PDA

View Full Version : Help needed ... to remove malware



furqan
2009-05-26, 10:37
Hi n salam

please help me guyz ...

i think there is a virus on my pc ...

i have downloaded and run RSIT and here is the logss ;;;


Info ::::

info.txt logfile of random's system information tool 1.06 2009-05-26 12:20:10

======Uninstall list======

-->D:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->D:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->D:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->D:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->D:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->D:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only)-->D:\Program Files\AC3Filter\uninstall.exe
Adobe Flash Player 10 ActiveX-->D:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 6.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
CoreVorbis Audio Decoder (remove only)-->"D:\WINDOWS\System32\CoreVorbis-uninstall.exe"
Counter-Strike 1.0-->D:\Program Files\Counter-Strike\Uninst.exe
Direct Show Ogg Vorbis Filter (remove only)-->"D:\WINDOWS\System32\OggDSuninst.exe"
DivX Player-->D:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Pro Trial-->D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Easy Wireless Net-->D:\Program Files\Easy Wireless Net\uninstall.exe
Google Toolbar for Internet Explorer-->regsvr32 /u /s "d:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"D:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 7.0-->D:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software-->D:\Program Files\HP\Digital Imaging\{D1AE6D4D-C37A-487d-83D8-C333125B2459}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Morgan Stream Switcher-->"D:\Program Files\Morgan\mmswitch\uninst.exe"
Nero 7 Essentials-->MsiExec.exe /X{2A8C5C0E-DC54-46BF-92AE-A062C63A1033}
NOD32 antivirus system-->D:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX-->"D:\Program Files\Eset\unins000.exe"
PCI SoftV92 Modem-->D:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1\HXFSETUP.EXE -U -IPSCRCTR5K.INF
PIMS & File Manager-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{3F340FE0-E93E-4A53-B5E4-19ED2648FCAE}\Setup.exe" -l0x9
Prevx 3.0-->"D:\Program Files\Prevx\prevx.exe" /prop UNINSTALL=Y
QuickTime-->D:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1033
Security Update for Windows Media Player (KB911564)-->"D:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 8 (KB917734)-->"D:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"D:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"D:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"D:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"D:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"D:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"D:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"D:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"D:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"D:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"D:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"D:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"D:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905495)-->"D:\WINDOWS\$NtUninstallKB905495$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"D:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"D:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"D:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"D:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"D:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"D:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"D:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"D:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917422)-->"D:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"D:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"D:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"D:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"D:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"D:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921398)-->"D:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921883)-->"D:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922616)-->"D:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"D:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"D:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"D:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
SoundMAX-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Ulead VideoStudio 10-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{E188D820-1218-4E28-8BCA-91134C3664C2}\setup.exe" -l0x9
Update for Windows XP (KB835409)-->"D:\WINDOWS\$NtUninstallKB835409$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"D:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"D:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"D:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"D:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Windows Driver Package - AnyDATA Corporated (adusbser) Modem (09/21/2006 2.0.3.2)-->D:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u D:\WINDOWS\System32\DRVSTORE\admdm_2B91C5C8A844D0122F45E119BCF9B5CCAA4670E3\admdm.inf
Windows Driver Package - AnyDATA Corporation (adusbser) Ports (09/21/2006 2.0.3.2)-->D:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u D:\WINDOWS\System32\DRVSTORE\adser_E537679B106B33AA2D33CB408B4DA0F8150899D2\adser.inf
Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Hotfix - KB822603-->D:\WINDOWS\$NtUninstallKB822603$\spuninst\spuninst.exe
Windows XP Hotfix - KB842773-->D:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339-->D:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->D:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->D:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->D:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB892944-->"D:\WINDOWS\$NtUninstallKB892944$\spuninst\spuninst.exe"
Windows XP Hotfix - KB911567-->"D:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe"
Windows XP Hotfix - KB918439-->"D:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\spuninst.exe"
Windows XP Hotfix - KB918899-->"D:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe"
Windows XP Hotfix - KB925486-->"D:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe"
WinRAR archiver-->D:\Program Files\WinRAR\uninstall.exe
XviD MPEG-4 Video Codec-->"D:\Program Files\XviD\unins000.exe"

======System event log======

Computer Name: SUN-2NOU13GR9UW
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 741
Source Name: Cdrom
Time Written: 20090517194256.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 740
Source Name: Cdrom
Time Written: 20090517194250.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 739
Source Name: Cdrom
Time Written: 20090517194243.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 738
Source Name: Cdrom
Time Written: 20090517194236.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 737
Source Name: Cdrom
Time Written: 20090517194230.000000+300
Event Type: warning
User:

=====Application event log=====

Computer Name: SUN-2NOU13GR9UW
Event Code: 1015
Message: Failed to connect to server. Error: 0x800401F0

Record Number: 31
Source Name: MsiInstaller
Time Written: 20090516102201.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 1015
Message: Failed to connect to server. Error: 0x800401F0

Record Number: 29
Source Name: MsiInstaller
Time Written: 20090516102150.000000+300
Event Type: warning
User:

Computer Name: SUN-2NOU13GR9UW
Event Code: 63
Message: A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 25
Source Name: WinMgmt
Time Written: 20090516094812.000000+300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: SUN-2NOU13GR9UW
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



Record Number: 24
Source Name: Userenv
Time Written: 20090516094118.000000+300
Event Type: warning
User: SUN-2NOU13GR9UW\furqan

Computer Name: SUN-2NOU13GR9UW
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



Record Number: 23
Source Name: Userenv
Time Written: 20090515152719.000000+300
Event Type: warning
User: SUN-2NOU13GR9UW\furqan

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\Program Files\QuickTime\QTSystem\;D:\Program Files\Common Files\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=D:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=D:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------





Log ::::

Logfile of random's system information tool 1.06 (written by random/random)
Run by furqan at 2009-05-26 12:18:32
Microsoft Windows XP Professional Service Pack 1
System drive D: has 4 GB (43%) free of 10 GB
Total RAM: 255 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:05 PM, on 5/26/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\System32\HPZipm12.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Eset\nod32kui.exe
D:\WINDOWS\System32\logon.exe
D:\WINDOWS\System32\explorer.exe
D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\System32\WISPTIS.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Prevx\prevx.exe
D:\Program Files\Prevx\prevx.exe
D:\Documents and Settings\furqan\Desktop\RSIT.exe
D:\Program Files\trend micro\furqan.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Microsoft Internet Explorer] D:\WINDOWS\System32\iexplore.exe
O4 - HKLM\..\Run: [Windows Logon Application] D:\WINDOWS\System32\logon.exe
O4 - HKLM\..\Run: [Windows Explorer] D:\WINDOWS\System32\explorer.exe
O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UVS10 Preload] D:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKCU\..\Run: [furqan] D:\Documents and Settings\furqan\furqan.exe /i
O4 - HKCU\..\Run: [] D:\WINDOWS\system32\config\systemprofile\.exe /i
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242462293703
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F118176-9751-4B9B-8369-2E3045C2C68D}: NameServer = 203.81.204.2 203.81.204.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F118176-9751-4B9B-8369-2E3045C2C68D}: NameServer = 203.81.204.2 203.81.204.23
O23 - Service: CSIScanner - Prevx - D:\Program Files\Prevx\prevx.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5085 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - d:\program files\google\googletoolbar2.dll [2008-04-21 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2009-05-22 325048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - D:\WINDOWS\System32\msdxm.ocx [2002-08-29 842268]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - d:\program files\google\googletoolbar2.dll [2008-04-21 2549368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=D:\Program Files\Eset\nod32kui.exe [2009-05-15 949376]
"Microsoft Internet Explorer"=D:\WINDOWS\System32\iexplore.exe []
"Windows Logon Application"=D:\WINDOWS\System32\logon.exe [2002-08-29 60416]
"Windows Explorer"=D:\WINDOWS\System32\explorer.exe [2002-08-29 56320]
"SiSUSBRG"=D:\WINDOWS\SiSUSBrg.exe [2002-07-12 106496]
"Smapp"=D:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2009-05-20 155648]
"UVS10 Preload"=D:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"furqan"=D:\Documents and Settings\furqan\furqan.exe /i []
""=D:\WINDOWS\system32\config\system [2009-05-26 3932160]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2004-11-15 1670144]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-22 68856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\WINDOWS\System32\qdhlzrps.exe"="D:\WINDOWS\System32\qdhlzrps.exe:*:Enabled:Ultimate Tool"
"D:\WINDOWS\System32\hyyh.exe"="D:\WINDOWS\System32\hyyh.exe:*:Enabled:Ultimate Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23c3820d-4552-11de-8301-0015f2c168ec}]
shell\AutoRun\command - H:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{276e52e6-45e5-11de-8303-0015f2c168ec}]
shell\AutoRun\command - H:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a05e771e-41e0-11de-82eb-0015f2c168ec}]
shell\AutoRun\command - H:\Launcher.exe


======List of files/folders created in the last 1 months======

2009-05-26 12:18:35 ----D---- D:\Program Files\trend micro
2009-05-26 12:18:32 ----D---- D:\rsit
2009-05-26 12:02:23 ----D---- D:\Program Files\Prevx
2009-05-26 12:02:20 ----D---- D:\Documents and Settings\All Users\Application Data\PrevxCSI
2009-05-26 12:02:19 ----A---- D:\WINDOWS\wininit.ini
2009-05-26 11:02:33 ----D---- D:\Documents and Settings\furqan\Application Data\AdobeUM
2009-05-26 10:30:31 ----D---- D:\WINDOWS\Cache
2009-05-25 19:42:54 ----A---- D:\WINDOWS\System32\msexch35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\VBAR332.DLL
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msxbse35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\mstext35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msrpfs35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msrepl35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msrd2x35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\mspdox35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msltus35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msjt4jlt.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msjet35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\msexcl35.dll
2009-05-25 19:42:53 ----A---- D:\WINDOWS\System32\JETCOMP.exe
2009-05-25 19:42:52 ----A---- D:\WINDOWS\System32\msjter35.dll
2009-05-25 19:42:52 ----A---- D:\WINDOWS\System32\msjint35.dll
2009-05-25 19:42:44 ----D---- D:\Program Files\Samsung
2009-05-25 14:30:53 ----A---- D:\WINDOWS\System32\fgadqwa.bat
2009-05-25 14:30:01 ----A---- D:\WINDOWS\System32\oovq.exe
2009-05-25 14:27:52 ----A---- D:\WINDOWS\System32\isszdgdf.exe
2009-05-24 00:08:25 ----D---- D:\Documents and Settings\furqan\Application Data\dvdcss
2009-05-24 00:07:56 ----A---- D:\WINDOWS\System32\WNASPI32.DLL
2009-05-24 00:07:23 ----D---- D:\Program Files\Xilisoft
2009-05-23 13:07:41 ----D---- D:\Documents and Settings\furqan\Application Data\Google
2009-05-23 13:00:01 ----HDC---- D:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$
2009-05-23 12:58:59 ----HDC---- D:\WINDOWS\$NtUninstallKB913580$
2009-05-23 12:45:55 ----D---- D:\Program Files\MSN
2009-05-23 12:45:07 ----D---- D:\Program Files\XviD
2009-05-23 11:41:32 ----D---- D:\Program Files\ffdshow
2009-05-23 11:39:57 ----D---- D:\Program Files\XviD(2)
2009-05-23 09:58:51 ----D---- D:\Program Files\Common Files\Real
2009-05-23 09:58:21 ----D---- D:\Documents and Settings\furqan\Application Data\Real
2009-05-23 04:20:15 ----HDC---- D:\WINDOWS\$NtUninstallKB899587$
2009-05-23 04:18:48 ----HDC---- D:\WINDOWS\$NtUninstallKB922819$
2009-05-23 04:17:39 ----HDC---- D:\WINDOWS\$NtUninstallKB885836$
2009-05-23 04:16:37 ----HDC---- D:\WINDOWS\$NtUninstallKB923414$
2009-05-23 04:15:38 ----HDC---- D:\WINDOWS\$NtUninstallKB921883$
2009-05-23 04:14:25 ----HDC---- D:\WINDOWS\$NtUninstallKB911927$
2009-05-23 04:13:22 ----HDC---- D:\WINDOWS\$NtUninstallKB922616$
2009-05-23 04:12:09 ----HDC---- D:\WINDOWS\$NtUninstallKB901017$
2009-05-23 04:08:44 ----HDC---- D:\WINDOWS\$NtUninstallKB920685$
2009-05-23 03:58:14 ----HDC---- D:\WINDOWS\$NtUninstallKB896424$
2009-05-23 03:43:41 ----HDC---- D:\WINDOWS\$NtUninstallKB891781$
2009-05-23 03:37:24 ----HDC---- D:\WINDOWS\$NtUninstallKB901214$
2009-05-23 03:26:59 ----HDC---- D:\WINDOWS\$NtUninstallKB912919$
2009-05-23 03:22:25 ----HDC---- D:\WINDOWS\$NtUninstallKB908531$
2009-05-23 03:14:26 ----HDC---- D:\WINDOWS\$NtUninstallKB905749$
2009-05-23 03:07:32 ----HDC---- D:\WINDOWS\$NtUninstallKB896428$
2009-05-23 03:02:19 ----HDC---- D:\WINDOWS\$NtUninstallKB908519$
2009-05-23 02:48:30 ----D---- D:\Program Files\Real
2009-05-23 02:47:36 ----D---- D:\Program Files\Windows Live Toolbar
2009-05-23 02:44:20 ----D---- D:\Program Files\MSN Messenger
2009-05-22 15:29:26 ----D---- D:\Documents and Settings\All Users\Application Data\Google
2009-05-22 12:32:44 ----A---- D:\WINDOWS\System32\kchb.bat
2009-05-22 12:19:09 ----A---- D:\WINDOWS\System32\szfaln.exe
2009-05-22 11:53:47 ----A---- D:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502) #5.txt
2009-05-22 03:26:19 ----HDC---- D:\WINDOWS\$NtUninstallKB899591$
2009-05-22 03:25:23 ----HDC---- D:\WINDOWS\$NtUninstallKB893756$
2009-05-22 03:24:29 ----HDC---- D:\WINDOWS\$NtUninstallKB911280$
2009-05-22 03:23:24 ----HDC---- D:\WINDOWS\$NtUninstallKB911562$
2009-05-22 03:22:30 ----HDC---- D:\WINDOWS\$NtUninstallKB896423$
2009-05-22 03:21:38 ----HDC---- D:\WINDOWS\$NtUninstallKB873339$
2009-05-22 03:20:51 ----HDC---- D:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$
2009-05-22 03:19:51 ----HDC---- D:\WINDOWS\$NtUninstallKB921398$
2009-05-22 03:19:06 ----HDC---- D:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$
2009-05-22 03:18:25 ----HDC---- D:\WINDOWS\$NtUninstallKB910437$
2009-05-22 03:17:36 ----HDC---- D:\WINDOWS\$NtUninstallKB905495$
2009-05-22 03:15:54 ----HDC---- D:\WINDOWS\$NtUninstallKB911564$
2009-05-22 03:14:22 ----HDC---- D:\WINDOWS\$NtUninstallKB902400$
2009-05-22 03:13:37 ----HDC---- D:\WINDOWS\$NtUninstallKB920670$
2009-05-22 03:11:36 ----HDC---- D:\WINDOWS\$NtUninstallKB890046$
2009-05-22 03:09:45 ----HDC---- D:\WINDOWS\$NtUninstallKB919007$
2009-05-22 03:08:41 ----HDC---- D:\WINDOWS\$NtUninstallKB914388$
2009-05-22 03:08:07 ----HDC---- D:\WINDOWS\$NtUninstallKB905414$
2009-05-22 03:07:32 ----HDC---- D:\WINDOWS\$NtUninstallKB917953$
2009-05-22 03:06:38 ----HDC---- D:\WINDOWS\$NtUninstallKB917734_WMP8$
2009-05-22 03:05:25 ----HDC---- D:\WINDOWS\$NtUninstallKB923191$
2009-05-22 03:04:53 ----HDC---- D:\WINDOWS\$NtUninstallKB917422$
2009-05-22 03:04:22 ----HDC---- D:\WINDOWS\$NtUninstallKB892944$
2009-05-22 03:03:50 ----HDC---- D:\WINDOWS\$NtUninstallKB888302$
2009-05-22 03:03:08 ----HDC---- D:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$
2009-05-22 03:02:38 ----HDC---- D:\WINDOWS\$NtUninstallKB904706$
2009-05-22 03:02:05 ----HDC---- D:\WINDOWS\$NtUninstallKB835409$
2009-05-22 03:01:30 ----HDC---- D:\WINDOWS\$NtUninstallKB920683$
2009-05-22 03:00:41 ----HDC---- D:\WINDOWS\$NtUninstallKB914389$
2009-05-21 14:54:47 ----A---- D:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502) #4.txt
2009-05-21 13:30:11 ----D---- D:\WINDOWS\Minidump
2009-05-21 11:20:42 ----A---- D:\WINDOWS\System32\esent.dll
2009-05-21 10:28:43 ----D---- D:\Documents and Settings\furqan\Application Data\Apple Computer
2009-05-21 10:27:06 ----A---- D:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502) #3.txt
2009-05-20 20:21:56 ----D---- D:\Program Files\Common Files\Adobe
2009-05-20 20:21:55 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
2009-05-20 20:21:40 ----D---- D:\Program Files\Adobe
2009-05-20 16:41:10 ----D---- D:\Documents and Settings\furqan\Application Data\Ulead Systems
2009-05-20 16:33:15 ----D---- D:\Documents and Settings\All Users\Application Data\InstallShield
2009-05-20 16:32:01 ----D---- D:\Program Files\Windows Media Components
2009-05-20 16:30:50 ----D---- D:\Program Files\QuickTime
2009-05-20 16:29:22 ----D---- D:\Documents and Settings\All Users\Application Data\Apple Computer
2009-05-20 16:26:05 ----D---- D:\Program Files\Common Files\Ulead Systems
2009-05-20 16:26:03 ----D---- D:\Program Files\Ulead Systems
2009-05-20 16:26:03 ----D---- D:\Documents and Settings\All Users\Application Data\Ulead Systems
2009-05-20 15:09:26 ----AH---- D:\WINDOWS\System32\pvobrdg.exe
2009-05-20 14:58:07 ----A---- D:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502) #2.txt
2009-05-19 23:10:25 ----D---- D:\Documents and Settings\furqan\Application Data\MSN6
2009-05-19 23:10:25 ----D---- D:\Documents and Settings\All Users\Application Data\MSN6
2009-05-19 10:03:02 ----A---- D:\WINDOWS\System32\eheon.exe
2009-05-17 19:50:43 ----D---- D:\EA_SPORT
2009-05-17 19:48:56 ----A---- D:\WINDOWS\System32\BASSMOD.dll
2009-05-17 19:35:57 ----D---- D:\Program Files\EA_SPORT
2009-05-16 18:14:19 ----A---- D:\WINDOWS\NeroDigital.ini
2009-05-16 18:03:54 ----D---- D:\Documents and Settings\furqan\Application Data\Ahead
2009-05-16 17:59:23 ----D---- D:\Documents and Settings\All Users\Application Data\Nero
2009-05-16 17:59:22 ----D---- D:\Program Files\Nero
2009-05-16 17:59:22 ----D---- D:\Program Files\Common Files\Ahead
2009-05-16 17:57:04 ----D---- D:\WINDOWS\RegisteredPackages
2009-05-16 15:27:20 ----A---- D:\WINDOWS\System32\ksuser.dll
2009-05-16 15:27:02 ----A---- D:\WINDOWS\System32\wdmioctl.dll
2009-05-16 15:27:01 ----A---- D:\WINDOWS\System32\SMMedia.dll
2009-05-16 15:26:59 ----A---- D:\WINDOWS\SynthCoreA.Dll
2009-05-16 15:26:58 ----A---- D:\WINDOWS\SynCor.exe
2009-05-16 15:26:54 ----A---- D:\WINDOWS\System32\SynthCore11Resources.dll
2009-05-16 15:26:54 ----A---- D:\WINDOWS\System32\Syncor11.dll
2009-05-16 15:26:54 ----A---- D:\WINDOWS\System32\S11thk32.dll
2009-05-16 15:26:52 ----D---- D:\WINDOWS\VirtualEar
2009-05-16 15:26:51 ----A---- D:\WINDOWS\System32\virtear.dll
2009-05-16 15:26:51 ----A---- D:\WINDOWS\System32\Audio3d.dll
2009-05-16 15:26:49 ----A---- D:\WINDOWS\System32\a3d.dll
2009-05-16 15:26:47 ----D---- D:\Program Files\Analog Devices
2009-05-16 15:26:47 ----A---- D:\WINDOWS\System32\CleanUp.exe
2009-05-16 15:26:46 ----A---- D:\WINDOWS\System32\DSndUp.exe
2009-05-16 15:26:45 ----HD---- D:\Program Files\InstallShield Installation Information
2009-05-16 15:26:45 ----A---- D:\WINDOWS\System32\msssc.dll
2009-05-16 15:13:09 ----A---- D:\WINDOWS\SIS_LIB.DLL
2009-05-16 15:13:08 ----A---- D:\WINDOWS\SiSUSBrg.exe
2009-05-16 15:13:00 ----D---- D:\WINDOWS\System32\ReinstallBackups
2009-05-16 15:11:20 ----A---- D:\WINDOWS\Ascd_tmp.ini
2009-05-16 15:04:46 ----A---- D:\WINDOWS\System32\CoreVorbis-uninstall.exe
2009-05-16 15:04:20 ----A---- D:\WINDOWS\System32\OggDSuninst.exe
2009-05-16 15:02:41 ----A---- D:\WINDOWS\System32\MMSwitch.dll
2009-05-16 15:02:41 ----A---- D:\WINDOWS\System32\MMAVILNG.exe
2009-05-16 15:02:40 ----D---- D:\Program Files\Morgan
2009-05-16 15:02:34 ----D---- D:\Program Files\AC3Filter
2009-05-16 14:59:22 ----D---- D:\Program Files\Google
2009-05-16 14:57:32 ----D---- D:\Program Files\DivX
2009-05-16 14:17:30 ----D---- D:\WINDOWS\System32\PreInstall
2009-05-16 14:16:57 ----A---- D:\WINDOWS\System32\spupdsvc.exe
2009-05-16 14:16:50 ----HDC---- D:\WINDOWS\$NtUninstallKB898461$
2009-05-16 14:16:50 ----HD---- D:\WINDOWS\$hf_mig$
2009-05-16 14:13:54 ----HDC---- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-05-16 14:12:53 ----D---- D:\WINDOWS\System32\bits
2009-05-16 14:11:00 ----HDC---- D:\WINDOWS\$NtUninstallKB842773$
2009-05-16 13:36:53 ----N---- D:\WINDOWS\System32\bitsprx3.dll
2009-05-16 13:36:53 ----N---- D:\WINDOWS\System32\bitsprx2.dll
2009-05-16 13:36:53 ----A---- D:\WINDOWS\System32\winhttp.dll
2009-05-16 13:36:53 ----A---- D:\WINDOWS\System32\qmgrprxy.dll
2009-05-16 13:30:57 ----A---- D:\WINDOWS\System32\wups2.dll
2009-05-16 13:30:57 ----A---- D:\WINDOWS\System32\wups.dll
2009-05-16 13:30:56 ----A---- D:\WINDOWS\System32\wucltui.dll.mui
2009-05-16 13:30:54 ----A---- D:\WINDOWS\System32\wucltui.dll
2009-05-16 13:30:54 ----A---- D:\WINDOWS\System32\wuaueng.dll.mui
2009-05-16 13:30:50 ----A---- D:\WINDOWS\System32\wuapi.dll.mui
2009-05-16 13:30:50 ----A---- D:\WINDOWS\System32\wuapi.dll
2009-05-16 13:26:11 ----D---- D:\WINDOWS\SoftwareDistribution
2009-05-16 11:39:47 ----D---- D:\Documents and Settings\furqan\Application Data\Macromedia
2009-05-16 11:39:47 ----D---- D:\Documents and Settings\furqan\Application Data\Adobe
2009-05-16 11:35:00 ----A---- D:\WINDOWS\System32\nuhw.bat
2009-05-16 11:26:48 ----A---- D:\WINDOWS\System32\HPZipm12.exe
2009-05-16 11:16:37 ----A---- D:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6502).txt
2009-05-16 11:16:22 ----A---- D:\WINDOWS\red_dialer.ini
2009-05-16 11:13:33 ----D---- D:\Program Files\DIFX
2009-05-16 11:13:30 ----DC---- D:\WINDOWS\System32\DRVSTORE
2009-05-16 11:13:23 ----D---- D:\Program Files\Easy Wireless Net
2009-05-16 10:51:45 ----RSD---- D:\WINDOWS\assembly
2009-05-16 10:51:42 ----D---- D:\WINDOWS\Microsoft.NET
2009-05-16 10:51:40 ----D---- D:\WINDOWS\System32\URTTemp
2009-05-16 10:35:32 ----D---- D:\Program Files\Common Files\InstallShield
2009-05-16 10:21:13 ----A---- D:\WINDOWS\System32\hpzll4pi.dll
2009-05-16 10:20:31 ----A---- D:\WINDOWS\System32\HPZisn12.dll
2009-05-16 10:20:31 ----A---- D:\WINDOWS\System32\HPZipt12.dll
2009-05-16 10:20:31 ----A---- D:\WINDOWS\System32\HPZipr12.dll
2009-05-16 10:20:30 ----A---- D:\WINDOWS\System32\HPZinw12.exe
2009-05-16 10:20:30 ----A---- D:\WINDOWS\System32\HPZidr12.dll
2009-05-16 10:20:29 ----A---- D:\WINDOWS\IsUninst.exe
2009-05-16 10:19:44 ----N---- D:\WINDOWS\System32\spmsg.dll
2009-05-16 10:19:34 ----HDC---- D:\WINDOWS\$NtUninstallKB822603$
2009-05-16 10:18:27 ----HD---- D:\Config.Msi
2009-05-16 10:18:18 ----D---- D:\Program Files\HP
2009-05-16 10:15:33 ----A---- D:\WINDOWS\System32\hpzids01.dll
2009-05-16 09:54:02 ----A---- D:\WINDOWS\ModemLog_PCI SoftV92 Modem.txt
2009-05-16 09:52:05 ----D---- D:\Program Files\CONEXANT
2009-05-16 09:49:21 ----A---- D:\WINDOWS\ODBC.INI
2009-05-16 09:49:15 ----A---- D:\WINDOWS\System32\mdimon.dll
2009-05-16 09:47:43 ----D---- D:\Program Files\Microsoft.NET
2009-05-16 09:47:31 ----D---- D:\Program Files\Microsoft ActiveSync
2009-05-16 09:46:54 ----D---- D:\Program Files\Common Files\DESIGNER
2009-05-16 09:46:25 ----D---- D:\WINDOWS\SHELLNEW
2009-05-16 09:46:17 ----D---- D:\Program Files\Microsoft Office
2009-05-15 19:31:54 ----A---- D:\WINDOWS\System32\h323log.txt
2009-05-15 19:29:06 ----A---- D:\WINDOWS\System32\nv4_disp.dll
2009-05-15 19:28:45 ----A---- D:\WINDOWS\System32\usbui.dll
2009-05-15 19:27:48 ----A---- D:\WINDOWS\imsins.BAK
2009-05-15 19:27:44 ----A---- D:\WINDOWS\System32\PerfStringBackup.INI
2009-05-15 19:27:43 ----D---- D:\Program Files\Common Files\ODBC
2009-05-15 19:27:43 ----A---- D:\WINDOWS\ODBCINST.INI
2009-05-15 19:27:39 ----D---- D:\Program Files\Common Files\SpeechEngines
2009-05-15 19:27:38 ----RD---- D:\Program Files
2009-05-15 19:27:38 ----D---- D:\Program Files\Common Files\Microsoft Shared
2009-05-15 19:27:38 ----D---- D:\Program Files\Common Files
2009-05-15 19:27:35 ----RA---- D:\WINDOWS\System32\kbdtuq.dll
2009-05-15 19:27:35 ----RA---- D:\WINDOWS\System32\kbdtuf.dll
2009-05-15 19:27:35 ----RA---- D:\WINDOWS\System32\kbdazel.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdycc.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbduzb.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdur.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdtat.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdru1.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdru.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdmon.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdkyr.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdkaz.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdbu.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdblr.dll
2009-05-15 19:27:33 ----RA---- D:\WINDOWS\System32\kbdaze.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhept.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhela3.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhela2.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhe319.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhe220.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdhe.dll
2009-05-15 19:27:30 ----RA---- D:\WINDOWS\System32\kbdgkl.dll
2009-05-15 19:27:29 ----RA---- D:\WINDOWS\System32\kbdlv1.dll
2009-05-15 19:27:29 ----RA---- D:\WINDOWS\System32\kbdlv.dll
2009-05-15 19:27:29 ----RA---- D:\WINDOWS\System32\kbdlt1.dll
2009-05-15 19:27:29 ----RA---- D:\WINDOWS\System32\kbdlt.dll
2009-05-15 19:27:29 ----RA---- D:\WINDOWS\System32\kbdest.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdycl.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdsl1.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdsl.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdro.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdpl1.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdpl.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdhu1.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdhu.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdcz2.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdcz1.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdcz.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\kbdcr.dll
2009-05-15 19:27:26 ----RA---- D:\WINDOWS\System32\KBDAL.DLL
2009-05-15 19:27:24 ----A---- D:\WINDOWS\System32\irclass.dll
2009-05-15 19:27:23 ----A---- D:\WINDOWS\System32\spxcoins.dll
2009-05-15 19:27:23 ----A---- D:\WINDOWS\System32\EqnClass.Dll
2009-05-15 19:27:23 ----A---- D:\WINDOWS\System32\dgsetup.dll
2009-05-15 19:27:23 ----A---- D:\WINDOWS\System32\dgrpsetu.dll
2009-05-15 19:27:20 ----N---- D:\WINDOWS\System32\CONFIG.TMP
2009-05-15 19:27:20 ----A---- D:\WINDOWS\TASKMAN.EXE
2009-05-15 19:27:20 ----A---- D:\WINDOWS\System32\batt.dll
2009-05-15 19:27:20 ----A---- D:\WINDOWS\NOTEPAD.EXE
2009-05-15 19:27:19 ----A---- D:\WINDOWS\System32\storprop.dll
2009-05-15 19:27:12 ----ASH---- D:\Documents and Settings\All Users\Application Data\desktop.ini
2009-05-15 19:26:40 ----RA---- D:\WINDOWS\SETA.tmp
2009-05-15 19:26:36 ----RA---- D:\WINDOWS\SET3.tmp
2009-05-15 19:26:29 ----D---- D:\WINDOWS\System32\CatRoot2
2009-05-15 19:26:29 ----D---- D:\WINDOWS\System32\CatRoot
2009-05-15 19:26:23 ----SD---- D:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-15 19:26:03 ----A---- D:\WINDOWS\setuplog.txt
2009-05-15 19:25:57 ----D---- D:\Documents and Settings
2009-05-15 19:14:23 ----RSHDC---- D:\WINDOWS\System32\dllcache
2009-05-15 19:14:23 ----RSD---- D:\WINDOWS\Fonts
2009-05-15 19:14:23 ----RD---- D:\WINDOWS\Web
2009-05-15 19:14:23 ----HD---- D:\WINDOWS\inf
2009-05-15 19:14:23 ----D---- D:\WINDOWS\WinSxS
2009-05-15 19:14:23 ----D---- D:\WINDOWS\twain_32
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Temp
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\wins
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\wbem
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\usmt
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\spool
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\ShellExt
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\Setup
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\ras
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\oobe
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\npp
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\mui
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\inetsrv
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\IME
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\icsxml
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\ias
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\export
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\drivers
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\dhcp
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\config
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\3com_dmi
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\3076
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\2052
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1054
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1042
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1041
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1037
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1033
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1031
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1028
2009-05-15 19:14:23 ----D---- D:\WINDOWS\System32\1025
2009-05-15 19:14:23 ----D---- D:\WINDOWS\system32
2009-05-15 19:14:23 ----D---- D:\WINDOWS\system
2009-05-15 19:14:23 ----D---- D:\WINDOWS\security
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Resources
2009-05-15 19:14:23 ----D---- D:\WINDOWS\repair
2009-05-15 19:14:23 ----D---- D:\WINDOWS\mui
2009-05-15 19:14:23 ----D---- D:\WINDOWS\msapps
2009-05-15 19:14:23 ----D---- D:\WINDOWS\msagent
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Media
2009-05-15 19:14:23 ----D---- D:\WINDOWS\java
2009-05-15 19:14:23 ----D---- D:\WINDOWS\ime
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Help
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Driver Cache
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Debug
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Cursors
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Connection Wizard
2009-05-15 19:14:23 ----D---- D:\WINDOWS\Config
2009-05-15 19:14:23 ----D---- D:\WINDOWS\AppPatch
2009-05-15 19:14:23 ----D---- D:\WINDOWS\addins
2009-05-15 19:14:23 ----D---- D:\WINDOWS
2009-05-15 17:01:12 ----D---- D:\Program Files\Counter-Strike
2009-05-15 16:30:38 ----SHD---- D:\RECYCLER
2009-05-15 16:27:59 ----A---- D:\WINDOWS\System32\mdmxsdk.dll
2009-05-15 16:27:59 ----A---- D:\WINDOWS\System32\mdmxsdk(2).dll
2009-05-15 16:27:59 ----A---- D:\WINDOWS\System32\hsfci011.dll
2009-05-15 15:26:27 ----A---- D:\WINDOWS\System32\imon.dll
2009-05-15 15:13:01 ----SD---- D:\WINDOWS\System32\Microsoft
2009-05-15 15:12:28 ----D---- D:\Program Files\Eset
2009-05-15 15:11:21 ----D---- D:\Documents and Settings\furqan\Application Data\WinRAR
2009-05-15 15:11:11 ----D---- D:\Program Files\WinRAR
2009-05-15 14:44:53 ----SHD---- D:\WINDOWS\Installer
2009-05-15 14:44:50 ----D---- D:\Documents and Settings\furqan\Application Data\Identities
2009-05-15 14:44:39 ----HD---- D:\Program Files\Uninstall Information
2009-05-15 14:44:24 ----ASH---- D:\Documents and Settings\furqan\Application Data\desktop.ini
2009-05-15 14:44:23 ----SD---- D:\Documents and Settings\furqan\Application Data\Microsoft
2009-05-15 14:43:35 ----SHD---- D:\System Volume Information
2009-05-15 14:42:24 ----D---- D:\WINDOWS\Prefetch
2009-05-15 14:42:24 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-05-15 14:38:20 ----D---- D:\WINDOWS\System32\xircom
2009-05-15 14:38:20 ----D---- D:\Program Files\xerox
2009-05-15 14:38:20 ----D---- D:\Program Files\microsoft frontpage
2009-05-15 14:37:51 ----A---- D:\WINDOWS\control.ini
2009-05-15 14:37:42 ----A---- D:\WINDOWS\OEWABLog.txt
2009-05-15 14:37:34 ----A---- D:\WINDOWS\System32\mapi32.dll
2009-05-15 14:36:25 ----SD---- D:\WINDOWS\Downloaded Program Files
2009-05-15 14:36:25 ----RD---- D:\WINDOWS\Offline Web Pages
2009-05-15 14:36:25 ----RAH---- D:\WINDOWS\System32\logonui.exe.manifest
2009-05-15 14:36:18 ----RAH---- D:\WINDOWS\System32\cdplayer.exe.manifest
2009-05-15 14:35:54 ----D---- D:\WINDOWS\System32\DirectX
2009-05-15 14:35:27 ----A---- D:\WINDOWS\System32\safrslv.dll
2009-05-15 14:35:27 ----A---- D:\WINDOWS\System32\safrdm.dll
2009-05-15 14:35:27 ----A---- D:\WINDOWS\System32\safrcdlg.dll
2009-05-15 14:35:27 ----A---- D:\WINDOWS\System32\racpldlg.dll
2009-05-15 14:35:27 ----A---- D:\WINDOWS\System32\atrace.dll
2009-05-15 14:35:24 ----A---- D:\WINDOWS\System32\desktop.ini
2009-05-15 14:35:24 ----A---- D:\WINDOWS\desktop.ini
2009-05-15 14:35:17 ----A---- D:\WINDOWS\System32\nmevtmsg.dll
2009-05-15 14:35:17 ----A---- D:\WINDOWS\System32\isrdbg32.dll
2009-05-15 14:35:16 ----A---- D:\WINDOWS\System32\mnmsrvc.exe
2009-05-15 14:35:15 ----A---- D:\WINDOWS\System32\acctres.dll
2009-05-15 14:35:14 ----D---- D:\Program Files\Common Files\Services
2009-05-15 14:35:14 ----A---- D:\WINDOWS\System32\INETRES.DLL
2009-05-15 14:35:10 ----SD---- D:\WINDOWS\Tasks
2009-05-15 14:35:10 ----A---- D:\WINDOWS\System32\isign32.dll
2009-05-15 14:35:10 ----A---- D:\WINDOWS\System32\inetcfg.dll
2009-05-15 14:35:10 ----A---- D:\WINDOWS\System32\icwphbk.dll
2009-05-15 14:35:10 ----A---- D:\WINDOWS\System32\icwdial.dll
2009-05-15 14:35:10 ----A---- D:\WINDOWS\System32\icfgnt5.dll
2009-05-15 14:35:07 ----D---- D:\Program Files\Common Files\MSSoap
2009-05-15 14:35:02 ----D---- D:\WINDOWS\srchasst
2009-05-15 14:35:01 ----D---- D:\WINDOWS\System32\Macromed
2009-05-15 14:35:00 ----D---- D:\Program Files\Movie Maker
2009-05-15 14:35:00 ----A---- D:\WINDOWS\System32\qmgr.dll
2009-05-15 14:34:55 ----D---- D:\WINDOWS\System32\Restore
2009-05-15 14:34:55 ----D---- D:\WINDOWS\PCHealth
2009-05-15 14:34:55 ----A---- D:\WINDOWS\System32\srsvc.dll
2009-05-15 14:34:55 ----A---- D:\WINDOWS\System32\srrstr.dll
2009-05-15 14:34:54 ----A---- D:\WINDOWS\System32\srclient.dll
2009-05-15 14:34:54 ----A---- D:\WINDOWS\System32\mnmdd.dll
2009-05-15 14:34:54 ----A---- D:\WINDOWS\System32\ils.dll
2009-05-15 14:34:53 ----A---- D:\WINDOWS\System32\nmmkcert.dll
2009-05-15 14:34:53 ----A---- D:\WINDOWS\System32\msconf.dll
2009-05-15 14:34:51 ----D---- D:\Program Files\NetMeeting
2009-05-15 14:34:51 ----A---- D:\WINDOWS\System32\MSOERT2.DLL
2009-05-15 14:34:51 ----A---- D:\WINDOWS\System32\MSOEACCT.DLL
2009-05-15 14:34:50 ----A---- D:\WINDOWS\System32\INETCOMM.DLL
2009-05-15 14:34:49 ----D---- D:\Program Files\Outlook Express
2009-05-15 14:34:49 ----A---- D:\WINDOWS\System32\schedsvc.dll
2009-05-15 14:34:49 ----A---- D:\WINDOWS\System32\mstinit.exe
2009-05-15 14:34:49 ----A---- D:\WINDOWS\System32\mstask.dll
2009-05-15 14:34:42 ----D---- D:\Program Files\Common Files\System
2009-05-15 14:34:41 ----D---- D:\Program Files\Internet Explorer
2009-05-15 14:34:02 ----D---- D:\Program Files\ComPlus Applications
2009-05-15 14:34:01 ----A---- D:\WINDOWS\vbaddin.ini
2009-05-15 14:34:01 ----A---- D:\WINDOWS\vb.ini
2009-05-15 14:33:56 ----D---- D:\WINDOWS\Registration
2009-05-15 14:33:49 ----HD---- D:\Program Files\WindowsUpdate
2009-05-15 14:33:48 ----D---- D:\Program Files\Windows Media Player
2009-05-15 14:33:48 ----D---- D:\Program Files\Online Services
2009-05-15 14:33:41 ----D---- D:\Program Files\Messenger
2009-05-15 14:33:36 ----D---- D:\Program Files\MSN Gaming Zone
2009-05-15 14:33:36 ----A---- D:\WINDOWS\System32\write.exe
2009-05-15 14:33:29 ----A---- D:\WINDOWS\System32\sndvol32.exe
2009-05-15 14:33:29 ----A---- D:\WINDOWS\System32\sndrec32.exe
2009-05-15 14:33:29 ----A---- D:\WINDOWS\System32\hticons.dll
2009-05-15 14:33:29 ----A---- D:\WINDOWS\System32\accwiz.exe
2009-05-15 14:33:28 ----A---- D:\WINDOWS\System32\winchat.exe
2009-05-15 14:33:28 ----A---- D:\WINDOWS\System32\avwav.dll
2009-05-15 14:33:28 ----A---- D:\WINDOWS\System32\avtapi.dll
2009-05-15 14:33:28 ----A---- D:\WINDOWS\System32\avmeter.dll
2009-05-15 14:33:23 ----A---- D:\WINDOWS\System32\getuname.dll
2009-05-15 14:33:23 ----A---- D:\WINDOWS\System32\charmap.exe
2009-05-15 14:33:22 ----A---- D:\WINDOWS\System32\winmine.exe
2009-05-15 14:33:22 ----A---- D:\WINDOWS\System32\sol.exe
2009-05-15 14:33:22 ----A---- D:\WINDOWS\System32\mshearts.exe
2009-05-15 14:33:22 ----A---- D:\WINDOWS\System32\calc.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\usrlogon.cmd
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\tsshutdn.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\tslabels.ini
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\tskill.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\tsdiscon.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\tscon.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\shadow.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\rwinsta.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\reset.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\regini.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\rdshost.exe
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\rdpcfgex.dll
2009-05-15 14:33:21 ----A---- D:\WINDOWS\System32\freecell.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\xolehlp.dll
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\qwinsta.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\qprocess.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\qappsrv.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\msg.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\msdtcuiu.dll
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\msdtctm.dll
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\logoff.exe
2009-05-15 14:33:20 ----A---- D:\WINDOWS\System32\cdmodem.dll
2009-05-15 14:33:19 ----A---- D:\WINDOWS\System32\msdtcprf.ini
2009-05-15 14:33:19 ----A---- D:\WINDOWS\System32\msdtclog.dll
2009-05-15 14:33:19 ----A---- D:\WINDOWS\System32\msdtc.exe
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\stclient.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\mtxlegih.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\mtxex.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\mtxdm.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\dcomcnfg.exe
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\comrepl.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\comaddin.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\clbcatex.dll
2009-05-15 14:33:18 ----A---- D:\WINDOWS\System32\catsrvps.dll
2009-05-15 14:33:17 ----A---- D:\WINDOWS\System32\comuid.dll
2009-05-15 14:33:17 ----A---- D:\WINDOWS\System32\comsnap.dll
2009-05-15 14:33:10 ----A---- D:\WINDOWS\System32\wmimgmt.msc
2009-05-15 14:33:10 ----A---- D:\WINDOWS\System32\servdeps.dll
2009-05-15 14:33:10 ----A---- D:\WINDOWS\System32\mmfutil.dll
2009-05-15 14:33:10 ----A---- D:\WINDOWS\System32\cmprops.dll
2009-05-15 14:33:05 ----D---- D:\Program Files\Windows NT
2009-05-15 14:33:05 ----A---- D:\WINDOWS\System32\mspaint.exe
2009-05-15 14:33:05 ----A---- D:\WINDOWS\System32\mplay32.exe
2009-05-15 14:33:05 ----A---- D:\WINDOWS\System32\clipbrd.exe
2009-05-15 14:33:04 ----A---- D:\WINDOWS\System32\wuauserv.dll
2009-05-15 14:33:04 ----A---- D:\WINDOWS\System32\wuaueng.dll
2009-05-15 14:33:04 ----A---- D:\WINDOWS\System32\wuauclt.exe
2009-05-15 14:33:04 ----A---- D:\WINDOWS\System32\tscfgwmi.dll
2009-05-15 14:33:04 ----A---- D:\WINDOWS\System32\spider.exe
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\tscupgrd.exe
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\termsrv.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\sessmgr.exe
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\remotepg.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\rdsaddin.exe
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\rdpwsx.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\rdpsnd.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\rdpclip.exe
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\rdchost.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\mstscax.dll
2009-05-15 14:33:03 ----A---- D:\WINDOWS\System32\mstsc.exe
2009-05-15 14:33:02 ----D---- D:\WINDOWS\System32\MsDtc
2009-05-15 14:33:02 ----D---- D:\WINDOWS\System32\Com
2009-05-15 14:33:02 ----A---- D:\WINDOWS\System32\msdtcprx.dll
2009-05-15 14:33:02 ----A---- D:\WINDOWS\System32\icaapi.dll
2009-05-15 14:33:02 ----A---- D:\WINDOWS\System32\cfgbkend.dll
2009-05-15 14:32:59 ----A---- D:\WINDOWS\System32\licwmi.dll

======List of files/folders modified in the last 1 months======

2009-05-16 09:48:27 ----A---- D:\WINDOWS\win.ini
2009-05-15 16:27:31 ----A---- D:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 nod32drv;nod32drv; D:\WINDOWS\system32\drivers\nod32drv.sys [2009-05-15 15424]
R2 AMON;AMON; D:\WINDOWS\system32\drivers\amon.sys [2009-05-15 512096]
R2 Aspi32;Aspi32; D:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
R2 mdmxsdk;mdmxsdk; D:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2009-03-30 13059]
R2 NwlnkNb;NWLink NetBIOS; D:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-05 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; D:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-05 55936]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication; D:\WINDOWS\System32\DRIVERS\adusbser.sys [2006-10-23 93440]
R3 aeaudio;aeaudio; D:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 hidusb;Microsoft HID Class Driver; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-05 9600]
R3 HSF_DP;HSF_DP; D:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2009-03-30 1036928]
R3 HSFHWBS2;HSFHWBS2; D:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2009-03-30 219136]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-05 12160]
R3 nv;nv; D:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-08-29 891711]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; D:\WINDOWS\System32\DRIVERS\sisnic.sys [2001-08-17 31232]
R3 smwdm;smwdm; D:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
R3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2003-07-03 28160]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2003-07-03 25216]
R3 usbhub;USB2 Enabled Hub; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2003-07-03 53120]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2003-07-03 16000]
R3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\System32\DRIVERS\usbprint.sys [2002-08-29 24960]
R3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
R3 winachsf;winachsf; D:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2009-03-30 702592]
R3 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-05 12032]
S2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; D:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2001-10-05 84864]
S4 IntelIde;IntelIde; D:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CSIScanner;CSIScanner; D:\Program Files\Prevx\prevx.exe [2009-05-26 4368952]
R2 NOD32krn;NOD32 Kernel Service; D:\Program Files\Eset\nod32krn.exe [2009-05-15 552064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\HPZipm12.exe [2006-03-03 69632]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UleadBurningHelper;Ulead Burning Helper; D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
R2 UMWdf;Windows User Mode Driver Framework; D:\WINDOWS\System32\wdfmgr.exe [2004-08-11 38912]
S2 NwSapAgent;SAP Agent; D:\WINDOWS\System32\svchost.exe [2001-10-05 12800]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-22 138168]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------



help me guysss

furqan
2009-05-27, 10:09
Help plazzzz