [2009-09-17 84912]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091107.004\NAVEX15.SYS [2009-09-17 1323568]
R3 NETw4v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-04-04 7493856]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-03-06 1737984]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-08-03 12720]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-09-23 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-08-03 145968]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2009-08-03 39856]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-08-03 38448]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-08-03 26416]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-03-26 108592]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\PHVDM\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\PHVDM\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys []
S2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-11-16 15216]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilDrvI9;EraserUtilDrvI9; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [2009-09-17 102448]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [2006-11-08 15216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 SASENUM;SASENUM; \??\C:\Users\PHVDM\AppData\Local\Temp\SAS_SelfExtract\SASENUM.SYS []
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

[Jintan]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\Windows\system32\ifxtcs.exe [2007-02-22 849440]
R2 IOLO_SRV;iolo System Guard; C:\Program Files\iolo\System Mechanic\IoloSGCtrl.exe [2009-10-22 326056]
R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2009-10-20 659376]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2009-10-20 659376]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [2009-04-21 4048240]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [2009-09-29 1205760]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-09-23 1251720]
S2 gupdate1ca3d0d5096250a;Google Updateservice (gupdate1ca3d0d5096250a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-24 133104]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-10-13 49296]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-23 182768]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-03-10 94208]
S4 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
S4 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-03-26 864816]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S4 PersonalSecureDriveService;Personal Secure Drive Service; C:\Windows\system32\IfxPsdSv.exe [2007-02-22 140832]
S4 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
S4 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

-----------------EOF-----------------