In a moment of sheer brilliance I downloaded from the internet and ran a nefarious looking program I thought was something completely different. All of this of course while my computer had no virus protection. Naturally, when I open firefox now I get a multitude of pop-ups and new windows that I didn’t open containing advertisements for ebay, security shield anti-virus (that one’s a bit ironic, no?), something called MyTV and numerous other sites I want nothing to do with. I downloaded two anti-virus programs, one of which was Avast and ran several virus and Adware scans. Invariably the programs would find and delete several Trojans, worms, viruses and backdoors and Firefox would function normally for a time before the advertisements would return. I’m sure there’s just a few viruses that are somehow still present and I simply need someone to give me some garden-variety help as to how to eradicate them. Thanks!
General cleaning procedures could use:
-
Disable System Restore on Windows ME or Windows XP. System Restore cannot be disabled on Windows 9x and it’s not available in Windows 2k. After boot you can enable System Restore again.
-
Clean your temporary files. You can use CleanUp or the Windows Advanced Care features for that.
-
Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
-
It will be good if you download, install, update and run other trojan remover tools: a-squared and/or Free AVG Antispyware (trojan removers). Some users recommend SUPERantispyware or Spyware Terminator.
-
Use the immunization of SpywareBlaster or, which is better, the Windows Advanced Care features of spyware/adware cleaning and removal.
Welcome to avast forums.
Thanks!
If there is any more specific help you can give, the name of a recently deleted Trojan was Trojan.Win32.Clicker.43060
Also, most of the pop-ups I’m getting now are advertising for the other anti virus program I downloaded and paid for. That program is called “THE SHIELD ANTIVIRUS 2007.” Have you heard of this program and is it likely that it’s causing the pop-ups?
I’ve Google it but other security programs are blocking the access to its webpages, what means, bad news… seems not a good program…
Uninstall it and stick with Avast?
Sure… avast is trustable…
Okay, thanks!
Any further advice regarding repairing any damage that “The Shield” might have done?
First you need to get your computer clean.
Follow the other advices I’ve posted before. Maybe you should avoid, by now, the first one as you have installed a bad program and, maybe, you need the restore points.
Start with the second point and let’s get clean first 8)
Hi :
At this point, you still have NOT told us the Name of your Operating
System !? And nowadays MORE than an antiVIRUS program is necessary
to protect a computer and 1 or more antiSPYWARE/antiTROJAN program(s)
are recommended, such as the "trial" version of AVG Antispyware from
www.ewido.net and/or SUPERantispyware from
www.superantispyware.com ; these 2 are often recommended by
anti-malware Experts on many Support Forums.
And should have a software firewall, such as the Good & FREE Sunbelt
Kerio, Sygate or Zone Alarm, found at
www.filehippo.com/software/firewalls .
Okay, I’m on XP Home.
As far as malware protection I currently have:
Comodo firewall pro.
Windows Advanced Care
Avast 4.7
Ad-Aware SE Plus
Ad-Watch
I’ve performed several virus scans with avast, several ad-ware scans with Ad-Aware and fixed some things with windows advanced care. Although, I’ve never fully scanned my entire computer with avast. Each scan takes a long time because I have two very large hard-drives.
So, Militant Agnostic (strange login name, don’t you think…), what can we do for you now?
If you’re clean… what’s wrong?
Well the whole joke is: Militant Agnostic: “I don’t know and you don’t either!”
Anyway, my only problem right now is the fact that when I open firefox I get pop-up windows for various sites (regardless of what site I’m on and always the same five or so pop-ups), as I said before, at sporadic intervals. So, my computer evidently is not entirely clean. I know that’s terribly vague but it’s all the info I have.
It sounds like your trojan is still active.
Download Deckard’s System Scanner (DSS) to your Desktop.
[*]Close all applications and windows.
[*]Double-click on DSS.exe to run it, and follow the prompts.
[*]The scan may take a minute. When the scan is complete, a text file will open - Main.txt
Extra Note: When running DSS, some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so. Also, it may happen that your Antivirus flags DSS as suspicious. Please allow the Deckard’s System Scanner to run and don’t let your Antivirus delete it. (In this case, it may be better to temporary disable your Antivirus)
Post the main.txt from the C:\Deckard\System Scanner folder into your next reply (it will probably exceed a single post so feel free to use multiple posts).
Okay, here’s the log.
Deckard’s System Scanner v20070411.38
Run by Enter on 2007-04-21 at 15:36:59
Computer is in Normal Mode.
– System Restore --------------------------------------------------------------
Successfully created a Deckard’s System Scanner Restore Point.
– Last 5 Restore Point(s) –
52: 2007-04-21 22:37:07 UTC - RP52 - Deckard’s System Scanner Restore Point
51: 2007-04-21 01:50:45 UTC - RP51 - Installed Adobe Photoshop CS2
50: 2007-04-21 01:46:26 UTC - RP50 - Software Distribution Service 2.0
49: 2007-04-20 01:07:11 UTC - RP49 - Removed The Shield AntiVirus 2007
48: 2007-04-20 00:28:13 UTC - RP48 - Advanced WindowsCare RestorePoint
– First Restore Point –
1: 2007-04-13 18:10:58 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
– HijackThis (run as Enter.exe) -----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:37:58 PM, on 4/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\Program Files\Comodo\Firewall\cpf.exe
C:\Documents and Settings\Enter\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Enter.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {D722785A-F82D-4B0F-80B5-5585E388D97C} - C:\Program Files\Messenger\mesofip.dll
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..\Run: [Windows Defender] “C:\Program Files\Windows Defender\MSASCui.exe” -hide
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM..\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 - HKCU..\Run: [AWMON] “E:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe”
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
– File Associations -----------------------------------------------------------
.js - JSFile - shell\open\command - “C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe” “%1”
– Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 core - c:\windows\system32\drivers\core.sys
R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys
R3 ASAPIW2K - c:\windows\system32\drivers\asapiw2k.sys
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys
S3 61883 (61883 Unit Device) - c:\windows\system32\drivers\61883.sys
S3 Avc (AVC Device) - c:\windows\system32\drivers\avc.sys
S3 KLSIENET (Driver for USB Ethernet Adapter) - c:\windows\system32\drivers\usb101et.sys
S3 MSDV (Microsoft DV Camera and VCR) - c:\windows\system32\drivers\msdv.sys
S3 o1394bul - c:\docume~1\enter\locals~1\temp\o1394bul.sys (file missing)
S3 XDva002 - c:\windows\system32\xdva002.sys (file missing)
– Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
– Scheduled Tasks -------------------------------------------------------------
2007-04-21 14:41:12 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job<MPSCHE~1.JOB>
2007-04-18 16:49:34 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
– Files created between 2007-03-21 and 2007-04-21 -----------------------------
2007-04-21 14:39:15 0 d-------- C:\Documents and Settings\Enter\Application Data\Comodo
2007-04-21 14:39:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-04-21 14:32:22 51328 --a------ C:\WINDOWS\system32\drivers\inspect.sys
2007-04-21 14:32:22 75520 --a------ C:\WINDOWS\system32\drivers\cmdmon.sys
2007-04-21 14:32:22 0 d-------- C:\Program Files\Comodo
2007-04-21 14:25:42 49152 --a------ C:\WINDOWS\system32\vfind.exe
2007-04-21 14:25:42 38400 --a------ C:\WINDOWS\system32\moveex.exe
2007-04-21 14:25:42 86528 --a------ C:\WINDOWS\catchme.exe
2007-04-21 14:25:41 212480 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-04-21 14:25:41 370688 --a------ C:\WINDOWS\system32\swsc.exe
2007-04-21 14:25:41 428032 --a------ C:\WINDOWS\system32\swreg.exe
2007-04-21 13:58:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Skype
2007-04-21 13:39:06 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-04-21 10:49:33 0 d-------- C:\Program Files\Microsoft Games<MI9A48~1>
2007-04-20 19:43:48 0 d-------- C:\WINDOWS\Sun
2007-04-20 18:52:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
Systems<ADOBES~1>
2007-04-19 19:24:56 0 d-------- C:\Program Files\a-squared Free<A-SQUA~1>
2007-04-19 17:27:42 0 d-------- C:\Program Files\IObit
2007-04-19 17:18:39 687 --a------ C:\WINDOWS\VFLog.dat
2007-04-19 16:20:23 0 d-------- C:\Program Files\SDFix
2007-04-19 16:05:56 0 d-------- C:\Documents and Settings\Enter\Application Data\U3
2007-04-19 15:40:01 0 dr-h----- C:\Documents and Settings\Natalie\Application Data\SecuROM
2007-04-18 20:02:26 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-04-18 20:02:26 127208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-04-18 20:01:38 0 d-------- C:\Documents and Settings\Enter\Application Data\Apple Computer<APPLEC~1>
2007-04-18 19:45:22 0 d-------- C:\Program Files\Microsoft Works<MICROS~4>
2007-04-18 19:43:40 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-04-18 19:40:57 0 d-------- C:\WINDOWS\SHELLNEW
2007-04-18 19:40:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help<MICROS~3>
2007-04-18 19:39:53 0 dr-h----- C:\MSOCache
2007-04-18 19:32:13 0 d-------- C:\Documents and Settings\Enter\Application Data\Google
2007-04-18 19:29:58 0 d-------- C:\Program Files\Google
2007-04-18 19:14:41 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2007-04-18 19:14:32 0 d-------- C:\WINDOWS\system32\Lang
2007-04-18 19:04:50 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-18 19:04:50 23416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-18 19:04:50 26888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-18 19:04:49 94552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-18 19:04:49 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-18 19:04:46 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-18 19:04:46 733824 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-18 19:04:43 0 d-------- C:\Program Files\Alwil Software<ALWILS~1>
2007-04-18 16:55:59 0 dr-h----- C:\Documents and Settings\Enter\Application Data\SecuROM
2007-04-18 16:55:57 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-04-18 16:50:58 0 d-------- C:\Program Files\iPod
2007-04-18 16:50:56 0 d-------- C:\Program Files\iTunes
2007-04-18 16:46:33 0 d-------- C:\Program Files\Sierra
2007-04-18 15:43:26 0 d-------- C:\Documents and Settings\Enter\Application Data\Ahead
2007-04-18 15:42:43 0 d-------- C:\Documents and Settings\Enter\Application Data\uTorrent
2007-04-18 15:42:41 0 d-------- C:\Program Files\uTorrent
2007-04-18 15:32:06 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-04-18 15:30:57 0 d-------- C:\Program Files\THQ
2007-04-18 15:30:23 0 d-------- C:\Program Files\Starcraft<STARCR~1>
2007-04-18 15:29:27 0 d-------- C:\Program Files\Quake III Arena<QUAKEI~1>
2007-04-18 15:11:46 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-04-18 15:11:41 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-04-18 15:11:40 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-04-18 15:11:39 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-04-18 15:11:37 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-04-18 15:11:36 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-04-18 15:11:31 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-04-18 15:11:18 53760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-04-18 15:11:18 51328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2007-04-18 15:11:13 38912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2007-04-18 15:11:08 48128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2007-04-18 09:10:47 0 d—s---- C:\Documents and Settings\Natalie\UserData
2007-04-18 08:30:31 0 d-------- C:\Documents and Settings\Natalie\Application Data\Sun
2007-04-18 08:24:52 0 d-------- C:\Documents and Settings\Natalie\Application Data\Microsoft Games<MICROS~2>
2007-04-18 08:19:41 0 d-------- C:\Documents and Settings\Natalie\Application Data\Skype
2007-04-18 08:12:28 0 d-------- C:\Documents and Settings\Natalie\Application Data\Adobe
2007-04-17 18:35:48 0 d-------- C:\Documents and Settings\Susanne\Application Data\Adobe
2007-04-17 18:33:20 0 d-------- C:\Documents and Settings\Enter\Application Data\AdobeUM
2007-04-17 18:33:20 0 d-------- C:\Documents and Settings\Enter\Application Data\AdobeAUM
2007-04-17 18:33:06 0 d-------- C:\Documents and Settings\Enter\Application Data\Adobe
2007-04-17 18:33:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-04-17 18:16:42 0 d-------- C:\Documents and Settings\Susanne\Application Data\Talkback
2007-04-17 18:13:55 0 d-------- C:\Program Files\Steam
2007-04-17 18:06:48 0 -ra------ C:\logwmemory.bin<LOGWME~1.BIN>
2007-04-17 18:06:02 0 d-------- C:\Soldat
2007-04-17 17:35:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-04-17 17:26:10 0 d-------- C:\Program Files\proDAD
2007-04-17 17:10:01 401408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-04-17 17:10:01 466624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2007-04-17 17:10:01 194248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2007-04-17 17:09:56 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-04-17 17:09:56 44544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-04-17 17:09:54 185856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2007-04-17 17:09:53 74752 --a------ C:\WINDOWS\system32\lfgif13s.dll
2007-04-17 17:09:53 79360 --a------ C:\WINDOWS\system32\lfeps13s.dll
2007-04-17 17:09:22 184320 --a------ C:\WINDOWS\system32\RALMain.dll
2007-04-17 17:09:22 73728 --a------ C:\WINDOWS\system32\MMAviAx.dll
2007-04-17 17:09:22 32768 --a------ C:\WINDOWS\system32\MLPagAx.dll
2007-04-17 17:09:22 126976 --a------ C:\WINDOWS\system32\AVIPrAx.dll
2007-04-17 17:09:16 1013248 -----n— C:\WINDOWS\system32\Ltwvc13n.dll
2007-04-17 17:09:16 306352 -----n— C:\WINDOWS\system32\Ltrio13n.dll
2007-04-17 17:09:16 930992 -----n— C:\WINDOWS\system32\Ltr13n.dll
2007-04-17 17:09:16 453120 -----n— C:\WINDOWS\system32\ltkrn13n.dll
2007-04-17 17:09:16 153088 -----n— C:\WINDOWS\system32\ltfil13n.DLL
2007-04-17 17:09:16 2079232 -----n— C:\WINDOWS\system32\LTCLR13s.dll
2007-04-17 17:09:16 1693696 -----n— C:\WINDOWS\system32\LTCLR13n.dll
2007-04-17 17:09:16 884736 -----n— C:\WINDOWS\system32\LMUIRes.dll
2007-04-17 17:09:16 12288 -----n— C:\WINDOWS\system32\LMLRes.dll
2007-04-17 17:09:16 80896 -----n— C:\WINDOWS\system32\lfwmf13s.dll
2007-04-17 17:09:16 76800 -----n— C:\WINDOWS\system32\Lfwmf13n.dll
2007-04-17 17:09:16 167936 -----n— C:\WINDOWS\system32\lftif13s.dll
2007-04-17 17:09:16 143360 -----n— C:\WINDOWS\system32\lftif13n.dll
2007-04-17 17:09:16 64512 -----n— C:\WINDOWS\system32\lftga13s.dll
2007-04-17 17:09:16 24576 -----n— C:\WINDOWS\system32\lftga13n.dll
2007-04-17 17:09:16 110080 -----n— C:\WINDOWS\system32\lfpsd13s.dll
2007-04-17 17:09:16 65536 -----n— C:\WINDOWS\system32\lfpcx13s.dll
2007-04-17 17:09:16 105984 -----n— C:\WINDOWS\system32\lfpct13s.dll
2007-04-17 17:09:16 65536 -----n— C:\WINDOWS\system32\Lfpct13n.dll
2007-04-17 17:09:16 59904 -----n— C:\WINDOWS\system32\lfpcd13s.dll
2007-04-17 17:09:16 283648 -----n— C:\WINDOWS\system32\LFJ2K13s.dll
2007-04-17 17:09:16 278016 -----n— C:\WINDOWS\system32\LFJ2K13n.dll
2007-04-17 17:09:16 116224 -----n— C:\WINDOWS\system32\lffax13s.dll
2007-04-17 17:09:16 73728 -----n— C:\WINDOWS\system32\lffax13n.dll
2007-04-17 17:09:16 409600 -----n— C:\WINDOWS\system32\LFCMP13s.DLL
2007-04-17 17:09:16 393216 -----n— C:\WINDOWS\system32\LFCMP13n.DLL
2007-04-17 17:09:16 70144 -----n— C:\WINDOWS\system32\lfbmp13s.dll
2007-04-17 17:09:16 30208 -----n— C:\WINDOWS\system32\lfbmp13n.dll
2007-04-17 17:08:06 0 d-------- C:\WINDOWS\Cache
2007-04-17 17:02:49 0 d-------- C:\Program Files\SmartSound Software<SMARTS~1>
2007-04-17 17:02:05 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-04-17 17:02:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
Computer<APPLEC~1>
2007-04-17 17:01:39 89088 --a------ C:\WINDOWS\system32\atl71.dll
2007-04-17 17:01:39 84992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-04-17 17:01:36 138752 --a------ C:\WINDOWS\system32\mase32.dll
2007-04-17 17:01:36 57856 --a------ C:\WINDOWS\system32\masd32.dll
2007-04-17 17:01:36 136192 --a------ C:\WINDOWS\system32\mamc32.dll
2007-04-17 17:01:36 196096 --a------ C:\WINDOWS\system32\macd32.dll
2007-04-17 17:01:36 27648 --a------ C:\WINDOWS\system32\ma32.dll
2007-04-17 17:01:30 171008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys<MARVIN~1.SYS>
2007-04-17 17:01:27 41219 --a------ C:\WINDOWS\RSETPATH.exe
2007-04-17 17:00:43 0 d-------- C:\WINDOWS\Downloaded Installations<DOWNLO~2>
2007-04-17 17:00:42 344064 --a------ C:\WINDOWS\system32\MSVCR70.DLL
2007-04-17 17:00:42 487424 --a------ C:\WINDOWS\system32\MSVCP70.DLL
2007-04-17 17:00:42 54784 --a------ C:\WINDOWS\system32\MSVCI70.DLL
2007-04-17 17:00:42 1047552 --a------ C:\WINDOWS\system32\MFC71u.DLL
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll<PCLEGE~1.DLL>
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2007-04-17 17:00:41 57344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2007-04-17 17:00:41 65536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2007-04-17 17:00:41 45056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2007-04-17 17:00:41 40960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2007-04-17 17:00:41 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL
2007-04-17 17:00:41 964608 --a------ C:\WINDOWS\system32\MFC70U.DLL
2007-04-17 17:00:41 974848 --a------ C:\WINDOWS\system32\MFC70.DLL
2007-04-17 16:59:22 14165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2007-04-17 16:08:23 0 d-------- C:\Program Files\Common Files\The Shield Firewall<THESHI~1>
2007-04-17 15:57:10 0 d–hs---- C:\WINDOWS\V3JpZ2h0
2007-04-17 15:46:02 105434 --a------ C:\WINDOWS\VTTC.exe
2007-04-17 15:45:59 11264 -----n— C:\WINDOWS\system32\SPORDER.DLL
2007-04-17 15:45:58 72320 --a------ C:\WINDOWS\system32\drivers\core.sys
2007-04-17 15:45:57 0 d-------- C:\WINDOWS\system32\micro1
2007-04-17 15:45:47 2 --a------ C:\WINDOWS\system32\wtstr32.exe
2007-04-17 15:37:30 0 d-------- C:\Documents and Settings\Natalie\Application Data\Ahead
2007-04-17 15:21:17 0 d-------- C:\Documents and Settings\Natalie\Application Data\Talkback
2007-04-17 15:20:18 1310720 --ah----- C:\Documents and Settings\Natalie\NTUSER.DAT
2007-04-17 15:17:30 0 d–hs---- C:\Documents and Settings\Enter\Complete
2007-04-17 15:12:33 0 d-------- C:\Documents and Settings\Enter\Incomplete<INCOMP~1>
2007-04-17 15:12:26 0 d-------- C:\Documents and Settings\Enter.limewire<LIMEWI~1>
2007-04-17 15:11:56 0 d-------- C:\Documents and Settings\Enter\Application Data\Sun
2007-04-17 15:11:46 0 d-------- C:\Program Files\Java
2007-04-17 15:04:22 0 d-------- C:\Program Files\LimeWire
2007-04-17 14:54:34 0 d-------- C:\Program Files\Unreal Tournament<UNREAL~1>
2007-04-17 14:53:53 0 d-------- C:\Program Files\Pinnacle
2007-04-17 14:26:05 0 d—s---- C:\Documents and Settings\Susanne\UserData
2007-04-17 14:21:21 1048576 --ah----- C:\Documents and Settings\Susanne\NTUSER.DAT
2007-04-16 17:52:50 0 d-------- C:\Program Files\LucasArts<LUCASA~1>
2007-04-16 17:44:28 0 d-------- C:\Documents and Settings\Enter\Owner
2007-04-16 17:39:38 107132 --a------ C:\WINDOWS\UninstallFirefox.exe<UNINST~1.EXE>
2007-04-16 17:39:31 3438 --a------ C:\WINDOWS\mozver.dat
2007-04-16 16:53:43 5248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2007-04-16 16:53:43 160640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2007-04-16 16:53:42 0 d-------- C:\Program Files\Alcohol Soft<ALCOHO~1>
2007-04-16 16:49:04 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-16 16:36:08 0 d-------- C:\Program Files\Electronic Arts<ELECTR~1>
2007-04-16 16:26:36 0 d-------- C:\Documents and Settings\Enter\Application
Data\Greyfirst<GREYFI~1>
2007-04-16 16:03:02 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-16 16:02:32 0 d-------- C:\Documents and Settings\Enter\Application Data\Lavasoft
2007-04-16 15:51:00 0 d-------- C:\Program Files\AP Tuner<APTUNE~1>
2007-04-16 15:51:00 0 d-------- C:\Program Files\Analog Devices<ANALOG~1>
2007-04-16 15:51:00 0 d-------- C:\Program Files\Airbear Software<AIRBEA~1>
2007-04-16 15:50:59 0 d-------- C:\Program Files\AdorageI-SAL<ADORAG~2>
2007-04-16 15:49:15 0 d-------- C:\Program Files\AdorageI-GfxDatas<ADORAG~1>
2007-04-16 15:48:23 0 d-------- C:\Program Files\Adesso Systems<ADESSO~1>
2007-04-16 15:48:22 0 d-------- C:\Program Files\Ad-Aware SE Plus<AD-AWA~1>
2007-04-16 15:44:25 0 d-------- C:\Documents and Settings\Enter\Application Data\Skype
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\MSN6
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs<MOTIVE~1>
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Motive
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Games<MICROS~2>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime<QUICKT~1>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks<PURENE~1>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio<PINNAC~1>
2007-04-16 15:42:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-04-16 15:42:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc<SMARTS~1>
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint<VIEWPO~1>
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\U3
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-04-16 15:42:17 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-04-16 15:42:17 4190 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache<QTSBAN~1>
2007-04-16 15:41:45 0 d-------- C:\Program Files\CONEXANT
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\AOL
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared<ADOBES~1>
2007-04-16 15:41:30 0 d-------- C:\Program Files\Common Files\Java
2007-04-16 15:41:20 0 d-------- C:\Program Files\Common Files\Motive
2007-04-16 15:41:19 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-04-16 15:41:16 0 d-------- C:\Program Files\Common Files\Skype
2007-04-16 15:41:16 0 d-------- C:\Program Files\Common Files\Real
2007-04-16 15:40:52 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-04-16 15:40:06 0 d-------- C:\Program Files\Common Files\xing shared<XINGSH~1>
2007-04-16 15:39:30 0 d-------- C:\Potato gun<POTATO~1>
2007-04-16 15:39:30 0 d-------- C:\Picasa Exports<PICASA~1>
2007-04-16 15:39:30 0 d-------- C:\My Skype Pictures<MYSKYP~2>
2007-04-16 15:39:29 0 d-------- C:\My Skype Content<MYSKYP~1>
2007-04-16 15:39:14 0 d-------- C:\GUP
2007-04-16 15:39:03 0 d-------- C:\Gop
2007-04-16 15:38:55 0 d-------- C:\Program Files\Celtx
2007-04-16 15:38:55 0 d-------- C:\Google Earth<GOOGLE~2>
2007-04-16 15:38:52 0 d-------- C:\Google Desktop Search<GOOGLE~1>
2007-04-16 15:36:56 0 d-------- C:\Program Files\Canon
2007-04-16 15:36:54 0 d-------- C:\Program Files\Blaze Media Pro<BLAZEM~1>
2007-04-16 15:36:42 0 d-------- C:\Program Files\BitTorrent<BITTOR~1>
2007-04-16 15:36:35 0 d-------- C:\Program Files\BigFix
2007-04-16 15:36:28 0 d-------- C:\Program Files\Audacity
2007-04-16 15:36:04 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-04-16 15:30:54 25856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-16 13:30:10 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink<CYBERL~1>
2007-04-16 13:30:01 0 d-------- C:\Program Files\CyberLink<CYBERL~1>
2007-04-16 09:48:25 0 d–hs---- C:\RECYCLER
2007-04-16 09:39:19 0 d-------- C:\Program Files\Nero
2007-04-16 09:39:19 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-16 08:50:16 0 d-------- C:\Program Files\Windows Defender<WIFD1F~1>
2007-04-13 14:41:07 0 d-------- C:\Program Files\MSBuild
2007-04-13 14:38:54 0 d-------- C:\WINDOWS\system32\XPSViewer<XPSVIE~1>
2007-04-13 14:38:39 0 d-------- C:\Program Files\Reference Assemblies<REFERE~1>
2007-04-13 14:38:21 14048 -----n— C:\WINDOWS\system32\spmsg2.dll
2007-04-13 14:38:14 0 d-------- C:\9d3351bf3a8aba4264f485bbc4cf<9D3351~1>
2007-04-13 14:38:01 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-04-13 14:37:31 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-13 14:37:31 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-13 14:33:22 0 d-------- C:\WINDOWS\RegisteredPackages<REGIST~2>
2007-04-13 14:32:35 0 d-------- C:\WINDOWS\system32\URTTemp
2007-04-13 14:07:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows
Genuine Advantage<WINDOW~1>
2007-04-13 13:35:44 0 d—s---- C:\Documents and Settings\Enter\UserData
2007-04-13 13:01:09 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-04-13 12:53:54 520192 -----n— C:\WINDOWS\system32\ati2sgag.exe
2007-04-13 12:53:35 0 d-------- C:\ATI
2007-04-13 12:49:06 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-04-13 12:49:02 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-13 12:49:02 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-13 12:49:01 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-13 12:48:58 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-13 12:48:57 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-13 12:48:57 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-13 12:48:56 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-13 12:48:56 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-13 12:48:55 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-13 12:48:54 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-13 12:48:54 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-13 12:48:51 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-13 12:48:51 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-13 12:48:51 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-13 12:44:50 10528768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-04-13 12:44:50 0 d-------- C:\Program Files\Realtek AC97<REALTE~1>
2007-04-13 12:44:48 147456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-04-13 12:44:48 4025984 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2007-04-13 12:44:48 577536 --a------ C:\WINDOWS\soundman.exe
2007-04-13 12:44:48 315392 --a------ C:\WINDOWS\alcupd.exe
2007-04-13 12:44:48 217088 --a------ C:\WINDOWS\Alcrmv.exe
2007-04-13 12:44:48 0 d–h----- C:\Program Files\InstallShield Installation
Information<INSTAL~1>
2007-04-13 12:27:27 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-13 12:27:27 0 d-------- C:\WINDOWS\system32\PreInstall<PREINS~1>
2007-04-13 12:05:13 172032 --a------ C:\WINDOWS\system32\nvuide.exe
2007-04-13 12:02:30 172032 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-13 12:02:29 172032 --a------ C:\WINDOWS\system32\nvusmb.exe
2007-04-13 12:02:29 172032 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-13 12:02:27 0 d-------- C:\WINDOWS\system32\ReinstallBackups<REINST~1>
2007-04-13 12:02:27 172032 --a------ C:\WINDOWS\system32\nvugart.exe
2007-04-13 11:52:38 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-13 11:35:36 0 d-------- C:\Program Files\Setup Files<SETUPF~1>
2007-04-13 11:24:45 0 d-------- C:\Program Files\MSI
2007-04-13 11:15:08 0 d-------- C:\WINDOWS\system32\SoftwareDistribution<SOFTWA~1>
2007-04-13 11:13:53 32384 --a------ C:\WINDOWS\system32\drivers\usb101et.sys
2007-04-13 11:10:38 2621440 --ah----- C:\Documents and Settings\Enter\NTUSER.DAT
2007-04-13 11:03:36 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-13 11:03:34 0 d-------- C:\WINDOWS\Prefetch
2007-04-13 11:03:33 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-13 11:03:27 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-13 11:01:11 0 d-------- C:\WINDOWS\system32\xircom
2007-04-13 11:01:11 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-04-13 11:01:09 225280 —h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-13 11:01:01 0 d–h----- C:\WINDOWS$hf_mig$
2007-04-13 11:00:53 0 -rahs---- C:\MSDOS.SYS
2007-04-13 11:00:53 0 -rahs---- C:\IO.SYS
2007-04-13 11:00:53 0 --a------ C:\CONFIG.SYS
2007-04-13 11:00:53 95 --a------ C:\AUTOEXEC.BAT
2007-04-13 11:00:37 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-13 11:00:08 0 d–hs---- C:\Documents and Settings\All Users\DRM
2007-04-13 11:00:01 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-04-13 11:00:01 0 d—s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-04-13 10:59:53 0 d–h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-04-13 10:59:40 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-13 10:59:25 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-13 10:59:18 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-13 10:59:17 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-13 10:59:15 0 d—s---- C:\WINDOWS\Tasks
2007-04-13 10:59:15 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-13 10:59:14 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-13 10:59:12 0 d-------- C:\WINDOWS\srchasst
2007-04-13 10:59:11 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-13 10:59:09 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-13 10:59:09 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-04-13 10:59:09 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-13 10:59:09 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-13 10:59:09 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-13 10:59:09 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-13 10:59:09 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-13 10:59:09 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-13 10:59:09 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-13 10:59:09 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-13 10:59:09 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-13 10:59:09 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-13 10:59:08 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-13 10:59:06 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-04-13 10:59:03 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-13 10:59:03 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-13 10:59:03 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-13 10:59:03 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-13 10:59:01 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-04-13 10:59:01 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-13 10:59:01 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-13 10:59:00 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-13 10:59:00 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-13 10:59:00 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-13 10:59:00 0 d-------- C:\WINDOWS\system32\Restore
2007-04-13 10:59:00 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-13 10:59:00 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-13 10:59:00 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-13 10:59:00 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-13 10:59:00 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-13 10:58:59 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-13 10:58:59 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-13 10:58:57 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-13 10:58:57 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-13 10:58:57 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-13 10:58:57 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-13 10:58:55 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-13 10:58:55 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-13 10:58:55 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-13 10:58:55 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-13 10:58:55 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-13 10:58:55 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-13 10:58:55 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-13 10:58:47 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-04-13 10:58:37 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-04-13 10:58:16 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-04-13 10:58:13 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-13 10:58:10 5632 --a------ C:\WINDOWS\system32\write.exe
2007-04-13 10:58:10 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-04-13 10:58:03 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-13 10:58:03 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-13 10:58:03 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-13 10:58:03 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-13 10:58:03 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-13 10:58:02 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-13 10:57:58 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-13 10:57:57 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-13 10:57:57 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-13 10:57:57 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-13 10:57:57 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-13 10:57:57 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-13 10:57:57 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-13 10:57:56 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-13 10:57:56 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-13 10:57:56 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-13 10:57:56 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-13 10:57:56 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-13 10:57:56 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-13 10:57:56 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-13 10:57:56 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-13 10:57:56 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-13 10:57:56 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-13 10:57:56 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-13 10:57:56 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-13 10:57:55 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-13 10:57:55 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-13 10:57:55 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-13 10:57:55 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-13 10:57:55 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-13 10:57:55 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-13 10:57:54 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-13 10:57:54 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-13 10:57:43 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-13 10:57:43 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-13 10:57:43 347136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-13 10:57:43 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-13 10:57:42 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-13 10:57:42 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-13 10:57:42 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-13 10:57:42 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-13 10:57:42 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-13 10:57:42 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-13 10:57:42 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-04-13 10:57:41 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-13 10:57:41 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-13 10:57:41 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-13 10:57:41 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-13 10:57:41 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-13 10:57:41 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-13 10:57:41 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-13 10:57:41 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-13 10:57:41 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-13 10:57:41 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-13 10:57:41 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-13 10:57:41 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-13 10:57:41 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-13 10:57:40 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-13 10:57:40 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-13 10:57:40 91136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-13 10:57:40 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-13 10:57:40 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-13 10:57:40 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-13 10:57:40 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-13 10:57:40 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-13 10:57:40 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-13 10:57:39 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-13 10:57:39 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-13 10:57:39 0 d-------- C:\WINDOWS\system32\Com
2007-04-13 10:57:39 60416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-13 10:57:39 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-13 10:57:39 625152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-13 10:57:39 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-13 10:57:39 225792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-13 10:57:38 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-13 10:57:38 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-13 10:57:38 498688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-13 10:57:34 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-13 10:57:34 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-13 10:57:34 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-13 10:57:34 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-13 10:57:29 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-13 10:57:29 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-13 03:47:26 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys