Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

iexplore.exe keeps showing up in task manager silently

Started by mamoon0 , Apr 30 2009 03:00 PM

This topic is locked

20 replies to this topic

#1 mamoon0

New Member

Members
10 posts

Posted 30 April 2009 - 03:00 PM

DDS (Ver_09-03-16.01) - NTFSx86
Run by Mamoon Siddiqui at 14:57:47.39 on Thu 04/30/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.215 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wscntfy.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mamoon Siddiqui\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mamoon~1\applic~1\mozilla\firefox\profiles\81x2ka1s.default\

============= SERVICES / DRIVERS ===============

R1 btq6263;btq6263;c:\windows\system32\drivers\btq6263.sys [2009-4-28 17376]
R2 msncache;msncache;c:\windows\system32\svchost.exe -k netsvcs [2001-8-23 34816]
S1 gebcb33;gebcb33;c:\windows\system32\drivers\gebcb33.sys [2009-4-29 17376]

=============== Created Last 30 ================

2009-04-29 22:58 17,376 a------- c:\windows\system32\drivers\gebcb33.sys
2009-04-29 22:45 <DIR> --d----- c:\documents and settings\mamoon siddiqui\dwhelper
2009-04-29 00:06 <DIR> --d----- c:\docume~1\mamoon~1\applic~1\Malwarebytes
2009-04-29 00:06 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-29 00:06 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-29 00:06 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-29 00:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-04-29 00:04 <DIR> --d----- c:\windows\system32\appmgmt
2009-04-29 00:02 <DIR> --d----- c:\docume~1\mamoon~1\applic~1\GlarySoft
2009-04-28 23:40 17,376 a------- c:\windows\system32\drivers\btq6263.sys
2009-04-28 21:41 <DIR> --ds---- c:\documents and settings\mamoon siddiqui\UserData
2009-04-28 21:39 <DIR> --d----- c:\program files\Trend Micro
2009-04-28 21:28 <DIR> --d----- c:\program files\CCleaner
2009-04-28 15:45 128 a------- c:\windows\wininit.ini
2009-04-28 15:28 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-28 15:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-04-28 11:56 578,560 a------- c:\windows\system32\auoxrpf
2009-04-28 11:21 578,560 a------- c:\windows\system32\socrwg
2009-04-28 11:14 182,656 ac------ c:\windows\system32\dllcache\ndis.sys
2009-04-28 11:13 76,288 a------- c:\windows\system32\nvsvc32.exe
2009-04-28 11:10 0 a------- c:\windows\mqcd.dbt
2009-04-28 11:10 1 a------- c:\windows\9g2234wesdf3dfgjf23
2009-04-28 11:10 <DIR> --d----- c:\windows\system32\796525
2009-04-28 11:09 578,560 a------- c:\windows\system32\elvkxuzc
2009-04-28 11:09 <DIR> --dshr-- c:\program files\ThunMail
2009-04-28 11:09 98,940 a------- c:\windows\system32\drivers\d38c0739.sys
2009-04-28 11:09 28,672 a------- c:\windows\system32\inqby.sr
2009-04-28 11:09 32,768 a------- c:\windows\system32\ferryl.cbv
2009-04-28 11:09 32,768 a------- c:\windows\system32\fairy.an
2009-04-28 11:09 28,672 a------- c:\windows\system32\dolman.zt
2009-04-28 11:09 79,360 a------- c:\windows\system32\ashl.nq
2009-04-28 11:09 578,560 ac------ c:\windows\system32\dllcache\user32.dll
2009-04-28 11:09 262,144 a------- c:\windows\system32\nvrsk.dll
2009-04-27 15:45 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-04-26 15:42 221,184 a------- c:\windows\system32\wmpns.dll
2009-04-25 22:51 <DIR> --d----- c:\windows\system32\scripting
2009-04-25 22:51 <DIR> --d----- c:\windows\l2schemas
2009-04-25 22:51 <DIR> --d----- c:\windows\system32\en
2009-04-25 22:51 <DIR> --d----- c:\windows\system32\bits
2009-04-25 22:46 <DIR> --d----- c:\windows\network diagnostic
2009-04-25 20:07 <DIR> --d----- c:\program files\Brandon Swift Creations
2009-04-25 16:32 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-25 16:32 73,728 a------- c:\windows\system32\javacpl.cpl
2009-04-24 20:31 <DIR> --d----- c:\windows\system32\Adobe
2009-04-23 22:22 197,120 -------- c:\windows\system32\napstat.exe
2009-04-15 23:27 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-04-15 23:23 <DIR> --d--r-- c:\program files\Skype
2009-04-15 23:21 256 a------- c:\windows\system32\pool.bin
2009-04-15 23:21 <DIR> --d----- c:\docume~1\mamoon~1\applic~1\Research In Motion
2009-04-15 23:16 <DIR> --d----- c:\program files\MSXML 6.0
2009-04-15 22:52 26,496 a----r-- c:\windows\system32\drivers\RimSerial.sys
2009-04-15 22:52 <DIR> --d----- c:\program files\Research In Motion
2009-04-15 22:52 <DIR> --d----- c:\program files\common files\Research In Motion
2009-04-15 22:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2009-04-15 22:27 <DIR> --d----- c:\docume~1\mamoon~1\applic~1\GetRightToGo
2009-04-15 13:04 376 a------- c:\windows\ODBC.INI
2009-04-15 13:04 <DIR> --d----- c:\program files\Microsoft ActiveSync
2009-04-15 13:03 <DIR> --d----- c:\windows\ShellNew
2009-04-15 12:42 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2009-04-14 22:04 266,360 a------- c:\windows\system32\TweakUI.exe
2009-04-14 22:04 160,217 a------- c:\windows\system32\PowerToysLicense.rtf
2009-04-14 21:57 <DIR> --d----- c:\program files\VideoLAN
2009-04-14 21:56 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-04-14 21:54 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-04-14 21:54 284,160 -c------ c:\windows\system32\dllcache\pdh.dll
2009-04-14 21:54 729,088 -c------ c:\windows\system32\dllcache\lsasrv.dll
2009-04-14 21:54 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-04-14 21:54 617,472 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-04-14 21:54 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-04-14 21:54 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-14 21:54 248,320 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-04-14 21:54 131,072 -c------ c:\windows\system32\dllcache\services.exe
2009-04-14 21:54 2,189,056 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-14 21:54 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-14 21:54 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-14 21:52 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2009-04-14 21:52 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-04-14 21:52 333,952 -c------ c:\windows\system32\dllcache\srv.sys
2009-04-14 21:52 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2009-04-14 21:52 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2009-04-14 21:51 247,326 -c------ c:\windows\system32\dllcache\strmdll.dll
2009-04-14 21:51 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2009-04-14 21:51 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb
2009-04-14 21:51 236,032 -c------ c:\windows\system32\dllcache\wordpad.exe
2009-04-14 21:51 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-14 21:50 <DIR> --d----- c:\windows\system32\PreInstall
2009-04-14 21:50 <DIR> --d-h--- c:\windows\$hf_mig$
2009-04-14 21:45 <DIR> --d----- c:\program files\Steam
2009-04-14 21:40 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-04-14 21:40 <DIR> --d----- c:\windows\pss
2009-04-14 21:39 <DIR> --ds---- c:\windows\system32\Microsoft
2009-04-14 21:14 <DIR> --d----- c:\windows\ServicePackFiles
2009-04-14 21:13 2,897,920 -------- c:\windows\system32\xpsp2res.dll
2009-04-14 21:12 19,528 a------- c:\windows\002362_.tmp
2009-04-14 21:12 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-04-14 21:11 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-04-14 21:10 <DIR> --d----- c:\windows\EHome
2009-04-14 20:32 146,048 a------- c:\windows\system32\drivers\portcls.sys
2009-04-14 20:32 60,160 a------- c:\windows\system32\drivers\drmk.sys
2009-04-14 20:32 1,375,744 a------- c:\windows\system32\ALSNDMGR.CPL
2009-04-14 20:32 947,884 a------- c:\windows\system32\drivers\ALCXWDM.SYS
2009-04-14 20:32 141,016 a------- c:\windows\system32\ALSNDMGR.WAV
2009-04-14 20:32 67,584 a------- c:\windows\SOUNDMAN.EXE
2009-04-14 20:32 164 a------- c:\windows\avrack.ini
2009-04-14 20:32 <DIR> --d----- c:\program files\Realtek Sound Manager
2009-04-14 20:32 <DIR> --d----- c:\program files\AvRack
2009-04-14 20:32 229,376 a------- c:\windows\alcupd.exe
2009-04-14 20:32 151,552 a------- c:\windows\alcrmv.exe
2009-04-14 20:28 <DIR> --d----- c:\windows\RegisteredPackages
2009-04-14 20:26 741,376 a------- c:\windows\iun6002.exe
2009-04-14 20:26 <DIR> --d----- c:\program files\ResChanger 2005
2009-04-14 20:23 81,191 a------- c:\windows\system32\nvapps.xml
2009-04-14 20:23 229,376 a------- c:\windows\system32\nvudisp.exe
2009-04-14 20:23 16,960 a------- c:\windows\system32\nvdisp.nvu
2009-04-14 20:23 <DIR> --d----- c:\windows\nview
2009-04-14 20:23 229,376 a------- c:\windows\system32\NVUNINST.EXE
2009-04-14 09:10 <DIR> --dsh--- c:\windows\Installer
2009-04-14 09:10 <DIR> --d----- c:\documents and settings\Mamoon Siddiqui
2009-04-14 09:09 8,192 a------- c:\windows\REGLOCS.OLD
2009-04-14 09:05 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll
2009-04-14 09:04 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-04-14 09:03 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-04-14 09:02 <DIR> --d----- c:\program files\common files\MSSoap
2009-04-14 09:01 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-04-14 09:01 <DIR> --d----- c:\program files\Online Services
2009-04-14 09:01 <DIR> --d----- c:\program files\Messenger
2009-04-14 09:01 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-04-14 09:01 <DIR> --d----- c:\program files\Windows NT

==================== Find3M ====================

2009-04-29 00:00 170,892 a------- c:\windows\pchealth\helpctr\config\cache\Professional_32_1033.dat
2009-04-28 11:56 34,816 a------- c:\windows\system32\svchost.exe
2009-04-28 11:14 182,656 a------- c:\windows\system32\drivers\ndis.sys
2009-04-28 11:09 578,560 a------- c:\windows\system32\user32.DLL
2009-04-25 22:54 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-14 09:02 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-03-19 10:08 499,712 a------- c:\windows\system32\msvcp71.dll
2009-03-19 10:08 348,160 a------- c:\windows\system32\msvcr71.dll
2009-03-06 09:22 284,160 a------- c:\windows\system32\pdh.dll
2009-02-20 03:10 666,112 a------- c:\windows\system32\wininet.dll
2009-02-20 03:10 81,920 -------- c:\windows\system32\ieencode.dll
2009-02-09 07:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 07:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 07:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 07:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 06:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-06 06:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 06:08 2,189,056 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 05:39 55,808 a------- c:\windows\system32\sc.exe
2009-02-03 14:59 56,832 a------- c:\windows\system32\secur32.dll

============= FINISH: 14:58:15.21 ===============

Attached Files

Attach.txt 4.01K 0 downloads

BC Ads
BleepingComputer.com

#2 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 01 May 2009 - 11:31 AM

Hello!

My name is Sam and I will be helping you.

In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.

Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

Important!
You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.
Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Make sure that you save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

If I have helped you in any way, please consider a donation to help me continue the fight against malware.

Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!

========================================================

#3 mamoon0

New Member

Members
10 posts

Posted 01 May 2009 - 03:14 PM

Dear Sam,

Thank you for helping me. I seem to have a problem. When I try to install ComboFix, I get the error as followed:

!! ALERT !! It is NOT SAFE to continue!

The contents of the ComboFix package has been compromised. Please download a fresh copy from:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Note: You may be infected with a file patching virus (Virut)

I can't install it, so we can't move on. Any suggestions? Again, Thanks for helping me Sam. I appreciate it.

mamoon0

#4 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 02 May 2009 - 07:45 AM

Try this...

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Posted Image

--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt so we can continue cleaning the system.

=================

Also let's run a scan with DrWeb.

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, in the menu, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.

Please post the contents of the log from DrWeb in your next reply.

#5 mamoon0

New Member

Members
10 posts

Posted 03 May 2009 - 03:13 PM

Hello Sam,

I am still unable to install combofix. Renaming won't work, and neither will trying to install it in safe mode. I am frustrated, but you do this everyday, so I'm feeling nothing compared to you. I ran Dr. CureIt. I have the log posted. However, it won't let me put up the excel file, so I put in notepad. Is it possible for a virus to block antivirus sites? If so, that explains the file hiding in my dhcp folder. Anyway, thanks for helping me Sam. If you have an alternative to combofix or another way to install it, I'm open to suggestions. Thanks Sam.

mamoon0

svchost.exe;c:\windows\dhcp;BackDoor.BlackHole.origin;Incurable.Moved.;
svchost.exe;c:\windows\system32\3361;Probably BACKDOOR.Trojan;;
admparser.dll;c:\windows\system32;Probably Trojan.Packed.329;;
admparseru.dll;c:\windows\system32;Probably Trojan.Packed.249;;
protect.sys;c:\windows\system32\drivers;Trojan.NtRootKit.429;Deleted.;
C2152591d01/data002\32788R22FWJFW\FIND3M.bat;C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data\Mozilla\Firefox\Profiles\81x2ka1s.default\Cache\C2152;Probably BATCH.Virus;;
C2152591d01/data002\32788R22FWJFW\psexec.cfexe;C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data\Mozilla\Firefox\Profiles\81x2ka1s.default\Cache\C2152;Program.PsExec.171;;
data002;C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data\Mozilla\Firefox\Profiles\81x2ka1s.default\Cache;Archive contains infected objects;;
C2152591d01;C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data\Mozilla\Firefox\Profiles\81x2ka1s.default\Cache;Container contains infected objects;Moved.;
stub_fpsrvadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Probably Trojan.Packed.189;;
stub_fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Probably Trojan.Packed.189;;
stub_fpsrvadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Probably Trojan.Packed.189;;
admparser.dll;C:\WINDOWS\system32;Probably Trojan.Packed.329;;
admparseru.dll;C:\WINDOWS\system32;Probably Trojan.Packed.249;;
SVCHOST.EXE;C:\WINDOWS\system32\3361;Probably BACKDOOR.Trojan;;
MSAGNT32.DLL;C:\WINDOWS\Temp;Probably STPAGE.PWS.Trojan;;
VRTE.tmp;C:\WINDOWS\Temp;Probably STPAGE.PWS.Trojan;;

Attached Files

Drweb.txt 1.63K 16 downloads

Edited by Buckeye_Sam, 05 May 2009 - 09:22 AM.

#6 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 04 May 2009 - 08:45 AM

Let's work around the combofix issue for now and then we'll come back to it if necessary.
Malware will definitely try to block your access to any site that will assist you in removing it. That's not uncommon at all.

We need to create an OTListIt2 Report

Please download OTListIt2 from here
Save it to your desktop.
Double click on the icon on your desktop.
Click the "Scan All Users" checkbox.
Push the "Run Scan" button.
The scan should take just a few minutes.
Copy the log that opens up and paste it back here in your next reply.

#7 mamoon0

New Member

Members
10 posts

Posted 04 May 2009 - 04:43 PM

Hello Sam,

I ran the program like you asked. 2 log files showed up, so I posted both.
Thanks for the help.

mamoon0

OTListIt logfile created on: 5/4/2009 4:39:48 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Mamoon Siddiqui\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.49 Mb Total Physical Memory | 378.15 Mb Available Physical Memory | 49.27% Memory free
1.83 Gb Paging File | 1.39 Gb Available in Paging File | 75.95% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 109.47 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931.28 Gb Total Space | 791.82 Gb Free Space | 85.02% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 3MBROS
Current User Name: Mamoon Siddiqui
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/13 19:12:19 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2002/10/16 18:24:52 | 00,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009/04/14 21:45:58 | 01,410,296 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009/04/16 13:36:36 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/03/05 16:07:20 | 02,280,960 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/04/25 16:32:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/04/16 13:36:36 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008/04/13 19:12:41 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2001/08/23 07:00:00 | 00,176,640 | ---- | M] (121.22.11.33) -- C:\WINDOWS\system32\wtukd32.exe
PRC - [2009/02/03 10:32:28 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer\procexp.exe
PRC - [2009/04/27 21:49:16 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2001/08/23 07:00:00 | 00,036,864 | ---- | M] (nqgfbjxrariw) -- C:\WINDOWS\system32\dncyool64.sys
PRC - [2001/08/23 07:00:00 | 00,194,048 | ---- | M] (65.543.235.12) -- C:\WINDOWS\system32\sopidkc.exe
PRC - [2009/05/04 16:39:31 | 00,523,776 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/04/25 16:32:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - File not found -- -- (netddedsdmdhcp [Auto | Stopped])
SRV - [2009/04/28 11:13:05 | 00,076,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Stopped])
SRV - [2001/08/23 07:00:00 | 00,194,048 | ---- | M] (65.543.235.12) -- C:\WINDOWS\system32\sopidkc.exe -- (sopidkc [Auto | Running])
SRV - [2001/08/23 07:00:00 | 00,051,200 | ---- | M] (3.32.2.4) -- C:\WINDOWS\system32\msncache.dll -- (msncache [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2002/10/16 17:27:02 | 00,947,884 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009/04/28 23:40:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btq6263.sys -- (btq6263 [System | Running])
DRV - [2009/05/01 01:02:10 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btr7dd5.sys -- (btr7dd5 [System | Running])
DRV - [2009/05/01 20:46:41 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\dbs8d27.sys -- (dbs8d27 [System | Running])
DRV - [2009/05/03 16:07:36 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ectb1cc.sys -- (ectb1cc [System | Running])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009/04/30 21:54:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\geb17fa.sys -- (geb17fa [System | Running])
DRV - [2009/04/29 22:58:39 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\gebcb33.sys -- (gebcb33 [System | Running])
DRV - [2009/05/02 21:42:45 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\hecdd97.sys -- (hecdd97 [System | Running])
DRV - [2009/04/30 21:35:26 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ifd7fee.sys -- (ifd7fee [System | Running])
DRV - [2009/05/01 03:36:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\khf354e.sys -- (khf354e [System | Running])
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2006/08/11 23:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2009/05/01 10:03:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\oledb88.sys -- (oledb88 [System | Running])
DRV - [2009/05/03 16:07:37 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys -- (protect [Boot | Running])
DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Running])
DRV - [2001/08/23 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2009/05/02 11:17:05 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\rpma17e.sys -- (rpma17e [System | Stopped])
DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (sonypvu1 [On_Demand | Stopped])
DRV - [2009/05/03 16:18:37 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ctr7bf5.sys -- (ctr7bf5 [System | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-19\s-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-20\s-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\s-1-5-21-1801674531-725345543-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/25 16:32:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/27 21:49:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/27 21:49:19 | 00,000,000 | ---D | M]

[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions
[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/03 13:12:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/15 12:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2009/05/04 16:37:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/27 21:49:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/15 23:23:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/25 16:32:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/27 21:49:16 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/27 21:49:16 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/09 00:51:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/09 00:51:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/09 00:51:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/09 00:51:14 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/09 00:51:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/09 00:51:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/09 00:51:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (305001 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 63.119.44.200 www.danburymintjewelrry.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10526 more lines...
O2 - BHO: (no name) - {1fd79a59-37b1-459b-9097-09f9fab8a523} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-19\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-20\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/14 09:04:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/04 16:39:31 | 00,523,776 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe
[2009/05/03 16:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\avidemux
[2009/05/03 16:23:35 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 16:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.4
[2009/05/03 16:22:49 | 00,769,686 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32.zip
[2009/05/03 16:22:08 | 13,171,671 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\avidemux_2.4.4_win32.exe
[2009/05/03 16:18:37 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\ctr7bf5.sys
[2009/05/03 16:07:37 | 00,018,944 | -H-- | C] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009/05/03 16:07:36 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reader_s.exe
[2009/05/03 16:07:36 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\ectb1cc.sys
[2009/05/03 15:36:31 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 13:45:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer
[2009/05/03 13:44:48 | 01,615,732 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer.zip
[2009/05/03 13:09:13 | 13,308,944 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\cureit.exe
[2009/05/03 13:06:46 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/02 22:02:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Virus Protection
[2009/05/02 21:44:41 | 00,000,000 | ---D | C] -- C:\Reg Save
[2009/05/02 21:42:45 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\hecdd97.sys
[2009/05/02 21:40:58 | 00,682,369 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\WinsockFix.zip
[2009/05/02 11:17:05 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\rpma17e.sys
[2009/05/01 20:46:41 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\dbs8d27.sys
[2009/05/01 17:19:54 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/05/01 17:19:08 | 00,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Foxit
[2009/05/01 17:18:41 | 14,482,140 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\vlc-0.9.2-win32.exe
[2009/05/01 15:35:10 | 00,005,205 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\thick_crosshairs.zip
[2009/05/01 15:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2009/05/01 14:58:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3361
[2009/05/01 14:58:25 | 00,108,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 14:58:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\dhcp
[2009/05/01 14:58:20 | 00,000,032 | --S- | C] () -- C:\WINDOWS\System32\2292572900.dat
[2009/05/01 10:49:00 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2009/05/01 10:49:00 | 00,000,892 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/01 10:49:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2009/05/01 10:03:50 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\oledb88.sys
[2009/05/01 03:36:03 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\khf354e.sys
[2009/05/01 03:35:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/05/01 01:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\P90X
[2009/05/01 01:02:10 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\btr7dd5.sys
[2009/04/30 22:00:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/04/30 21:54:50 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\geb17fa.sys
[2009/04/30 21:35:26 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\ifd7fee.sys
[2009/04/30 17:00:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\FLV
[2009/04/30 15:05:15 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/30 15:05:15 | 00,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2009/04/29 22:58:39 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\gebcb33.sys
[2009/04/29 00:44:56 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/29 00:06:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Malwarebytes
[2009/04/29 00:06:28 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/29 00:06:26 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/29 00:06:24 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/29 00:06:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/29 00:04:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/29 00:02:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GlarySoft
[2009/04/28 23:40:03 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\btq6263.sys
[2009/04/28 21:39:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/28 21:28:48 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/28 15:45:01 | 00,000,128 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/04/28 15:18:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Adobe
[2009/04/28 11:56:28 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/28 11:21:40 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:14:20 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:10:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/04/28 11:09:58 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:58 | 00,000,000 | RHSD | C] -- C:\Program Files\ThunMail
[2009/04/28 11:09:44 | 00,098,940 | ---- | C] () -- C:\WINDOWS\System32\drivers\d38c0739.sys
[2009/04/28 11:09:31 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\inqby.sr
[2009/04/28 11:09:30 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/04/28 11:09:30 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\fairy.an
[2009/04/28 11:09:29 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dolman.zt
[2009/04/28 11:09:28 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ashl.nq
[2009/04/28 11:09:26 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 10:38:06 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/28 10:38:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Apps
[2009/04/27 15:45:16 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/04/27 00:52:59 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/04/26 15:42:30 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/26 15:42:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/25 22:51:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/04/25 22:51:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/25 22:51:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/25 22:46:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/04/25 22:37:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Keep
[2009/04/25 20:07:15 | 00,000,000 | ---D | C] -- C:\Program Files\Brandon Swift Creations
[2009/04/25 16:32:02 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/04/25 16:31:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Sun
[2009/04/25 13:03:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blackberry Backup
[2009/04/24 20:31:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/04/23 22:23:29 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/04/23 22:23:28 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/04/23 22:23:28 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/04/23 22:23:28 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/04/23 22:23:27 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/04/23 22:23:27 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/04/23 22:23:27 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/04/23 22:23:27 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/04/23 22:23:27 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/04/23 22:23:27 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/04/23 22:23:27 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/04/23 22:23:27 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/04/23 22:23:27 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/04/23 22:23:27 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/04/23 22:23:27 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/04/23 22:23:27 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/04/23 22:23:27 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/04/23 22:23:27 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/04/23 22:23:27 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/04/23 22:23:27 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/04/23 22:23:27 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/04/23 22:23:27 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/04/23 22:23:27 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/04/23 22:23:27 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/04/23 22:23:27 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/04/23 22:23:27 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/04/23 22:23:26 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/04/23 22:23:26 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/04/23 22:23:26 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/04/23 22:23:26 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/04/23 22:23:26 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/04/23 22:23:25 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/04/23 22:23:25 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/04/23 22:23:24 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/04/23 22:23:24 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/04/23 22:23:24 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/04/23 22:23:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009/04/23 22:23:24 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/04/23 22:23:24 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/04/23 22:23:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/04/23 22:23:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/04/23 22:23:24 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/04/23 22:23:24 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/04/23 22:23:24 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/04/23 22:23:24 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/04/23 22:23:24 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/04/23 22:23:24 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/04/23 22:23:24 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/04/23 22:23:24 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/04/23 22:23:24 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/04/23 22:23:24 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/04/23 22:23:23 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/04/23 22:23:22 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/04/23 22:23:22 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/04/23 22:23:22 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/04/23 22:23:21 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/04/23 22:23:20 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/04/23 22:23:19 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/04/23 22:23:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/04/23 22:23:18 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/04/23 22:23:18 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/04/23 22:23:18 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/04/23 22:23:18 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/04/23 22:23:18 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/04/23 22:23:18 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/04/23 22:23:17 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/04/23 22:23:17 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/04/23 22:23:13 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/04/23 22:23:13 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/04/23 22:23:12 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/04/23 22:23:12 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/04/23 22:23:11 | 00,794,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/04/23 22:23:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/04/23 22:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/04/23 22:23:09 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/04/23 22:23:08 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/04/23 22:23:08 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/04/23 22:23:08 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/04/23 22:23:07 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/04/23 22:23:06 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/04/23 22:23:06 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/04/23 22:23:06 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/04/23 22:23:05 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/04/23 22:23:05 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/04/23 22:23:05 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/04/23 22:23:05 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/04/23 22:23:05 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/04/23 22:23:05 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/04/23 22:23:05 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/04/23 22:23:05 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/04/23 22:23:05 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/04/23 22:23:05 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/04/23 22:23:05 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/04/23 22:23:05 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/04/23 22:23:05 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/04/23 22:23:05 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/04/23 22:23:05 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/04/23 22:23:04 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/04/23 22:23:02 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/04/23 22:23:00 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/04/23 22:23:00 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/04/23 22:23:00 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/04/23 22:23:00 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/04/23 22:23:00 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/04/23 22:22:59 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/04/23 22:22:59 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/04/23 22:22:59 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/04/23 22:22:58 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/04/23 22:22:58 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/04/23 22:22:57 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/04/23 22:22:57 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/04/23 22:22:57 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/04/23 22:22:57 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/04/23 22:22:57 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/04/23 22:22:57 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/04/23 22:22:57 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/04/23 22:22:55 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/04/23 22:22:53 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/04/23 22:22:53 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/04/23 22:22:51 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/04/23 22:22:51 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/04/23 22:22:50 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/04/23 22:22:50 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/04/23 22:22:50 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/04/23 22:22:50 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/04/23 22:22:50 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/04/23 22:22:50 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/04/23 22:22:50 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/04/23 22:22:50 | 00,025,119 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/04/23 22:22:50 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/04/23 22:22:50 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/04/23 22:22:50 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/04/23 22:22:50 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/04/23 22:22:49 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/04/23 22:22:49 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/04/23 22:22:49 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/04/23 22:22:49 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/04/23 22:22:48 | 00,806,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/04/23 22:22:48 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/04/23 22:22:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/04/23 22:22:43 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/04/23 22:22:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/04/23 22:22:43 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/04/23 22:22:42 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009/04/23 22:22:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2009/04/23 22:22:38 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/04/23 22:22:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/04/23 22:22:37 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/04/23 22:22:30 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/04/23 22:22:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/04/23 22:22:30 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/04/23 22:22:30 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/04/23 22:22:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/04/23 22:22:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/04/23 22:22:30 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/04/23 22:22:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/04/23 22:22:30 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/04/23 22:22:29 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/04/23 22:22:29 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009/04/23 22:22:29 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/04/23 22:22:29 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/04/23 22:22:28 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/04/23 22:22:28 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/04/23 22:22:28 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/04/23 22:22:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/04/23 22:22:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/04/23 22:22:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/04/23 22:22:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/04/23 22:22:28 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/04/23 22:22:27 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/04/23 22:22:26 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/04/23 22:22:26 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/04/23 22:22:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/04/23 22:22:26 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/04/23 22:22:26 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/04/23 22:22:26 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/04/23 22:22:26 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/04/23 22:22:26 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/04/23 22:22:25 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/04/23 22:22:25 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/04/23 22:22:24 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/04/23 22:22:24 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/04/23 22:22:24 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/04/23 22:22:24 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/04/23 22:22:24 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/04/23 22:22:20 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/04/23 22:22:19 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/04/23 22:07:00 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/23 22:04:20 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/04/15 23:27:37 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:27:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\skypePM
[2009/04/15 23:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Skype
[2009/04/15 23:23:29 | 00,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/15 23:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/04/15 23:23:24 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/04/15 23:22:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\WinRAR
[2009/04/15 23:21:19 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/04/15 23:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Research In Motion
[2009/04/15 23:19:40 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 23:17:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/04/15 23:16:33 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/04/15 23:16:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/04/15 23:14:40 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/04/15 22:52:18 | 00,026,496 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2009/04/15 22:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/04/15 22:34:32 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/04/15 22:34:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/04/15 22:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GetRightToGo
[2009/04/15 21:54:52 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 13:04:05 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/04/15 13:03:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2009/04/15 13:03:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2009/04/15 13:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/04/15 12:42:39 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/04/14 22:04:58 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe
[2009/04/14 22:04:58 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2009/04/14 21:59:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbstor.sys
[2009/04/14 21:56:15 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/04/14 21:54:28 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/14 21:54:28 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/14 21:54:27 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/14 21:54:27 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/14 21:54:27 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/14 21:54:27 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/14 21:54:27 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/14 21:54:27 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/14 21:54:27 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/14 21:54:26 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/14 21:54:26 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/14 21:54:25 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/14 21:52:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/04/14 21:52:44 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/04/14 21:52:34 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/04/14 21:52:28 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/04/14 21:52:09 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/04/14 21:51:48 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/04/14 21:51:43 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/04/14 21:51:01 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/14 21:51:01 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009/04/14 21:51:01 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 21:51:01 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/14 21:50:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/04/14 21:50:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/04/14 21:45:07 | 00,002,193 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/04/14 21:45:07 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2009/04/14 21:40:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/04/14 21:40:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/14 21:40:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/04/14 21:39:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/04/14 21:39:51 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/04/14 21:16:43 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/14 21:16:10 | 00,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2009/04/14 21:16:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2009/04/14 21:16:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/04/14 21:16:10 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2009/04/14 21:16:10 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/04/14 21:16:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/04/14 21:16:10 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/04/14 21:16:08 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/04/14 21:16:08 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/04/14 21:16:08 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/04/14 21:16:07 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/04/14 21:16:07 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2009/04/14 21:16:07 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/04/14 21:16:07 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/04/14 21:16:07 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/04/14 21:16:07 | 00,079,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2009/04/14 21:16:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/04/14 21:16:07 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/04/14 21:16:07 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/04/14 21:16:07 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/04/14 21:16:07 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/04/14 21:16:07 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk7.sys
[2009/04/14 21:16:07 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2009/04/14 21:16:07 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/04/14 21:16:07 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2009/04/14 21:16:07 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/04/14 21:16:07 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/04/14 21:16:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/04/14 21:16:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/04/14 21:16:07 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/04/14 21:16:07 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2009/04/14 21:16:07 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/04/14 21:16:07 | 00,011,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2009/04/14 21:16:07 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2009/04/14 21:16:06 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/04/14 21:16:06 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009/04/14 21:16:06 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/04/14 21:16:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/04/14 21:16:06 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009/04/14 21:16:06 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/04/14 21:16:06 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/04/14 21:16:06 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthserv.dll
[2009/04/14 21:16:06 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009/04/14 21:16:06 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/04/14 21:16:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009/04/14 21:16:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/04/14 21:16:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tunmp.sys
[2009/04/14 21:16:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/04/14 21:16:06 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/04/14 21:16:06 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/04/14 21:16:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2009/04/14 21:16:05 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009/04/14 21:16:05 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/04/14 21:16:05 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/04/14 21:16:05 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/04/14 21:16:05 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009/04/14 21:16:05 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009/04/14 21:16:05 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll
[2009/04/14 21:16:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/04/14 21:16:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/04/14 21:16:05 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/04/14 21:16:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009/04/14 21:16:04 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2psvc.dll
[2009/04/14 21:16:04 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2009/04/14 21:16:04 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009/04/14 21:16:04 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009/04/14 21:16:04 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009/04/14 21:16:04 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfime.ime
[2009/04/14 21:16:04 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009/04/14 21:16:04 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2009/04/14 21:16:04 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009/04/14 21:16:04 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009/04/14 21:16:04 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009/04/14 21:16:04 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/04/14 21:16:04 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pnrpnsp.dll
[2009/04/14 21:16:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsnsv.dll
[2009/04/14 21:16:04 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009/04/14 21:16:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009/04/14 21:16:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009/04/14 21:16:03 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.dll
[2009/04/14 21:16:03 | 01,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2009/04/14 21:16:03 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009/04/14 21:16:03 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009/04/14 21:16:03 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009/04/14 21:16:03 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009/04/14 21:16:03 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/04/14 21:16:03 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpdxm.dll
[2009/04/14 21:16:03 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009/04/14 21:16:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2009/04/14 21:16:03 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009/04/14 21:16:03 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009/04/14 21:16:03 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009/04/14 21:16:03 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshbth.dll
[2009/04/14 21:16:03 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscsvc.dll
[2009/04/14 21:16:03 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/04/14 21:16:03 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twext.dll
[2009/04/14 21:16:03 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/04/14 21:16:03 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009/04/14 21:16:03 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/04/14 21:16:03 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/04/14 21:16:03 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009/04/14 21:16:03 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/04/14 21:16:02 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/04/14 21:16:02 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2009/04/14 21:16:02 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/04/14 21:16:02 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/04/14 21:16:02 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll
[2009/04/14 21:16:02 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009/04/14 21:14:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/14 21:13:08 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009/04/14 21:12:15 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/14 21:12:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/04/14 21:11:53 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/04/14 21:10:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/14 21:10:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/04/14 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Macromedia
[2009/04/14 20:32:41 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/04/14 20:32:40 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/04/14 20:32:37 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2009/04/14 20:32:37 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\AvRack
[2009/04/14 20:32:36 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/04/14 20:28:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/04/14 20:27:39 | 01,428,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvidctl.dll
[2009/04/14 20:27:39 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/14 20:27:39 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009/04/14 20:27:39 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009/04/14 20:27:39 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009/04/14 20:27:39 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009/04/14 20:27:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2009/04/14 20:27:39 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/04/14 20:27:39 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009/04/14 20:27:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2009/04/14 20:27:39 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009/04/14 20:27:39 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009/04/14 20:27:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msyuv.dll
[2009/04/14 20:27:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009/04/14 20:27:39 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009/04/14 20:27:39 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009/04/14 20:27:39 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009/04/14 20:27:38 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/04/14 20:27:38 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/04/14 20:27:38 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/04/14 20:27:38 | 00,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2009/04/14 20:27:38 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009/04/14 20:27:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009/04/14 20:27:38 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/04/14 20:27:38 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009/04/14 20:27:38 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/04/14 20:27:38 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/04/14 20:27:38 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys
[2009/04/14 20:27:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/04/14 20:27:37 | 00,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2009/04/14 20:27:37 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/04/14 20:27:37 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2009/04/14 20:27:37 | 00,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2009/04/14 20:27:36 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009/04/14 20:27:36 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009/04/14 20:27:36 | 01,318,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/04/14 20:27:36 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2009/04/14 20:27:36 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2009/04/14 20:27:36 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2009/04/14 20:27:36 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2009/04/14 20:27:36 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2009/04/14 20:27:36 | 00,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2009/04/14 20:27:36 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2009/04/14 20:27:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2009/04/14 20:27:36 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2009/04/14 20:27:36 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/04/14 20:27:36 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2009/04/14 20:27:36 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2009/04/14 20:27:36 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2009/04/14 20:27:36 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2009/04/14 20:27:36 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/04/14 20:27:36 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2009/04/14 20:27:36 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2009/04/14 20:27:36 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/04/14 20:27:36 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2009/04/14 20:27:36 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2009/04/14 20:27:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2009/04/14 20:27:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009/04/14 20:27:36 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2009/04/14 20:27:36 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2009/04/14 20:27:35 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2009/04/14 20:27:35 | 00,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2009/04/14 20:27:35 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2009/04/14 20:27:35 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2009/04/14 20:27:35 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2009/04/14 20:27:35 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2009/04/14 20:27:35 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2009/04/14 20:27:35 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2009/04/14 20:27:35 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/04/14 20:27:35 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2009/04/14 20:27:35 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2009/04/14 20:26:56 | 00,741,376 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/04/14 20:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\ResChanger 2005
[2009/04/14 20:23:56 | 00,081,191 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/14 20:23:21 | 00,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/04/14 20:23:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/14 20:22:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/04/14 20:22:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Mozilla
[2009/04/14 20:22:07 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 20:22:03 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/14 09:10:26 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/04/14 09:10:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Identities
[2009/04/14 09:10:20 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/04/14 09:10:19 | 00,000,077 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Pictures
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Music
[2009/04/14 09:10:17 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\desktop.ini
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temporary Internet Files
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\History
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Microsoft
[2009/04/14 09:10:17 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data
[2009/04/14 09:10:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp
[2009/04/14 09:09:38 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/14 09:09:19 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/04/14 09:06:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/04/14 09:06:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/04/14 09:06:47 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/04/14 09:06:47 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/04/14 09:06:47 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/04/14 09:06:46 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/04/14 09:06:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/04/14 09:06:45 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/04/14 09:06:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/04/14 09:06:45 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/04/14 09:06:44 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/04/14 09:06:44 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/04/14 09:06:43 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/04/14 09:06:43 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/04/14 09:06:42 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/04/14 09:06:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/04/14 09:06:41 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/04/14 09:06:41 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/04/14 09:06:41 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/04/14 09:06:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/04/14 09:06:40 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/04/14 09:06:40 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/04/14 09:06:40 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/04/14 09:06:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/04/14 09:06:38 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/04/14 09:06:37 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/04/14 09:06:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/04/14 09:06:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/04/14 09:06:36 | 00,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2009/04/14 09:06:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/04/14 09:06:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/04/14 09:06:35 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/04/14 09:06:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/04/14 09:06:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/04/14 09:06:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/04/14 09:06:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/04/14 09:06:31 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/04/14 09:06:31 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/04/14 09:06:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/04/14 09:06:30 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/04/14 09:06:29 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/04/14 09:06:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/04/14 09:06:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/04/14 09:06:27 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/04/14 09:06:27 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/04/14 09:06:27 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/04/14 09:06:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/04/14 09:06:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/04/14 09:06:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/04/14 09:06:25 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/04/14 09:06:25 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/04/14 09:06:25 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/04/14 09:06:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/04/14 09:06:25 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/04/14 09:06:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/04/14 09:06:24 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/04/14 09:06:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/04/14 09:06:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/04/14 09:06:24 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/04/14 09:06:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/04/14 09:06:24 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/04/14 09:06:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/04/14 09:06:21 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/04/14 09:06:20 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/04/14 09:06:17 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/04/14 09:06:17 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/04/14 09:06:13 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/04/14 09:06:13 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/04/14 09:06:12 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/04/14 09:06:12 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/04/14 09:06:11 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/04/14 09:06:10 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/04/14 09:06:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/04/14 09:06:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/04/14 09:06:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/04/14 09:06:08 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/04/14 09:06:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/04/14 09:06:08 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/04/14 09:06:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/04/14 09:06:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/04/14 09:06:05 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/04/14 09:06:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/04/14 09:06:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/04/14 09:06:04 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/04/14 09:06:04 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/04/14 09:06:04 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/04/14 09:06:03 | 00,282,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/04/14 09:06:03 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/04/14 09:06:03 | 00,254,007 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/04/14 09:06:03 | 00,229,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/04/14 09:06:03 | 00,225,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/04/14 09:06:03 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/04/14 09:06:03 | 00,087,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/04/14 09:06:03 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/04/14 09:06:03 | 00,065,589 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/04/14 09:06:02 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/04/14 09:06:02 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/04/14 09:06:02 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/04/14 09:06:02 | 00,327,737 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/04/14 09:06:02 | 00,176,185 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/04/14 09:06:02 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/04/14 09:06:02 | 00,077,878 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/04/14 09:06:01 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/04/14 09:06:01 | 00,331,839 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/04/14 09:06:01 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/04/14 09:06:01 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/04/14 09:06:01 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/04/14 09:06:01 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/04/14 09:06:01 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/04/14 09:06:01 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/04/14 09:06:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/04/14 09:06:01 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/04/14 09:06:00 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/04/14 09:06:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/04/14 09:05:56 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/04/14 09:05:52 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/04/14 09:05:49 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/04/14 09:05:47 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/04/14 09:05:47 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/04/14 09:05:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/14 09:05:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/14 09:05:45 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/14 09:05:45 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/14 09:05:44 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/04/14 09:05:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/04/14 09:05:43 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/04/14 09:05:43 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/04/14 09:05:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/04/14 09:05:42 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/04/14 09:05:42 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/04/14 09:05:42 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/04/14 09:05:42 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/04/14 09:05:39 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/04/14 09:05:38 | 00,077,879 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/04/14 09:05:38 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/04/14 09:05:38 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/04/14 09:05:38 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/04/14 09:05:37 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/04/14 09:05:36 | 00,500,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/04/14 09:05:36 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/04/14 09:05:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/04/14 09:05:35 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/04/14 09:05:35 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/04/14 09:05:35 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/04/14 09:05:35 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/04/14 09:05:35 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/04/14 09:05:34 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/04/14 09:05:34 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/04/14 09:05:34 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/04/14 09:05:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/04/14 09:05:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/04/14 09:05:33 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/04/14 09:05:33 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/04/14 09:05:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/04/14 09:05:32 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/04/14 09:05:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/04/14 09:05:31 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/04/14 09:05:31 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/04/14 09:05:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/04/14 09:05:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/04/14 09:05:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/04/14 09:05:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/04/14 09:05:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/04/14 09:05:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/04/14 09:05:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/04/14 09:05:26 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/04/14 09:05:22 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/04/14 09:05:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/04/14 09:05:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/04/14 09:05:21 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/04/14 09:05:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/04/14 09:05:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/04/14 09:05:17 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/04/14 09:04:56 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:04:53 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/04/14 09:04:47 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:04:03 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/04/14 09:04:03 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/14 09:03:44 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/04/14 09:03:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/04/14 09:03:29 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009/04/14 09:03:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/04/14 09:03:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/04/14 09:03:22 | 00,319,551 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009/04/14 09:03:22 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009/04/14 09:03:22 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009/04/14 09:03:22 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/04/14 09:03:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/04/14 09:03:06 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/04/14 09:03:04 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/04/14 09:03:04 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/04/14 09:03:04 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/04/14 09:03:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/04/14 09:02:55 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/04/14 09:02:55 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/04/14 09:02:55 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/04/14 09:02:55 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/04/14 09:02:55 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/04/14 09:02:55 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/04/14 09:02:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/04/14 09:02:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/04/14 09:02:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/04/14 09:02:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/04/14 09:02:53 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/04/14 09:02:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/04/14 09:02:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/04/14 09:02:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/04/14 09:02:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/04/14 09:02:50 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/04/14 09:02:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/04/14 09:02:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/04/14 09:02:50 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/04/14 09:02:49 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/04/14 09:02:49 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/04/14 09:02:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009/04/14 09:02:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/04/14 09:02:47 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/04/14 09:02:47 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/04/14 09:02:44 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/04/14 09:02:44 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/04/14 09:02:44 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/04/14 09:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/04/14 09:02:43 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/04/14 09:02:43 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/04/14 09:02:43 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/04/14 09:02:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/04/14 09:02:43 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/04/14 09:02:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/04/14 09:02:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/04/14 09:02:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/04/14 09:02:41 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/04/14 09:02:41 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/04/14 09:02:41 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/04/14 09:02:41 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/04/14 09:02:41 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/04/14 09:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/04/14 09:02:37 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/04/14 09:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/04/14 09:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/04/14 09:02:12 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/04/14 09:01:55 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/04/14 09:01:55 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/04/14 09:01:44 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/14 09:01:44 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/14 09:01:44 | 00,063,057 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/14 09:01:44 | 00,063,054 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/14 09:01:43 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/14 09:01:43 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/14 09:01:43 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/14 09:01:43 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/14 09:01:43 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/14 09:01:43 | 00,063,055 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/14 09:01:43 | 00,063,053 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/14 09:01:43 | 00,063,053 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/14 09:01:43 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/14 09:01:43 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/14 09:01:43 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/14 09:01:42 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/14 09:01:42 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/14 09:01:42 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/14 09:01:42 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/14 09:01:42 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/14 09:01:41 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/14 09:01:41 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/14 09:01:41 | 00,057,417 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/14 09:01:41 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/14 09:01:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/14 09:01:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/14 09:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/04/14 09:01:32 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/04/14 09:01:32 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/14 09:01:32 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/14 09:01:32 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/04/14 09:01:32 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/04/14 09:01:32 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/14 09:01:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/04/14 09:01:30 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/04/14 09:01:26 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/14 09:01:26 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/14 09:01:26 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/14 09:01:26 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/14 09:01:26 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/14 09:01:26 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/14 09:01:26 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/14 09:01:25 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/04/14 09:01:25 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/14 09:01:25 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/14 09:01:25 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/14 09:01:25 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/14 09:01:25 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/14 09:01:25 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/14 09:01:25 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/14 09:01:25 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/14 09:01:25 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/14 09:01:24 | 00,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/04/14 09:01:24 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/14 09:01:24 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/14 09:01:24 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/14 09:01:24 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/14 09:01:24 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/14 09:01:24 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/14 09:01:24 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/14 09:01:24 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/14 09:01:24 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/04/14 09:01:23 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/14 09:01:23 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/14 09:01:23 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/14 09:01:23 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/14 09:01:23 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/14 09:01:23 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/04/14 09:01:23 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/04/14 09:01:22 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/04/14 09:01:22 | 00,698,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/04/14 09:01:22 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/04/14 09:01:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/04/14 09:01:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/04/14 09:01:22 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/04/14 09:01:22 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/04/14 09:01:22 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/04/14 09:01:22 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/04/14 09:01:22 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/04/14 09:01:22 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/04/14 09:01:22 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/04/14 09:01:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/04/14 09:01:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/04/14 09:01:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/04/14 09:01:21 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/04/14 09:01:21 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/04/14 09:01:21 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/04/14 09:01:21 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/04/14 09:01:21 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/04/14 09:01:21 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/04/14 09:01:21 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/04/14 09:01:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/04/14 09:01:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/04/14 09:01:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/04/14 09:01:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/04/14 09:01:21 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/04/14 09:01:21 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/04/14 09:01:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/04/14 09:01:21 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/04/14 09:01:20 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/04/14 09:01:20 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/04/14 09:01:20 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/04/14 09:01:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/04/14 09:01:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/04/14 09:01:20 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/04/14 09:01:20 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/04/14 09:01:20 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/04/14 09:01:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/04/14 09:01:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/04/14 09:01:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/04/14 09:01:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/04/14 09:01:19 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/04/14 09:01:19 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/04/14 09:01:19 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/04/14 09:01:19 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/04/14 09:01:19 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/04/14 09:01:18 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/04/14 09:01:18 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/04/14 09:01:18 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/04/14 09:01:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/04/14 09:01:18 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/04/14 09:01:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/04/14 09:01:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/04/14 09:01:17 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/04/14 09:01:17 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/04/14 09:01:17 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/04/14 09:01:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/04/14 09:01:17 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/04/14 09:01:17 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/04/14 09:01:17 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/04/14 09:01:16 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/04/14 09:01:16 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/04/14 09:01:16 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/04/14 09:01:16 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/04/14 09:01:16 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/04/14 09:01:12 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/04/14 09:01:11 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/04/14 09:01:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/04/14 09:01:11 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/04/14 09:01:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/04/14 09:01:10 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/04/14 09:01:10 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/04/14 09:01:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/04/14 09:01:10 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/04/14 09:01:10 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/04/14 09:01:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/04/14 09:01:09 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/04/14 09:01:08 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/04/14 09:01:08 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/04/14 09:01:07 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/04/14 09:01:07 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/14 09:01:07 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/04/14 09:01:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/04/14 09:01:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/04/14 09:01:04 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/04/14 09:01:04 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2006/08/11 23:45:20 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 23:43:10 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/11 23:43:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/11 23:43:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/11 23:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/11 23:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/11 23:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001/08/23 07:00:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/08/23 07:00:00 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\comsa32.sys
[2001/08/23 07:00:00 | 00,000,006 | ---- | C] () -- C:\WINDOWS\System32\FInstall.sys

========== Files - Modified Within 30 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/04 16:41:08 | 00,098,940 | ---- | M] () -- C:\WINDOWS\System32\drivers\d38c0739.sys
[2009/05/04 16:39:31 | 00,523,776 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe
[2009/05/03 17:01:04 | 00,022,528 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 16:23:35 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 16:22:55 | 00,769,686 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32.zip
[2009/05/03 16:22:52 | 13,171,671 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\avidemux_2.4.4_win32.exe
[2009/05/03 16:18:37 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ctr7bf5.sys
[2009/05/03 16:17:51 | 00,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/03 16:17:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/03 16:17:48 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/05/03 16:17:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/03 16:07:37 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009/05/03 16:07:36 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reader_s.exe
[2009/05/03 16:07:36 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ectb1cc.sys
[2009/05/03 15:06:29 | 00,000,032 | --S- | M] () -- C:\WINDOWS\System32\2292572900.dat
[2009/05/03 13:45:40 | 01,615,732 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer.zip
[2009/05/03 13:10:38 | 13,308,944 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\cureit.exe
[2009/05/03 11:58:00 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/05/02 22:00:19 | 00,305,001 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/02 21:56:26 | 00,000,043 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090502-220019.backup
[2009/05/02 21:42:45 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\hecdd97.sys
[2009/05/02 21:39:00 | 00,682,369 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\WinsockFix.zip
[2009/05/02 11:17:05 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\rpma17e.sys
[2009/05/01 20:46:41 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\dbs8d27.sys
[2009/05/01 17:19:26 | 14,482,140 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\vlc-0.9.2-win32.exe
[2009/05/01 17:19:08 | 00,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 15:45:35 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/05/01 15:35:11 | 00,005,205 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\thick_crosshairs.zip
[2009/05/01 14:58:25 | 00,108,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 14:58:02 | 00,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/01 14:58:02 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/01 14:58:02 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/01 10:49:00 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/01 10:03:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\oledb88.sys
[2009/05/01 03:36:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\khf354e.sys
[2009/05/01 01:02:10 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btr7dd5.sys
[2009/04/30 21:54:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\geb17fa.sys
[2009/04/30 21:35:26 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ifd7fee.sys
[2009/04/30 15:05:15 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/29 22:58:39 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\gebcb33.sys
[2009/04/29 16:32:55 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/29 09:39:42 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/29 00:44:56 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/28 23:40:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btq6263.sys
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/28 16:50:51 | 00,304,984 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2009/04/28 16:46:27 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/28 16:46:27 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/28 16:46:27 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/28 15:47:29 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/28 15:47:28 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090428-165051.backup
[2009/04/28 15:45:01 | 00,000,128 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/28 11:56:28 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 11:56:28 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:09:31 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/04/28 11:09:31 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\inqby.sr
[2009/04/28 11:09:30 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\fairy.an
[2009/04/28 11:09:29 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\ashl.nq
[2009/04/28 11:09:29 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dolman.zt
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/26 15:43:00 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/26 15:41:58 | 00,110,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/25 22:46:30 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/25 21:04:46 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/04/15 23:27:37 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:19:40 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 21:54:52 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/04/14 21:12:57 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/14 20:26:52 | 00,741,376 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/04/14 20:22:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:07 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 09:10:25 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:09:19 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:56 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:02:12 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:03 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/04/14 09:02:03 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 07:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >

Attached Files

Extras.Txt 21.25K 1 downloads
OTListIt.Txt 298.55K 1 downloads

Edited by Buckeye_Sam, 05 May 2009 - 09:23 AM.

#8 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 05 May 2009 - 09:38 AM

Run OTListIt2.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - [2001/08/23 07:00:00 | 00,176,640 | ---- | M] (121.22.11.33) -- C:\WINDOWS\system32\wtukd32.exe
PRC - [2001/08/23 07:00:00 | 00,036,864 | ---- | M] (nqgfbjxrariw) -- C:\WINDOWS\system32\dncyool64.sys
PRC - [2001/08/23 07:00:00 | 00,194,048 | ---- | M] (65.543.235.12) -- C:\WINDOWS\system32\sopidkc.exe
SRV - [2001/08/23 07:00:00 | 00,194,048 | ---- | M] (65.543.235.12) -- C:\WINDOWS\system32\sopidkc.exe -- (sopidkc [Auto | Running])
SRV - [2001/08/23 07:00:00 | 00,051,200 | ---- | M] (3.32.2.4) -- C:\WINDOWS\system32\msncache.dll -- (msncache [Auto | Running])
DRV - [2009/04/28 23:40:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btq6263.sys -- (btq6263 [System | Running])
DRV - [2009/05/01 01:02:10 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\btr7dd5.sys -- (btr7dd5 [System | Running])
DRV - [2009/05/01 20:46:41 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\dbs8d27.sys -- (dbs8d27 [System | Running])
DRV - [2009/05/03 16:07:36 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ectb1cc.sys -- (ectb1cc [System | Running])
DRV - [2009/04/30 21:54:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\geb17fa.sys -- (geb17fa [System | Running])
DRV - [2009/04/29 22:58:39 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\gebcb33.sys -- (gebcb33 [System | Running])
DRV - [2009/05/02 21:42:45 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\hecdd97.sys -- (hecdd97 [System | Running])
DRV - [2009/04/30 21:35:26 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ifd7fee.sys -- (ifd7fee [System | Running])
DRV - [2009/05/01 03:36:03 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\khf354e.sys -- (khf354e [System | Running])
DRV - [2009/05/01 10:03:50 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\oledb88.sys -- (oledb88 [System | Running])
DRV - [2009/05/03 16:07:37 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys -- (protect [Boot | Running])
DRV - [2009/05/02 11:17:05 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\rpma17e.sys -- (rpma17e [System | Stopped])
DRV - [2009/05/03 16:18:37 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\ctr7bf5.sys -- (ctr7bf5 [System | Running])
O2 - BHO: (no name) - {1fd79a59-37b1-459b-9097-09f9fab8a523} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe (Microsoft Corporation)

:Services
65.543.235.12
3.32.2.4
btq6263
btr7dd5 
dbs8d27
ectb1cc 
geb17fa
gebcb33
hecdd97
ifd7fee
khf354e 
oledb88.sys 
protect 
rpma17e
ctr7bf5

:Files
c:\windows\system32\comsa32.sys 
C:\WINDOWS\system32\wtukd32.exe
C:\WINDOWS\system32\dncyool64.sys
C:\WINDOWS\system32\sopidkc.exe
C:\WINDOWS\System32\drivers\d38c0739.sys
C:\WINDOWS\System32\drivers\ctr7bf5.sys
C:\WINDOWS\System32\drivers\protect.sys
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\drivers\ectb1cc.sys
C:\WINDOWS\System32\2292572900.dat
C:\WINDOWS\System32\drivers\rpma17e.sys
C:\WINDOWS\System32\drivers\dbs8d27.sys
C:\WINDOWS\System32\drivers\oledb88.sys
C:\WINDOWS\System32\drivers\khf354e.sys
C:\WINDOWS\System32\drivers\btr7dd5.sys
C:\WINDOWS\System32\drivers\geb17fa.sys
C:\WINDOWS\System32\drivers\ifd7fee.sys
C:\WINDOWS\System32\drivers\gebcb33.sys
C:\WINDOWS\System32\drivers\btq6263.sys


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL2 log

==================

As soon as you reboot try to run Combofix.
Post that log also if it runs successfully.

#9 mamoon0

New Member

Members
10 posts

Posted 05 May 2009 - 05:39 PM

Hello Sam,

I ran the custom scan. The log is attached. I'm posting a second log from OTListIt as well. Still no luck on the combofix program, even with renaming the file.
Thanks for the help.

mamoon0

OTListIt logfile created on: 5/5/2009 5:25:04 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Mamoon Siddiqui\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.49 Mb Total Physical Memory | 372.32 Mb Available Physical Memory | 48.51% Memory free
1.83 Gb Paging File | 1.45 Gb Available in Paging File | 79.12% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 109.49 Gb Free Space | 85.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 3MBROS
Current User Name: Mamoon Siddiqui
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/13 19:12:19 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/05/05 17:10:02 | 00,260,096 | ---- | M] () -- C:\WINDOWS\dhcp\svchost.exe
PRC - [2009/04/25 16:32:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2002/10/16 18:24:52 | 00,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009/04/14 21:45:58 | 01,410,296 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009/04/16 13:36:36 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/03/05 16:07:20 | 02,280,960 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/04/16 13:36:36 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008/04/13 19:12:37 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe
PRC - [2009/02/03 10:32:28 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer\procexp.exe
PRC - [2009/05/04 16:39:31 | 00,523,776 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2008/04/13 19:11:56 | 00,019,968 | ---- | M] () -- C:\WINDOWS\system32\6to4v32.dll -- (6to4 [Auto | Running])
SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/05/05 17:10:02 | 00,260,096 | ---- | M] () -- C:\WINDOWS\dhcp\svchost.exe -- (dhcpsrv [Auto | Running])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/04/25 16:32:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - File not found -- -- (netddedsdmdhcp [Auto | Stopped])
SRV - [2009/04/28 11:13:05 | 00,076,288 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2002/10/16 17:27:02 | 00,947,884 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009/05/05 17:09:54 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\jhec76a.sys -- (jhec76a [System | Stopped])
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2006/08/11 23:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Running])
DRV - [2001/08/23 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (sonypvu1 [On_Demand | Stopped])
DRV - [2009/05/05 17:20:46 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\tqoe50f.sys -- (tqoe50f [System | Running])
DRV - [2009/05/05 17:20:49 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys -- (protect [Boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\.default\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\.default\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.default\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.default\.default\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\s-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\s-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\s-1-5-18\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-19\s-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-20\s-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\s-1-5-21-1801674531-725345543-839522115-1003\s-1-5-21-1801674531-725345543-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/25 16:32:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/27 21:49:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/27 21:49:19 | 00,000,000 | ---D | M]

[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions
[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/04 16:48:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/15 12:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2009/05/05 17:23:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/27 21:49:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/15 23:23:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/25 16:32:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/27 21:49:16 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/27 21:49:16 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/09 00:51:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/09 00:51:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/09 00:51:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/09 00:51:14 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/09 00:51:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/09 00:51:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/09 00:51:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (305001 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 63.119.44.200 www.danburymintjewelrry.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10526 more lines...
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe (Microsoft Corporation)
O4 - HKLM..\Run: [services] C:\WINDOWS\services.exe ()
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" (All)
O4 - HKU\.default..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\.default..\Run: [svc] c:\program Files\ThunMail\testabd.exe ()
O4 - HKU\s-1-5-18..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\s-1-5-18..\Run: [svc] c:\program Files\ThunMail\testabd.exe ()
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O4 - HKLM..\RunOnce: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" (All)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.default\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-19\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-20\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\s-1-5-21-1801674531-725345543-839522115-1003\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/14 09:04:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[9 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/05 17:25:49 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.execf
[2009/05/05 17:25:37 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/05/05 17:20:49 | 00,018,944 | -H-- | C] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009/05/05 17:20:46 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\tqoe50f.sys
[2009/05/05 17:20:45 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reader_s.exe
[2009/05/05 17:17:33 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/05 17:10:25 | 00,233,472 | ---- | C] (199.8111.6121.312) -- C:\WINDOWS\System32\w.exe
[2009/05/05 17:10:25 | 00,212,992 | ---- | C] (199.8111.6121.312) -- C:\WINDOWS\System32\tpszxyd.sys
[2009/05/05 17:10:25 | 00,036,864 | ---- | C] (eurtmfxs) -- C:\WINDOWS\System32\dpcxool64.sys
[2009/05/05 17:09:54 | 00,069,632 | ---- | C] () -- C:\WINDOWS\services.exe
[2009/05/05 17:09:54 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\jhec76a.sys
[2009/05/04 17:56:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32
[2009/05/04 16:39:31 | 00,523,776 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe
[2009/05/03 16:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\avidemux
[2009/05/03 16:23:35 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 16:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.4
[2009/05/03 16:22:49 | 00,769,686 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32.zip
[2009/05/03 16:22:08 | 13,171,671 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\avidemux_2.4.4_win32.exe
[2009/05/03 15:36:31 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 13:45:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer
[2009/05/03 13:44:48 | 01,615,732 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer.zip
[2009/05/03 13:09:13 | 13,308,944 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\cureit.exe
[2009/05/03 13:06:46 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/02 22:02:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Virus Protection
[2009/05/02 21:44:41 | 00,000,000 | ---D | C] -- C:\Reg Save
[2009/05/02 21:40:58 | 00,682,369 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\WinsockFix.zip
[2009/05/01 17:19:54 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/05/01 17:19:08 | 00,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Foxit
[2009/05/01 17:18:41 | 14,482,140 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\vlc-0.9.2-win32.exe
[2009/05/01 15:35:10 | 00,005,205 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\thick_crosshairs.zip
[2009/05/01 15:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2009/05/01 14:58:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3361
[2009/05/01 14:58:25 | 00,108,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 14:58:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\dhcp
[2009/05/01 10:49:00 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2009/05/01 10:49:00 | 00,000,892 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/01 10:49:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2009/05/01 03:35:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/05/01 01:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\P90X
[2009/04/30 22:00:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/04/30 17:00:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\FLV
[2009/04/30 15:05:15 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/30 15:05:15 | 00,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2009/04/29 00:44:56 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/29 00:06:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Malwarebytes
[2009/04/29 00:06:28 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/29 00:06:26 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/29 00:06:24 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/29 00:06:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/29 00:04:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/29 00:02:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GlarySoft
[2009/04/28 21:39:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/28 21:28:48 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/28 15:45:01 | 00,000,128 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/04/28 15:18:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Adobe
[2009/04/28 11:56:28 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/28 11:21:40 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:14:20 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:10:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/04/28 11:09:58 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:58 | 00,000,000 | RHSD | C] -- C:\Program Files\ThunMail
[2009/04/28 11:09:44 | 00,098,940 | ---- | C] () -- C:\WINDOWS\System32\drivers\d38c0739.sys
[2009/04/28 11:09:31 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\inqby.sr
[2009/04/28 11:09:30 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/04/28 11:09:30 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\fairy.an
[2009/04/28 11:09:29 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dolman.zt
[2009/04/28 11:09:28 | 00,079,360 | ---- | C] () -- C:\WINDOWS\System32\ashl.nq
[2009/04/28 11:09:26 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 10:38:06 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/28 10:38:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Apps
[2009/04/27 15:45:16 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/04/27 00:52:59 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/04/26 15:42:30 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/26 15:42:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/25 22:51:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/04/25 22:51:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/25 22:51:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/25 22:46:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/04/25 22:37:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Keep
[2009/04/25 20:07:15 | 00,000,000 | ---D | C] -- C:\Program Files\Brandon Swift Creations
[2009/04/25 16:32:02 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/04/25 16:31:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Sun
[2009/04/25 13:03:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blackberry Backup
[2009/04/24 20:31:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/04/23 22:23:29 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/04/23 22:23:28 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/04/23 22:23:28 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/04/23 22:23:28 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/04/23 22:23:27 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/04/23 22:23:27 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/04/23 22:23:27 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/04/23 22:23:27 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/04/23 22:23:27 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/04/23 22:23:27 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/04/23 22:23:27 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/04/23 22:23:27 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/04/23 22:23:27 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/04/23 22:23:27 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/04/23 22:23:27 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/04/23 22:23:27 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/04/23 22:23:27 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/04/23 22:23:27 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/04/23 22:23:27 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/04/23 22:23:27 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/04/23 22:23:27 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/04/23 22:23:27 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/04/23 22:23:27 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/04/23 22:23:27 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/04/23 22:23:27 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/04/23 22:23:27 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/04/23 22:23:26 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/04/23 22:23:26 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/04/23 22:23:26 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/04/23 22:23:26 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/04/23 22:23:26 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/04/23 22:23:25 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/04/23 22:23:25 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/04/23 22:23:24 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/04/23 22:23:24 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/04/23 22:23:24 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/04/23 22:23:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009/04/23 22:23:24 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/04/23 22:23:24 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/04/23 22:23:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/04/23 22:23:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/04/23 22:23:24 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/04/23 22:23:24 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/04/23 22:23:24 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/04/23 22:23:24 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/04/23 22:23:24 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/04/23 22:23:24 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/04/23 22:23:24 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/04/23 22:23:24 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/04/23 22:23:24 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/04/23 22:23:24 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/04/23 22:23:23 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/04/23 22:23:22 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/04/23 22:23:22 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/04/23 22:23:22 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/04/23 22:23:21 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/04/23 22:23:20 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/04/23 22:23:19 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/04/23 22:23:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/04/23 22:23:18 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/04/23 22:23:18 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/04/23 22:23:18 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/04/23 22:23:18 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/04/23 22:23:18 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/04/23 22:23:18 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/04/23 22:23:17 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/04/23 22:23:17 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/04/23 22:23:13 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/04/23 22:23:13 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/04/23 22:23:12 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/04/23 22:23:12 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/04/23 22:23:11 | 00,794,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/04/23 22:23:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/04/23 22:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/04/23 22:23:09 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/04/23 22:23:08 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/04/23 22:23:08 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/04/23 22:23:08 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/04/23 22:23:07 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/04/23 22:23:06 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/04/23 22:23:06 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/04/23 22:23:06 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/04/23 22:23:05 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/04/23 22:23:05 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/04/23 22:23:05 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/04/23 22:23:05 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/04/23 22:23:05 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/04/23 22:23:05 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/04/23 22:23:05 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/04/23 22:23:05 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/04/23 22:23:05 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/04/23 22:23:05 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/04/23 22:23:05 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/04/23 22:23:05 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/04/23 22:23:05 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/04/23 22:23:05 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/04/23 22:23:05 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/04/23 22:23:04 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/04/23 22:23:02 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/04/23 22:23:00 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/04/23 22:23:00 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/04/23 22:23:00 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/04/23 22:23:00 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/04/23 22:23:00 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/04/23 22:22:59 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/04/23 22:22:59 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/04/23 22:22:59 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/04/23 22:22:58 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/04/23 22:22:58 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/04/23 22:22:57 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/04/23 22:22:57 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/04/23 22:22:57 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/04/23 22:22:57 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/04/23 22:22:57 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/04/23 22:22:57 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/04/23 22:22:57 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/04/23 22:22:55 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/04/23 22:22:53 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/04/23 22:22:53 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/04/23 22:22:51 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/04/23 22:22:51 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/04/23 22:22:50 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/04/23 22:22:50 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/04/23 22:22:50 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/04/23 22:22:50 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/04/23 22:22:50 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/04/23 22:22:50 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/04/23 22:22:50 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/04/23 22:22:50 | 00,025,119 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/04/23 22:22:50 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/04/23 22:22:50 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/04/23 22:22:50 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/04/23 22:22:50 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/04/23 22:22:49 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/04/23 22:22:49 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/04/23 22:22:49 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/04/23 22:22:49 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/04/23 22:22:48 | 00,806,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/04/23 22:22:48 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/04/23 22:22:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/04/23 22:22:43 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/04/23 22:22:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/04/23 22:22:43 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/04/23 22:22:42 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009/04/23 22:22:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2009/04/23 22:22:38 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/04/23 22:22:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/04/23 22:22:37 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/04/23 22:22:30 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/04/23 22:22:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/04/23 22:22:30 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/04/23 22:22:30 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/04/23 22:22:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/04/23 22:22:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/04/23 22:22:30 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/04/23 22:22:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/04/23 22:22:30 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/04/23 22:22:29 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/04/23 22:22:29 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009/04/23 22:22:29 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/04/23 22:22:29 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/04/23 22:22:28 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/04/23 22:22:28 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/04/23 22:22:28 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/04/23 22:22:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/04/23 22:22:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/04/23 22:22:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/04/23 22:22:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/04/23 22:22:28 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/04/23 22:22:27 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/04/23 22:22:26 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/04/23 22:22:26 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/04/23 22:22:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/04/23 22:22:26 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/04/23 22:22:26 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/04/23 22:22:26 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/04/23 22:22:26 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/04/23 22:22:26 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/04/23 22:22:25 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/04/23 22:22:25 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/04/23 22:22:24 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/04/23 22:22:24 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/04/23 22:22:24 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/04/23 22:22:24 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/04/23 22:22:24 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/04/23 22:22:20 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/04/23 22:22:19 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/04/23 22:07:00 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/23 22:04:20 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/04/15 23:27:37 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:27:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\skypePM
[2009/04/15 23:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Skype
[2009/04/15 23:23:29 | 00,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/15 23:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/04/15 23:23:24 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/04/15 23:22:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\WinRAR
[2009/04/15 23:21:19 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/04/15 23:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Research In Motion
[2009/04/15 23:19:40 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 23:17:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/04/15 23:16:33 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/04/15 23:16:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/04/15 23:14:40 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/04/15 22:52:18 | 00,026,496 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2009/04/15 22:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/04/15 22:34:32 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/04/15 22:34:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/04/15 22:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GetRightToGo
[2009/04/15 21:54:52 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 13:04:05 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/04/15 13:03:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2009/04/15 13:03:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2009/04/15 13:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/04/15 12:42:39 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/04/14 22:04:58 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe
[2009/04/14 22:04:58 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2009/04/14 21:59:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbstor.sys
[2009/04/14 21:56:15 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/04/14 21:54:28 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/14 21:54:28 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/14 21:54:27 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/14 21:54:27 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/14 21:54:27 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/14 21:54:27 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/14 21:54:27 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/14 21:54:27 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/14 21:54:27 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/14 21:54:26 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/14 21:54:26 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/14 21:54:25 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/14 21:52:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/04/14 21:52:44 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/04/14 21:52:34 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/04/14 21:52:28 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/04/14 21:52:09 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/04/14 21:51:48 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/04/14 21:51:43 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/04/14 21:51:01 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/14 21:51:01 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009/04/14 21:51:01 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 21:51:01 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/14 21:50:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/04/14 21:50:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/04/14 21:45:07 | 00,002,193 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/04/14 21:45:07 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2009/04/14 21:40:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/04/14 21:40:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/14 21:40:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/04/14 21:39:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/04/14 21:39:51 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/04/14 21:16:43 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/14 21:16:10 | 00,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2009/04/14 21:16:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2009/04/14 21:16:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/04/14 21:16:10 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2009/04/14 21:16:10 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/04/14 21:16:10 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/04/14 21:16:10 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/04/14 21:16:08 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/04/14 21:16:08 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/04/14 21:16:08 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/04/14 21:16:07 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/04/14 21:16:07 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2009/04/14 21:16:07 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/04/14 21:16:07 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/04/14 21:16:07 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/04/14 21:16:07 | 00,079,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2009/04/14 21:16:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/04/14 21:16:07 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/04/14 21:16:07 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/04/14 21:16:07 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/04/14 21:16:07 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/04/14 21:16:07 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk7.sys
[2009/04/14 21:16:07 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2009/04/14 21:16:07 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/04/14 21:16:07 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2009/04/14 21:16:07 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/04/14 21:16:07 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/04/14 21:16:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/04/14 21:16:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/04/14 21:16:07 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/04/14 21:16:07 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2009/04/14 21:16:07 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/04/14 21:16:07 | 00,011,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2009/04/14 21:16:07 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2009/04/14 21:16:06 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/04/14 21:16:06 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009/04/14 21:16:06 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/04/14 21:16:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/04/14 21:16:06 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009/04/14 21:16:06 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/04/14 21:16:06 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/04/14 21:16:06 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthserv.dll
[2009/04/14 21:16:06 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009/04/14 21:16:06 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/04/14 21:16:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009/04/14 21:16:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/04/14 21:16:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tunmp.sys
[2009/04/14 21:16:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/04/14 21:16:06 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/04/14 21:16:06 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/04/14 21:16:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2009/04/14 21:16:05 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009/04/14 21:16:05 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/04/14 21:16:05 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/04/14 21:16:05 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/04/14 21:16:05 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009/04/14 21:16:05 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009/04/14 21:16:05 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll
[2009/04/14 21:16:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/04/14 21:16:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/04/14 21:16:05 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/04/14 21:16:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009/04/14 21:16:04 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2psvc.dll
[2009/04/14 21:16:04 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2009/04/14 21:16:04 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009/04/14 21:16:04 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009/04/14 21:16:04 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009/04/14 21:16:04 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfime.ime
[2009/04/14 21:16:04 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009/04/14 21:16:04 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2009/04/14 21:16:04 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009/04/14 21:16:04 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009/04/14 21:16:04 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009/04/14 21:16:04 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/04/14 21:16:04 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pnrpnsp.dll
[2009/04/14 21:16:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsnsv.dll
[2009/04/14 21:16:04 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009/04/14 21:16:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009/04/14 21:16:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009/04/14 21:16:03 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.dll
[2009/04/14 21:16:03 | 01,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2009/04/14 21:16:03 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009/04/14 21:16:03 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009/04/14 21:16:03 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009/04/14 21:16:03 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009/04/14 21:16:03 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/04/14 21:16:03 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpdxm.dll
[2009/04/14 21:16:03 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009/04/14 21:16:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2009/04/14 21:16:03 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009/04/14 21:16:03 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009/04/14 21:16:03 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009/04/14 21:16:03 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshbth.dll
[2009/04/14 21:16:03 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscsvc.dll
[2009/04/14 21:16:03 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/04/14 21:16:03 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twext.dll
[2009/04/14 21:16:03 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/04/14 21:16:03 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009/04/14 21:16:03 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/04/14 21:16:03 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/04/14 21:16:03 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009/04/14 21:16:03 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/04/14 21:16:02 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/04/14 21:16:02 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2009/04/14 21:16:02 | 00,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/04/14 21:16:02 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/04/14 21:16:02 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll
[2009/04/14 21:16:02 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009/04/14 21:14:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/14 21:13:08 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009/04/14 21:12:15 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/14 21:12:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/04/14 21:11:53 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/04/14 21:10:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/14 21:10:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/04/14 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Macromedia
[2009/04/14 20:32:41 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/04/14 20:32:40 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/04/14 20:32:37 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2009/04/14 20:32:37 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\AvRack
[2009/04/14 20:32:36 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/04/14 20:28:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/04/14 20:27:39 | 01,428,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvidctl.dll
[2009/04/14 20:27:39 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/14 20:27:39 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009/04/14 20:27:39 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009/04/14 20:27:39 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009/04/14 20:27:39 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009/04/14 20:27:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2009/04/14 20:27:39 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/04/14 20:27:39 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009/04/14 20:27:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2009/04/14 20:27:39 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009/04/14 20:27:39 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009/04/14 20:27:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msyuv.dll
[2009/04/14 20:27:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009/04/14 20:27:39 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009/04/14 20:27:39 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009/04/14 20:27:39 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009/04/14 20:27:38 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/04/14 20:27:38 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/04/14 20:27:38 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/04/14 20:27:38 | 00,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2009/04/14 20:27:38 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009/04/14 20:27:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009/04/14 20:27:38 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/04/14 20:27:38 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009/04/14 20:27:38 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/04/14 20:27:38 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/04/14 20:27:38 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys
[2009/04/14 20:27:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/04/14 20:27:37 | 00,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2009/04/14 20:27:37 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/04/14 20:27:37 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2009/04/14 20:27:37 | 00,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2009/04/14 20:27:36 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009/04/14 20:27:36 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009/04/14 20:27:36 | 01,318,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/04/14 20:27:36 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2009/04/14 20:27:36 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2009/04/14 20:27:36 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2009/04/14 20:27:36 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2009/04/14 20:27:36 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2009/04/14 20:27:36 | 00,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2009/04/14 20:27:36 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2009/04/14 20:27:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2009/04/14 20:27:36 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2009/04/14 20:27:36 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/04/14 20:27:36 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2009/04/14 20:27:36 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2009/04/14 20:27:36 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2009/04/14 20:27:36 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2009/04/14 20:27:36 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/04/14 20:27:36 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2009/04/14 20:27:36 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2009/04/14 20:27:36 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/04/14 20:27:36 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2009/04/14 20:27:36 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2009/04/14 20:27:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2009/04/14 20:27:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009/04/14 20:27:36 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2009/04/14 20:27:36 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2009/04/14 20:27:35 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2009/04/14 20:27:35 | 00,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2009/04/14 20:27:35 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2009/04/14 20:27:35 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2009/04/14 20:27:35 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2009/04/14 20:27:35 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2009/04/14 20:27:35 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2009/04/14 20:27:35 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2009/04/14 20:27:35 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/04/14 20:27:35 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2009/04/14 20:27:35 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2009/04/14 20:26:56 | 00,741,376 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/04/14 20:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\ResChanger 2005
[2009/04/14 20:23:56 | 00,081,191 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/14 20:23:21 | 00,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/04/14 20:23:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/14 20:22:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/04/14 20:22:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Mozilla
[2009/04/14 20:22:07 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 20:22:03 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/14 09:10:26 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/04/14 09:10:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Identities
[2009/04/14 09:10:20 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/04/14 09:10:19 | 00,000,077 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Pictures
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Music
[2009/04/14 09:10:17 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\desktop.ini
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temporary Internet Files
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\History
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Microsoft
[2009/04/14 09:10:17 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data
[2009/04/14 09:10:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp
[2009/04/14 09:09:38 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/14 09:09:19 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/04/14 09:06:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/04/14 09:06:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/04/14 09:06:47 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/04/14 09:06:47 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/04/14 09:06:47 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/04/14 09:06:46 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/04/14 09:06:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/04/14 09:06:45 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/04/14 09:06:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/04/14 09:06:45 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/04/14 09:06:44 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/04/14 09:06:44 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/04/14 09:06:43 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/04/14 09:06:43 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/04/14 09:06:42 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/04/14 09:06:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/04/14 09:06:41 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/04/14 09:06:41 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/04/14 09:06:41 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/04/14 09:06:41 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/04/14 09:06:40 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/04/14 09:06:40 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/04/14 09:06:40 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/04/14 09:06:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/04/14 09:06:38 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/04/14 09:06:37 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/04/14 09:06:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/04/14 09:06:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/04/14 09:06:36 | 00,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2009/04/14 09:06:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/04/14 09:06:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/04/14 09:06:35 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/04/14 09:06:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/04/14 09:06:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/04/14 09:06:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/04/14 09:06:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/04/14 09:06:31 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/04/14 09:06:31 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/04/14 09:06:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/04/14 09:06:30 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/04/14 09:06:29 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/04/14 09:06:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/04/14 09:06:28 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/04/14 09:06:27 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/04/14 09:06:27 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/04/14 09:06:27 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/04/14 09:06:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/04/14 09:06:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/04/14 09:06:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/04/14 09:06:25 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/04/14 09:06:25 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/04/14 09:06:25 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/04/14 09:06:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/04/14 09:06:25 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/04/14 09:06:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/04/14 09:06:24 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/04/14 09:06:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/04/14 09:06:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/04/14 09:06:24 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/04/14 09:06:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/04/14 09:06:24 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/04/14 09:06:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/04/14 09:06:21 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/04/14 09:06:20 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/04/14 09:06:17 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/04/14 09:06:17 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/04/14 09:06:13 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/04/14 09:06:13 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/04/14 09:06:12 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/04/14 09:06:12 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/04/14 09:06:11 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/04/14 09:06:10 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/04/14 09:06:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/04/14 09:06:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/04/14 09:06:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/04/14 09:06:08 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/04/14 09:06:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/04/14 09:06:08 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/04/14 09:06:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/04/14 09:06:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/04/14 09:06:05 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/04/14 09:06:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/04/14 09:06:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/04/14 09:06:04 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/04/14 09:06:04 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/04/14 09:06:04 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/04/14 09:06:03 | 00,282,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/04/14 09:06:03 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/04/14 09:06:03 | 00,254,007 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/04/14 09:06:03 | 00,229,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/04/14 09:06:03 | 00,225,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/04/14 09:06:03 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/04/14 09:06:03 | 00,087,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/04/14 09:06:03 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/04/14 09:06:03 | 00,065,589 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/04/14 09:06:02 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/04/14 09:06:02 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/04/14 09:06:02 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/04/14 09:06:02 | 00,327,737 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/04/14 09:06:02 | 00,176,185 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/04/14 09:06:02 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/04/14 09:06:02 | 00,077,878 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/04/14 09:06:01 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/04/14 09:06:01 | 00,331,839 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/04/14 09:06:01 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/04/14 09:06:01 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/04/14 09:06:01 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/04/14 09:06:01 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/04/14 09:06:01 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/04/14 09:06:01 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/04/14 09:06:01 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/04/14 09:06:01 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/04/14 09:06:00 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/04/14 09:06:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/04/14 09:05:56 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/04/14 09:05:52 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/04/14 09:05:49 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/04/14 09:05:47 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/04/14 09:05:47 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/04/14 09:05:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/14 09:05:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/14 09:05:45 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/14 09:05:45 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/14 09:05:44 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/04/14 09:05:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/04/14 09:05:43 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/04/14 09:05:43 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/04/14 09:05:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/04/14 09:05:42 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/04/14 09:05:42 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/04/14 09:05:42 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/04/14 09:05:42 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/04/14 09:05:39 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/04/14 09:05:38 | 00,077,879 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/04/14 09:05:38 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/04/14 09:05:38 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/04/14 09:05:38 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/04/14 09:05:37 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/04/14 09:05:36 | 00,500,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/04/14 09:05:36 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/04/14 09:05:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/04/14 09:05:35 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/04/14 09:05:35 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/04/14 09:05:35 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/04/14 09:05:35 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/04/14 09:05:35 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/04/14 09:05:34 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/04/14 09:05:34 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/04/14 09:05:34 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/04/14 09:05:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/04/14 09:05:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/04/14 09:05:33 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/04/14 09:05:33 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/04/14 09:05:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/04/14 09:05:32 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/04/14 09:05:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/04/14 09:05:31 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/04/14 09:05:31 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/04/14 09:05:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/04/14 09:05:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/04/14 09:05:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/04/14 09:05:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/04/14 09:05:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/04/14 09:05:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/04/14 09:05:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/04/14 09:05:26 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/04/14 09:05:22 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/04/14 09:05:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/04/14 09:05:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/04/14 09:05:21 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/04/14 09:05:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/04/14 09:05:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/04/14 09:05:17 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/04/14 09:04:56 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:04:53 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/04/14 09:04:47 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:04:03 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/04/14 09:04:03 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/14 09:03:44 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/04/14 09:03:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/04/14 09:03:29 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009/04/14 09:03:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/04/14 09:03:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/04/14 09:03:22 | 00,319,551 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009/04/14 09:03:22 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009/04/14 09:03:22 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009/04/14 09:03:22 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/04/14 09:03:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/04/14 09:03:06 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/04/14 09:03:04 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/04/14 09:03:04 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/04/14 09:03:04 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/04/14 09:03:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/04/14 09:02:55 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/04/14 09:02:55 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/04/14 09:02:55 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/04/14 09:02:55 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/04/14 09:02:55 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/04/14 09:02:55 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/04/14 09:02:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/04/14 09:02:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/04/14 09:02:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/04/14 09:02:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/04/14 09:02:53 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/04/14 09:02:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/04/14 09:02:53 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/04/14 09:02:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/04/14 09:02:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/04/14 09:02:50 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/04/14 09:02:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/04/14 09:02:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/04/14 09:02:50 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/04/14 09:02:49 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/04/14 09:02:49 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/04/14 09:02:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009/04/14 09:02:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/04/14 09:02:47 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/04/14 09:02:47 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/04/14 09:02:44 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/04/14 09:02:44 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/04/14 09:02:44 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/04/14 09:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/04/14 09:02:43 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/04/14 09:02:43 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/04/14 09:02:43 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/04/14 09:02:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/04/14 09:02:43 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/04/14 09:02:43 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/04/14 09:02:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/04/14 09:02:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/04/14 09:02:41 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/04/14 09:02:41 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/04/14 09:02:41 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/04/14 09:02:41 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/04/14 09:02:41 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/04/14 09:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/04/14 09:02:37 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/04/14 09:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/04/14 09:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/04/14 09:02:12 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/04/14 09:01:55 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/04/14 09:01:55 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/04/14 09:01:44 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/14 09:01:44 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/14 09:01:44 | 00,063,057 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/14 09:01:44 | 00,063,054 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/14 09:01:43 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/14 09:01:43 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/14 09:01:43 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/14 09:01:43 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/14 09:01:43 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/14 09:01:43 | 00,063,055 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/14 09:01:43 | 00,063,053 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/14 09:01:43 | 00,063,053 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/14 09:01:43 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/14 09:01:43 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/14 09:01:43 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/14 09:01:42 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/14 09:01:42 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/14 09:01:42 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/14 09:01:42 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/14 09:01:42 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/14 09:01:41 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/14 09:01:41 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/14 09:01:41 | 00,057,417 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/14 09:01:41 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/14 09:01:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/14 09:01:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/14 09:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/04/14 09:01:32 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/04/14 09:01:32 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/14 09:01:32 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/14 09:01:32 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/04/14 09:01:32 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/04/14 09:01:32 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/14 09:01:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/04/14 09:01:30 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/04/14 09:01:26 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/14 09:01:26 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/14 09:01:26 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/14 09:01:26 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/14 09:01:26 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/14 09:01:26 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/14 09:01:26 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/14 09:01:25 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/04/14 09:01:25 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/14 09:01:25 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/14 09:01:25 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/14 09:01:25 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/14 09:01:25 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/14 09:01:25 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/14 09:01:25 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/14 09:01:25 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/14 09:01:25 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/14 09:01:24 | 00,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/04/14 09:01:24 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/14 09:01:24 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/14 09:01:24 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/14 09:01:24 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/14 09:01:24 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/14 09:01:24 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/14 09:01:24 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/14 09:01:24 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/14 09:01:24 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/04/14 09:01:23 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/14 09:01:23 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/14 09:01:23 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/14 09:01:23 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/14 09:01:23 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/14 09:01:23 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/04/14 09:01:23 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/04/14 09:01:22 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/04/14 09:01:22 | 00,698,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/04/14 09:01:22 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/04/14 09:01:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/04/14 09:01:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/04/14 09:01:22 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/04/14 09:01:22 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/04/14 09:01:22 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/04/14 09:01:22 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/04/14 09:01:22 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/04/14 09:01:22 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/04/14 09:01:22 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/04/14 09:01:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/04/14 09:01:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/04/14 09:01:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/04/14 09:01:21 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/04/14 09:01:21 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/04/14 09:01:21 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/04/14 09:01:21 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/04/14 09:01:21 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/04/14 09:01:21 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/04/14 09:01:21 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/04/14 09:01:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/04/14 09:01:21 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/04/14 09:01:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/04/14 09:01:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/04/14 09:01:21 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/04/14 09:01:21 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/04/14 09:01:21 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/04/14 09:01:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/04/14 09:01:21 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/04/14 09:01:20 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/04/14 09:01:20 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/04/14 09:01:20 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/04/14 09:01:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/04/14 09:01:20 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/04/14 09:01:20 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/04/14 09:01:20 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/04/14 09:01:20 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/04/14 09:01:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/04/14 09:01:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/04/14 09:01:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/04/14 09:01:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/04/14 09:01:19 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/04/14 09:01:19 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/04/14 09:01:19 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/04/14 09:01:19 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/04/14 09:01:19 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/04/14 09:01:18 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/04/14 09:01:18 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/04/14 09:01:18 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/04/14 09:01:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/04/14 09:01:18 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/04/14 09:01:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/04/14 09:01:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/04/14 09:01:17 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/04/14 09:01:17 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/04/14 09:01:17 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/04/14 09:01:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/04/14 09:01:17 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/04/14 09:01:17 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/04/14 09:01:17 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/04/14 09:01:16 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/04/14 09:01:16 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/04/14 09:01:16 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/04/14 09:01:16 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/04/14 09:01:16 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/04/14 09:01:12 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/04/14 09:01:11 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/04/14 09:01:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/04/14 09:01:11 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/04/14 09:01:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/04/14 09:01:10 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/04/14 09:01:10 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/04/14 09:01:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/04/14 09:01:10 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/04/14 09:01:10 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/04/14 09:01:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/04/14 09:01:09 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/04/14 09:01:08 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/04/14 09:01:08 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/04/14 09:01:07 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/04/14 09:01:07 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/14 09:01:07 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/04/14 09:01:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/04/14 09:01:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/04/14 09:01:04 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/04/14 09:01:04 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2006/08/11 23:45:20 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 23:43:10 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/11 23:43:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/11 23:43:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/11 23:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/11 23:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/11 23:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001/08/23 07:00:00 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\6to4v32.dll
[2001/08/23 07:00:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/08/23 07:00:00 | 00,000,006 | ---- | C] () -- C:\WINDOWS\System32\FInstall.sys

========== Files - Modified Within 30 Days ==========

[9 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/05/05 17:26:57 | 00,098,940 | ---- | M] () -- C:\WINDOWS\System32\drivers\d38c0739.sys
[2009/05/05 17:22:39 | 00,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/05 17:20:49 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009/05/05 17:20:46 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\tqoe50f.sys
[2009/05/05 17:20:45 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reader_s.exe
[2009/05/05 17:20:44 | 00,069,632 | ---- | M] () -- C:\WINDOWS\services.exe
[2009/05/05 17:20:06 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/05/05 17:20:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/05 17:20:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/05 17:09:54 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\jhec76a.sys
[2009/05/05 17:09:02 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/04 16:39:31 | 00,523,776 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\OTListIt2.exe
[2009/05/03 17:01:04 | 00,022,528 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 16:23:35 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 16:22:55 | 00,769,686 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32.zip
[2009/05/03 16:22:52 | 13,171,671 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\avidemux_2.4.4_win32.exe
[2009/05/03 13:45:40 | 01,615,732 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer.zip
[2009/05/03 13:10:38 | 13,308,944 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\cureit.exe
[2009/05/03 11:58:00 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/05/02 22:00:19 | 00,305,001 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/02 21:56:26 | 00,000,043 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090502-220019.backup
[2009/05/02 21:39:00 | 00,682,369 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\WinsockFix.zip
[2009/05/01 17:19:26 | 14,482,140 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\vlc-0.9.2-win32.exe
[2009/05/01 17:19:08 | 00,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 15:45:35 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/05/01 15:35:11 | 00,005,205 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\thick_crosshairs.zip
[2009/05/01 14:58:25 | 00,108,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 14:58:02 | 00,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/01 14:58:02 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/01 14:58:02 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/01 10:49:00 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/04/30 15:05:15 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/29 16:32:55 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/29 09:39:42 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/29 00:44:56 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/28 16:50:51 | 00,304,984 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2009/04/28 16:46:27 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/28 16:46:27 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/28 16:46:27 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/28 15:47:28 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090428-165051.backup
[2009/04/28 15:45:01 | 00,000,128 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/28 11:56:28 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 11:56:28 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:09:31 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\ferryl.cbv
[2009/04/28 11:09:31 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\inqby.sr
[2009/04/28 11:09:30 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\fairy.an
[2009/04/28 11:09:29 | 00,079,360 | ---- | M] () -- C:\WINDOWS\System32\ashl.nq
[2009/04/28 11:09:29 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\dolman.zt
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/26 15:43:00 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/26 15:41:58 | 00,110,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/25 22:46:30 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/25 21:04:46 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/04/23 12:43:58 | 00,212,992 | ---- | M] (199.8111.6121.312) -- C:\WINDOWS\System32\tpszxyd.sys
[2009/04/23 12:43:57 | 00,233,472 | ---- | M] (199.8111.6121.312) -- C:\WINDOWS\System32\w.exe
[2009/04/22 17:56:30 | 00,036,864 | ---- | M] (eurtmfxs) -- C:\WINDOWS\System32\dpcxool64.sys
[2009/04/15 23:27:37 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:19:40 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 21:54:52 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/04/14 21:12:57 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/14 20:26:52 | 00,741,376 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/04/14 20:22:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:07 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 09:10:25 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:09:19 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:56 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:02:12 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:03 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/04/14 09:02:03 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 07:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >

P.S. My attachment space is dwindling. Shouldn't it reset after each post?

Thanks

Attached Files

05052009_171733.log 14.22K 1 downloads

Edited by mamoon0, 05 May 2009 - 05:41 PM.

#10 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 06 May 2009 - 08:36 AM

Don't attach the files. Just copy and paste them directly into your post.

Run OTListIt2.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - [2009/05/05 17:10:02 | 00,260,096 | ---- | M] () -- C:\WINDOWS\dhcp\svchost.exe
SRV - [2008/04/13 19:11:56 | 00,019,968 | ---- | M] () -- C:\WINDOWS\system32\6to4v32.dll -- (6to4 [Auto | Running])
SRV - [2009/05/05 17:10:02 | 00,260,096 | ---- | M] () -- C:\WINDOWS\dhcp\svchost.exe -- (dhcpsrv [Auto | Running])
DRV - [2009/05/05 17:09:54 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\jhec76a.sys -- (jhec76a [System | Stopped])
DRV - [2009/05/05 17:20:46 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\tqoe50f.sys -- (tqoe50f [System | Running])
DRV - [2009/05/05 17:20:49 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys -- (protect [Boot | Running])
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe (Microsoft Corporation)
O4 - HKLM..\Run: [services] C:\WINDOWS\services.exe ()
O4 - HKLM..\Run: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" (All)
O4 - HKU\.default..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\.default..\Run: [svc] c:\program Files\ThunMail\testabd.exe ()
O4 - HKU\s-1-5-18..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKU\s-1-5-18..\Run: [svc] c:\program Files\ThunMail\testabd.exe ()
O4 - HKU\s-1-5-21-1801674531-725345543-839522115-1003..\Run: [reader_s] C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe" (All)


:Files
c:\program Files\ThunMail
C:\WINDOWS\System32\drivers\d38c0739.sys
C:\WINDOWS\System32\inqby.sr
C:\WINDOWS\System32\ferryl.cbv
C:\WINDOWS\System32\fairy.an
C:\WINDOWS\System32\dolman.zt
C:\WINDOWS\System32\ashl.nq
C:\WINDOWS\System32\drivers\protect.sys
C:\WINDOWS\System32\drivers\tqoe50f.sys
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\w.exe
C:\WINDOWS\System32\tpszxyd.sys
C:\WINDOWS\System32\dpcxool64.sys
C:\WINDOWS\services.exe
C:\WINDOWS\System32\drivers\jhec76a.sys
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp

:Commands
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL2 log

===============

Immediately upon rebooting run a new scan with Dr. Web.
Please post the resulting log.

==============

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

#11 mamoon0

New Member

Members
10 posts

Posted 06 May 2009 - 05:41 PM

Hello Sam,

Here are the logs like you asked. Is it possible for a virus to throttle your connection as well? That's been happening to me lately as well. Also, if you can't figure anything out, I did a fresh install of the OS 3 weeks ago, so I can reinstall again no problem if it comes to that.

========== OTLISTIT ==========
Process explorer.exe killed successfully!
No active process named svchost.exe was found!
Service\Driver 6to4 stopped successfully.
Service\Driver 6to4 deleted successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\6to4v32.dll
C:\WINDOWS\system32\6to4v32.dll NOT unregistered.
C:\WINDOWS\system32\6to4v32.dll moved successfully.

Service\Driver dhcpsrv deleted successfully.
C:\WINDOWS\dhcp\svchost.exe moved successfully.

Service\Driver jhec76a deleted successfully.
C:\WINDOWS\System32\drivers\jhec76a.sys moved successfully.

Service\Driver tqoe50f deleted successfully.
C:\WINDOWS\System32\drivers\tqoe50f.sys moved successfully.
Service\Driver protect stopped successfully.
Service\Driver protect deleted successfully.
C:\WINDOWS\System32\drivers\protect.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\reader_s deleted successfully.
C:\WINDOWS\System32\reader_s.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\services deleted successfully.
C:\WINDOWS\services.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\svchost.exe not found.
C:\WINDOWS\system32\3361\SVCHOST.exe moved successfully.
Registry value HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Run\\reader_s deleted successfully.
C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe moved successfully.
Registry value HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Run\\svc deleted successfully.
c:\program Files\ThunMail\testabd.exe moved successfully.
Registry value HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\reader_s not found.
File C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe not found.
Registry value HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\svc not found.
File c:\program Files\ThunMail\testabd.exe not found.
Registry value HKEY_USERS\s-1-5-21-1801674531-725345543-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\reader_s not found.
File C:\Documents and Settings\Mamoon Siddiqui\reader_s.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\svchost.exe not found.
File "C:\WINDOWS\system32\3361\SVCHOST.exe" not found.
========== FILES ==========
c:\program Files\ThunMail moved successfully.
File move failed. C:\WINDOWS\System32\drivers\d38c0739.sys scheduled to be moved on reboot.
C:\WINDOWS\System32\inqby.sr moved successfully.
C:\WINDOWS\System32\ferryl.cbv moved successfully.
C:\WINDOWS\System32\fairy.an moved successfully.
C:\WINDOWS\System32\dolman.zt moved successfully.
C:\WINDOWS\System32\ashl.nq moved successfully.
File\Folder C:\WINDOWS\System32\drivers\protect.sys not found.
File\Folder C:\WINDOWS\System32\drivers\tqoe50f.sys not found.
File\Folder C:\WINDOWS\System32\reader_s.exe not found.
File\Folder C:\WINDOWS\System32\w.exe not found.
C:\WINDOWS\System32\tpszxyd.sys moved successfully.
File\Folder C:\WINDOWS\System32\dpcxool64.sys not found.
File\Folder C:\WINDOWS\services.exe not found.
File\Folder C:\WINDOWS\System32\drivers\jhec76a.sys not found.
C:\WINDOWS\System32\10.tmp moved successfully.
C:\WINDOWS\System32\14.tmp moved successfully.
C:\WINDOWS\System32\16.tmp moved successfully.
C:\WINDOWS\System32\19.tmp moved successfully.
C:\WINDOWS\System32\25.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002362_.tmp moved successfully.
C:\WINDOWS\005540_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET7.tmp moved successfully.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_7knSHTe7iaB9As7iICc0 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_V6BQICvKCql3g69UmR6X scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_V6BQICvKCql3g69UmR6X-journal scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\~DFE960.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.3 log created on 05062009_155522

Files moved on Reboot...
File C:\WINDOWS\System32\drivers\d38c0739.sys not found!
File C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_7knSHTe7iaB9As7iICc0 not found!
File C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_V6BQICvKCql3g69UmR6X not found!
File C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\etilqs_V6BQICvKCql3g69UmR6X-journal not found!
File C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\~DFE960.tmp not found!

Registry entries deleted on Reboot...

-----------------------------------------------------------------------------------------------------------------------------------------------

alg.exe;c:\windows\system32;Win32.Virut.56;Cured.;
cisvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
clipsrv.exe;c:\windows\system32;Win32.Virut.56;Cured.;
dllhost.exe;c:\windows\system32;Win32.Virut.56;Cured.;
dmadmin.exe;c:\windows\system32;Win32.Virut.56;Cured.;
explorer.exe;c:\windows;Win32.Virut.56;Cured.;
ie4uinit.exe;c:\windows\system32;Win32.Virut.56;Cured.;
imapi.exe;c:\windows\system32;Win32.Virut.56;Cured.;
locator.exe;c:\windows\system32;Win32.Virut.56;Cured.;
logon.scr;c:\windows\system32;Win32.Virut.56;Cured.;
logonui.exe;c:\windows\system32;Win32.Virut.56;Cured.;
mnmsrvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
msdtc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
msiexec.exe;c:\windows\system32;Win32.Virut.56;Cured.;
netdde.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ntsd.exe;c:\windows\system32;Win32.Virut.56;Cured.;
nvsvc32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
nvsvc32.exe;c:\windows\system32;Trojan.PWS.Bebu.origin;;
regsvr32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
rsvp.exe;c:\windows\system32;Win32.Virut.56;Cured.;
rundll32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
scardsvr.exe;c:\windows\system32;Win32.Virut.56;Cured.;
sessmgr.exe;c:\windows\system32;Win32.Virut.56;Cured.;
setup50.exe;c:\program files\outlook express;Win32.Virut.56;Cured.;
shmgrate.exe;c:\windows\system32;Win32.Virut.56;Cured.;
smlogsvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
soundman.exe;c:\windows;Win32.Virut.56;Cured.;
spoolsv.exe;c:\windows\system32;Win32.Virut.56;Cured.;
svchost.exe;c:\windows\system32;Win32.Virut.56;Cured.;
teatimer.exe;c:\program files\spybot - search & destroy;Win32.Virut.56;Cured.;
tlntsvr.exe;c:\windows\system32;Win32.Virut.56;Cured.;
unregmp2.exe;c:\windows\inf;Win32.Virut.56;Cured.;
ups.exe;c:\windows\system32;Win32.Virut.56;Cured.;
userinit.exe;c:\windows\system32;Win32.Virut.56;Cured.;
vssvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
winmgmt.exe;c:\windows\system32\wbem;Win32.Virut.56;Cured.;
wmiapsrv.exe;c:\windows\system32\wbem;Win32.Virut.56;Cured.;
wmiprvse.exe;c:\windows\system32\wbem;Win32.Virut.56;Cured.;
xpnetdiag.exe;c:\windows\network diagnostic;Win32.Virut.56;Cured.;
DivFix++.exe;C:\Documents and Settings\Mamoon Siddiqui\Desktop;Win32.Virut.56;Cured.;
JADMaker.exe;C:\Documents and Settings\Mamoon Siddiqui\Desktop\Keep\BSCJartoALXSetup_1_4\Brandon Swift Creations\Jar 2 ALX\JADMaker;Win32.Virut.56;Cured.;
Droplet Template.exe;C:\Documents and Settings\Mamoon Siddiqui\Desktop\Keep\PhotoshopPortable\App\Photoshop\Required;Win32.Virut.56;Cured.;
Cleaner.exe;C:\Documents and Settings\Mamoon Siddiqui\My Documents\DVDVideoSoft;Win32.Virut.56;Cured.;
install.exe;C:\Documents and Settings\Mamoon Siddiqui\temp\TeamViewer\Version4;Win32.Virut.56;Cured.;
install64.exe;C:\Documents and Settings\Mamoon Siddiqui\temp\TeamViewer\Version4;Win32.Virut.56;Cured.;
avidemux2_cli.exe;C:\Program Files\Avidemux 2.4;Win32.Virut.56;Cured.;
avidemux2_qt4.exe;C:\Program Files\Avidemux 2.4;Win32.Virut.56;Cured.;
rtlrack.exe;C:\Program Files\AvRack;Win32.Virut.56;Cured.;
uninstall.exe;C:\Program Files\Brandon Swift Creations;Win32.Virut.56;Cured.;
JADMaker.exe;C:\Program Files\Brandon Swift Creations\Jar 2 Alx\JADMaker;Win32.Virut.56;Cured.;
FixComponents.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.Virut.56;Cured.;
FixComponentsSilent.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.Virut.56;Cured.;
FreeStudioManager.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.Virut.56;Cured.;
Uninstall.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.Virut.56;Cured.;
ffmpeg.exe;C:\Program Files\Common Files\DVDVideoSoft\Dll;Win32.Virut.56;Cured.;
mencoder.exe;C:\Program Files\Common Files\DVDVideoSoft\Dll;Win32.Virut.56;Cured.;
ikernel.exe;C:\Program Files\Common Files\InstallShield\engine\6\Intel 32;Win32.Virut.56;Cured.;
knlwrap.exe;C:\Program Files\Common Files\InstallShield\engine\6\Intel 32;Win32.Virut.56;Cured.;
DotNetInstaller.exe;C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32;Win32.Virut.56;Cured.;
msinfo32.exe;C:\Program Files\Common Files\Microsoft Shared\MSInfo;Win32.Virut.56;Cured.;
OFFPRV10.EXE;C:\Program Files\Common Files\Microsoft Shared\MSInfo;Win32.Virut.56;Cured.;
SrchAdmStp.exe;C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin;Win32.Virut.56;Cured.;
MSOICONS.EXE;C:\Program Files\Common Files\Microsoft Shared\Office10;Win32.Virut.56;Cured.;
sapisvr.exe;C:\Program Files\Common Files\Microsoft Shared\Speech;Win32.Virut.56;Cured.;
BbDevMgr.exe;C:\Program Files\Common Files\Research In Motion\USB Drivers;Win32.Virut.56;Cured.;
Free3GPVideoConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free 3GP Video Converter;Win32.Virut.56;Cured.;
FreeAudioCDBurner.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Audio CD Burner;Win32.Virut.56;Cured.;
FreeAudioConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Audio Converter;Win32.Virut.56;Cured.;
FreeAudioDub.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Audio Dub;Win32.Virut.56;Cured.;
FreeDiscBurner.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Disc Burner;Win32.Virut.56;Cured.;
FreeDVDDecrypter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free DVD Decrypter;Win32.Virut.56;Cured.;
FreeDVDVideoBurner.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free DVD Video Burner;Win32.Virut.56;Cured.;
FreeVideoDub.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video Dub;Win32.Virut.56;Cured.;
FreeVideoFlipAndRotate.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video Flip and Rotate;Win32.Virut.56;Cured.;
FreeVideoToDVDConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to DVD Converter;Win32.Virut.56;Cured.;
FreeVideoToFlashConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to Flash Converter;Win32.Virut.56;Cured.;
FreeVideoToiPhoneConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to iPhone Converter;Win32.Virut.56;Cured.;
FreeVideoToiPodConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to iPod Converter;Win32.Virut.56;Cured.;
FreeVideoToJPGConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to JPG Converter;Win32.Virut.56;Cured.;
FreeVideoToMP3Converter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free Video to Mp3 Converter;Win32.Virut.56;Cured.;
FreeYouTubeDownload.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube Download;Win32.Virut.56;Cured.;
FreeYouTubeToiPhoneConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube to iPhone Converter;Win32.Virut.56;Cured.;
FreeYouTubeToiPodConverter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube to iPod Converter;Win32.Virut.56;Cured.;
FreeYouTubeToMP3Converter.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube to Mp3 Converter;Win32.Virut.56;Cured.;
FreeYouTubeUploader.exe;C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube Uploader;Win32.Virut.56;Cured.;
uninstall.exe;C:\Program Files\ffdshow;Win32.Virut.56;Cured.;
Foxit Reader.exe;C:\Program Files\Foxit Software\Foxit Reader;Win32.Virut.56;Cured.;
Uninstall.exe;C:\Program Files\Foxit Software\Foxit Reader;Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E};Win32.Virut.56;Cured.;
iedw.exe;C:\Program Files\Internet Explorer;Win32.Virut.56;Cured.;
iexplore.exe;C:\Program Files\Internet Explorer;Win32.Virut.56;Cured.;
icwconn1.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwconn2.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwrmind.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwtutor.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
inetwiz.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
isignup.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
mbam.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.Virut.56;Cured.;
MCDLC.EXE;C:\Program Files\Microsoft Office\Office10;Win32.Virut.56;Cured.;
WAVTOASF.EXE;C:\Program Files\Microsoft Office\Office10;Win32.Virut.56;Cured.;
moviemk.exe;C:\Program Files\Movie Maker;Win32.Virut.56;Cured.;
cb32.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
conf.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
wb32.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
msimn.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
oemig50.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
wab.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
wabmig.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
ResChanger2005.exe;C:\Program Files\ResChanger 2005;Win32.Virut.56;Cured.;
ODSViewer.exe;C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Lotus Notes5.0;Win32.Virut.56;Cured.;
fledge.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
focusFlipper.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
JavaLoader.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
launcher.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
preverify.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
rapc.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\bin;Win32.Virut.56;Cured.;
launcher.exe;C:\Program Files\Research In Motion\BlackBerry JDE 4.0.2\ESS\bin;Win32.Virut.56;Cured.;
KAPIKUMTDIBBGCQ.scr;C:\Program Files\Spybot - Search & Destroy;Win32.Virut.56;Cured.;
SDFiles.exe;C:\Program Files\Spybot - Search & Destroy;Win32.Virut.56;Cured.;
SDShred.exe;C:\Program Files\Spybot - Search & Destroy;Win32.Virut.56;Cured.;
hl2.exe;C:\Program Files\Steam\steamapps\mamoon0\counter-strike source;Win32.Virut.56;Cured.;
HijackThis.exe;C:\Program Files\Trend Micro\HijackThis;Win32.Virut.56;Cured.;
backup-20090429-163507-259.dll;C:\Program Files\Trend Micro\HijackThis\backups;Trojan.DownLoad.36165;Deleted.;
dlimport.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
migrate.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
mplayer2.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
setup_wm.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmplayer.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
dialer.exe;C:\Program Files\Windows NT;Win32.Virut.56;Cured.;
hypertrm.exe;C:\Program Files\Windows NT;Win32.Virut.56;Cured.;
wordpad.exe;C:\Program Files\Windows NT\Accessories;Win32.Virut.56;Cured.;
pinball.exe;C:\Program Files\Windows NT\Pinball;Win32.Virut.56;Cured.;
Rar.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
RarExtLoader.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
Uninstall.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
UnRAR.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
WinRAR.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
alcrmv.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
alcupd.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
iun6002.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
TASKMAN.EXE;C:\WINDOWS;Win32.Virut.56;Cured.;
twunk_32.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$hf_mig$\KB923561\SP2QFE;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$hf_mig$\KB923561\SP3GDR;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$hf_mig$\KB923561\SP3QFE;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$hf_mig$\KB951978\SP3QFE;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$hf_mig$\KB951978\SP3QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP3GDR;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP3QFE;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\$hf_mig$\KB956572\SP2QFE;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$hf_mig$\KB956572\SP2QFE;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$hf_mig$\KB956572\SP2QFE;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3GDR;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3GDR;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3GDR;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3QFE;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3QFE;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$hf_mig$\KB956572\SP3QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB963027\SP2QFE;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\$MSI31Uninstall_KB893803v2$;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
admin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
alg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
aspnet_regiis.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
aspnet_wp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
asr_fmt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
asr_pfu.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
author.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
bootcfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cfgwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cipher.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cisvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
clipsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
comsdupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
conf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
davcdata.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dialer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dllhost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dmadmin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
driverquery.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
drvqry.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evcreate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
eventcreate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
eventtriggers.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evntcmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evntwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evtrig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fp98sadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fp98swin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpadmcgi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpcount.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpremadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpsrvadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxssvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
getmac.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
gpresult.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
gprslt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwconn1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwconn2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwrmind.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ieexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iisrstas.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
imapi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
inetin51.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
inetwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logon.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logonui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
lsass.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mnmsrvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
moviemk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mqbkup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mqsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mqtgsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msdtc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msimn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msiregmv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mtstocom.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
muisetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netfxupdate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ntbackup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
oemig50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
openfiles.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
opnfiles.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
pinball.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
regsvr32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rsnotify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rundll32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scardsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
schtasks.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sctasks.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
secedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sessmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setregni.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setup50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shmgrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shtml.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smi2smir.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smlogsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
snmp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
snmptrap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spiisupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
stub_fpsrvwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
svchost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sysinfo.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
systeminfo.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
taskkill.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tasklist.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tcptest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tlntadmn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tlntsess.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tlntsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
togac.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tourstart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tourstrt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tp4mon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tracerpt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ups.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
userinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
vssvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wabmig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiapsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmic.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wuauclt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885884$\spuninst;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$NtUninstallKB923561$;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$NtUninstallKB923561_0$;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$NtUninstallKB951978$;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$NtUninstallKB951978$;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\$NtUninstallKB952069_WM9$;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\$NtUninstallKB956572$;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$NtUninstallKB956572$;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$NtUninstallKB956572$;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\$NtUninstallKB956572_0$;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$NtUninstallKB956572_0$;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$NtUninstallKB956572_0$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB963027_0$;Win32.Virut.56;Cured.;
places.exe;C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227};Win32.Virut.56;Cured.;
accicons.exe;C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
outicon.exe;C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
wordicon.exe;C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
xlicons.exe;C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
DesktopMgr.exe;C:\WINDOWS\Installer\{98DC111A-7C22-4C26-B2A1-E654264DAC1E};Win32.Virut.56;Cured.;
NETFXSBS10.exe;C:\WINDOWS\Microsoft.NET\Framework;Win32.Virut.56;Cured.;
aspnet_compiler.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
aspnet_regbrowsers.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
aspnet_regsql.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
CasPol.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
dfsvc.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
IEExec.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
InstallUtil.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
jsc.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
MSBuild.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
RegAsm.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
RegSvcs.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\msagent;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
HelpHost.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
notiflag.exe;C:\WINDOWS\PCHEALTH\HELPCTR\Binaries;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\PCHEALTH\UploadLB\Binaries;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dxdllreg.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
admin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
alg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
aspnet_regiis.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
aspnet_state.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
aspnet_wp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
asr_fmt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
asr_pfu.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
author.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
bootcfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
caspol.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cfgwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cipher.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cisvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
clipsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
comsdupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
conf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
csc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
davcdata.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dialer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dllhost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dmadmin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
drvqry.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evcreate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evntcmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evntwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evtrig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fp98sadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fp98swin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpadmcgi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpcount.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpremadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxssvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
getmac.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
gprslt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwconn1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwconn2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwrmind.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ieexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iisrstas.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ilasm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
imapi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
inetin51.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
inetwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
installutil.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
jsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
lhmstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logon.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logonui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
lsass.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiza.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiz_a.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mmcperf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mnmsrvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
moviemk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mqbkup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mqsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mqtgsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msdtc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msimn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msiregmv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mtstocom.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
muisetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
napstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ngen.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ntbackup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
oemig50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
opnfiles.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
pinball.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regasm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regsvcs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regsvr32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rsnotify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rundll32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scardsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sctasks.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
secedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sessmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setupn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shmgrate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shtml.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smi2smir.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smlogsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
snmp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
snmptrap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spiisupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
stub_fpsrvwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
svchost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sysinfo.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
taskkill.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tasklist.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tcptest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tlntadmn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tlntsess.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tlntsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tourstrt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tp4mon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tracerpt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tscupgrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ups.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
userinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
vbc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
vssvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wabmig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiapsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmic.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wuauclt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
xpnetdg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
cplexe.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpdct.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpdsvr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpmig.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjprw.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjputy.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imscinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
tintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
tintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\ServicePackFiles\ServicePackCache\i386;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\mceur2;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\wm10;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\wm10l;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\wm10mix;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\wm11;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\wm9;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\sp3gdr;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\sp3gdr;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\sp3qfe;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\SoftwareDistribution\Download\1201b6f74bae1015eceeea43baed9814\sp3qfe;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
admin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
alg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
aspnet_regiis.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
aspnet_state.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
aspnet_wp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
asr_fmt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
author.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
bootcfg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cfgwiz.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cipher.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cisvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
clipsrv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
conf.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
davcdata.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dialer.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dllhost.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dmadmin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
drvqry.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
evcreate.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
evntcmd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
evntwin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
evtrig.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fp98sadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fp98swin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fpadmcgi.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fpcount.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fpremadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fpsrvadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
fxssvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
getmac.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
gprslt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
icwconn1.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
icwconn2.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
icwrmind.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ieexec.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
iisrstas.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
imapi.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
inetin51.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
inetwiz.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
lhmstsc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
logon.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
logonui.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
lsass.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
migwiza.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mmcperf.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mnmsrvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
moviemk.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mqbkup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mqsvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mqtgsvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msdtc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msimn.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msiregmv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
mtstocom.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
muisetup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
napstat.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ntbackup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
oemig50.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
opnfiles.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
pinball.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
regsvr32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rsnotify.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
rundll32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
scardsvr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sctasks.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sessmgr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
setup50.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
setupn.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
shmgrate.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
shtml.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
smi2smir.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
smlogsvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
snmp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
snmptrap.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
stub_fpsrvwin.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
svchost.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sysinfo.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
taskkill.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tasklist.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tcptest.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tlntadmn.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tlntsess.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tlntsvr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tourstrt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tp4mon.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tracerpt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
ups.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
userinit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
vssvc.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wab.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wabmig.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wmiapsrv.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wmic.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wuauclt.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
xpnetdg.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356;Win32.Virut.56;Cured.;
asr_pfu.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip;Win32.Virut.56;Cured.;
comsdupd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip;Win32.Virut.56;Cured.;
secedit.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip;Win32.Virut.56;Cured.;
spiisupd.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\lang;Win32.Virut.56;Cured.;
fixccs.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\update;Win32.Virut.56;Cured.;
nv4prep.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\update;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\update;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
arp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
asr_fmt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
asr_ldm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
asr_pfu.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
bootcfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
bootok.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
bootvrfy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
calc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
charmap.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
chkdsk.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
chkntfs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cidaemon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cipher.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ckcnv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
comp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
compact.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
comsdupd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
control.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
convert.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diskperf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dllhst3g.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
doskey.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
driverquery.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
drwtsn32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dvdplay.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dxdllreg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
esentutl.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eventcreate.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eventtriggers.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eventvwr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
expand.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
find.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
finger.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fixmapi.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
freecell.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fsutil.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
getmac.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
gpresult.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
gpupdate.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
hostname.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipsec6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
keystone.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
label.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lights.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lnkstub.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lodctr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logoff.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lpq.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lpr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
migpwd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mmcperf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mountvol.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mpnotify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mqbkup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mqsvc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mqtgsvc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mrinfo.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mshearts.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msncache.dll.673984;C:\WINDOWS\system32;Trojan.Siggen.2237;Deleted.;
mspaint.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msswchx.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
napstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nbtstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ntbackup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nvappbar.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nvcolor.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nvcplui.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nvdspsch.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nvsvc32.exe;C:\WINDOWS\system32;Trojan.PWS.Bebu.origin;;
nvudisp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
NVUNINST.EXE;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nwiz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nwscript.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
openfiles.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
osuninst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
pathping.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
pentnt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ping6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
print.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qappsrv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qwinsta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasautou.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasdial.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
recover.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regedt32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regini.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regwiz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
replace.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
reset.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
route.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
routemon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsmsink.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsmui.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsnotify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsopprov.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
runas.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rwinsta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
schtasks.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
secedit.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
setupn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sfc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shadow.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sndvol32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sol.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spiisupd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
subst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
syncapp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
syskey.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
systeminfo.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
systray.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
taskkill.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tasklist.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
taskman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tcmsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tcpsvcs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tftp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tlntadmn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tlntsess.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tourstart.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tpsaxyd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tracerpt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tracert6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tscon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tscupgrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tsdiscon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tskill.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tsshutdn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
typeperf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
unlodctr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrmlnka.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrprbda.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrshuta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
verifier.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
vssadmin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
w32tm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winmine.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winmsd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wmpstub.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
write.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wupdmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
SwInit.exe;C:\WINDOWS\system32\Adobe\Shockwave 11;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\system32\Com;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\system32\Com;Win32.Virut.56;Cured.;
reader_s.exe;C:\WINDOWS\system32\config\systemprofile;Trojan.DownLoad.29459;Deleted.;
arp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
asr_ldm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bckgzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bootok.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bootvrfy.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
calc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cb32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
change.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
charmap.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chglogon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chgport.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chgusr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkdsk.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkntfs.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkrzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cidaemon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cintsetp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ckcnv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
comp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
compact.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
control.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
convert.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
convlog.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cplexe.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cprofile.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
diskperf.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
dllhst3g.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
doskey.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
drwtsn32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
esentutl.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
eventvwr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
EXCH_regtrace.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
expand.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
find.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
finger.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fixmapi.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
flattemp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
freecell.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fsutil.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fxssend.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
gpupdate.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
helphost.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
hostname.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
hrtzzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
icwtutor.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
iisreset.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
iissync.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imekrmig.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imepadsv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdadm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdct.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdsvr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpmig.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjprw.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpuex.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjputy.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imkrinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imscinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
inetmgr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ipsec6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
isignup.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
label.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lights.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lnkstub.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lodctr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
logoff.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lpq.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lpr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
migisol.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mountvol.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mpnotify.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mrinfo.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
msg.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mshearts.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
msinfo32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
msswchx.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
nbtstat.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
notiflag.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ntsd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
nwscript.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
osuninst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pathping.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pentnt.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ping6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
print.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
qappsrv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
query.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
quser.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
qwinsta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rasautou.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rasdial.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
recover.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regedt32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regini.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
register.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regwiz.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
relog.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
replace.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
reset.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
route.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
routemon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsmsink.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsmui.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsopprov.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsvp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
runas.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rvsezm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rwinsta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sapisvr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sfc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
shadow.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
shvlzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sndvol32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sol.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
srdiag.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
subst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
syncapp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
syskey.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
systray.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
taskman.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tcmsetup.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tcpsvcs.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tftp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tintlphr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tintsetp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tracert6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tscon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tsdiscon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tskill.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tsprof.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tsshutdn.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
twunk_32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
typeperf.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unlodctr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unsecapp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
verifier.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
vssadmin.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
w32tm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wb32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winhstb.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmgmt.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmine.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmsd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wmpstub.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
write.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wupdmgr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
zclientm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
genuinst.exe;C:\WINDOWS\system32\Macromed\Flash;Win32.Virut.56;Cured.;
UninstFl.exe;C:\WINDOWS\system32\Macromed\Flash;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\system32\npp;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\system32\oobe;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\system32\oobe;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\system32\Restore;Win32.Virut.56;Cured.;
srdiag.exe;C:\WINDOWS\system32\Restore;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiza.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiz_a.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
unsecapp.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wmic.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
dncyool64.sys;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Trojan.Click.25715;Deleted.;
msncache.dll;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Trojan.Siggen.2237;Deleted.;
reader_s.exe;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Trojan.DownLoad.29459;Deleted.;
sopidkc.exe;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Win32.Virut.56;Cured.;
sopidkc.exe;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Trojan.MulDrop.31454;Deleted.;
wtukd32.exe;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32;Win32.Virut.56;Cured.;
protect.sys;C:\_OTListIt\MovedFiles\05052009_171733\WINDOWS\system32\drivers;Trojan.NtRootKit.429;Deleted.;
reader_s.exe;C:\_OTListIt\MovedFiles\05062009_155522\Documents and Settings\Mamoon Siddiqui;Trojan.DownLoad.29459;Deleted.;
services.exe;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS;Win32.Virut.56;Cured.;
svchost.exe;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\dhcp;Win32.Virut.56;Cured.;
14.tmp;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32;Trojan.Spambot.2424;Deleted.;
19.tmp;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32;Trojan.Spambot.2424;Deleted.;
6to4v32.dll;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32;Trojan.DownLoad.35600;Deleted.;
reader_s.exe;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32;Trojan.DownLoad.29459;Deleted.;
tpszxyd.sys;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32;Trojan.DownLoad.35605;Deleted.;
SVCHOST.EXE;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32\3361;Win32.Virut.56;Cured.;
SVCHOST.EXE;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32\3361;Trojan.Click.25852;Deleted.;
protect.sys;C:\_OTListIt\MovedFiles\05062009_155522\WINDOWS\system32\drivers;Trojan.NtRootKit.429;Deleted.;

-----------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 3

5/6/2009 5:17:42 PM
mbam-log-2009-05-06 (17-17-42).txt

Scan type: Full Scan (C:\|)
Objects scanned: 99268
Time elapsed: 10 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\services\del (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.

Thanks.

mamoon0

#12 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 07 May 2009 - 11:43 AM

Malware will definitely use your connection, so that's not uncommon at all.

You've got a virut infection and a format and reinstall may be the best option. But let's see if we made any progress with the last step. Looks like DrWeb did some damage.

Please post a new log from OTListIt.

#13 mamoon0

New Member

Members
10 posts

Posted 07 May 2009 - 02:40 PM

Hello Sam,

good to know that it's possibly a virus and not my connection. Log just like you asked.
Thanks.

mamoon0

OTListIt logfile created on: 5/7/2009 2:38:18 PM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Mamoon Siddiqui\Desktop\Virus Protection
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.49 Mb Total Physical Memory | 343.00 Mb Available Physical Memory | 44.69% Memory free
1.83 Gb Paging File | 1.33 Gb Available in Paging File | 72.35% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 109.26 Gb Free Space | 85.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 3MBROS
Current User Name: Mamoon Siddiqui
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2009/05/06 15:59:43 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/05/06 15:59:45 | 00,067,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009/04/16 13:36:36 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/05/06 15:59:41 | 02,280,960 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/04/16 13:36:36 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/02/03 10:32:28 | 03,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\procexp.exe
PRC - [2009/04/27 21:49:16 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/05/04 16:39:31 | 00,523,776 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Virus Protection\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2005/09/23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2005/09/23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/04/25 16:32:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Disabled | Stopped])
SRV - File not found -- -- (netddedsdmdhcp [Disabled | Stopped])
SRV - [2009/05/06 16:00:08 | 00,132,096 | ---- | M] () -- C:\WINDOWS\System32\rsvp.exe -- (RSVP [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2002/10/16 17:27:02 | 00,947,884 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2009/05/05 21:53:43 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\fdacc71.sys -- (fdacc71 [System | Running])
DRV - [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
DRV - [2006/08/11 23:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2009/05/06 15:07:01 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\omj1bd0.sys -- (omj1bd0 [System | Running])
DRV - [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/05/05 21:38:00 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\qole69d.sys -- (qole69d [System | Stopped])
DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Running])
DRV - [2001/08/23 07:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])
DRV - [2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2008/04/13 11:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (sonypvu1 [On_Demand | Stopped])
DRV - File not found -- -- (vitra [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1801674531-725345543-839522115-1003\S-1-5-21-1801674531-725345543-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/25 16:32:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/05 18:21:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/27 21:49:19 | 00,000,000 | ---D | M]

[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions
[2009/04/14 20:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/06 17:40:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/14 21:50:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/04/15 12:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\mozilla\Firefox\Profiles\81x2ka1s.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2009/05/06 22:46:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/27 21:49:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/15 23:23:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/25 16:32:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/27 21:49:16 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/27 21:49:16 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/09 00:51:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/09 00:51:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/09 00:51:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/09 00:51:14 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/09 00:51:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/09 00:51:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/09 00:51:14 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (305001 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 63.119.44.200 www.danburymintjewelrry.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10526 more lines...
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1801674531-725345543-839522115-1003..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-1801674531-725345543-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1801674531-725345543-839522115-1003..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-21-1801674531-725345543-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1801674531-725345543-839522115-1003\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/14 09:04:56 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/05/06 21:50:07 | 03,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\procexp.exe
[2009/05/06 21:15:49 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/06 21:15:47 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/05/06 16:01:43 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/06 16:01:41 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/06 16:01:40 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/06 15:57:20 | 00,002,126 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/06 15:07:01 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\omj1bd0.sys
[2009/05/05 22:24:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\
[2009/05/05 21:53:43 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\fdacc71.sys
[2009/05/05 21:38:00 | 00,017,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\qole69d.sys
[2009/05/05 17:17:33 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/05/04 17:56:31 | 00,730,624 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++.exe
[2009/05/04 17:56:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++_v0.31-Win32
[2009/05/03 16:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\avidemux
[2009/05/03 16:23:35 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 16:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.4
[2009/05/03 15:36:31 | 00,022,528 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 13:45:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\ProcessExplorer
[2009/05/03 13:06:46 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/02 22:02:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Virus Protection
[2009/05/02 21:44:41 | 00,000,000 | ---D | C] -- C:\Reg Save
[2009/05/01 17:19:54 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/05/01 17:19:08 | 00,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/05/01 17:19:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Foxit
[2009/05/01 15:01:01 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2009/05/01 14:58:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3361
[2009/05/01 14:58:25 | 00,108,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 14:58:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\dhcp
[2009/05/01 10:49:00 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2009/05/01 10:49:00 | 00,000,892 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/01 10:49:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2009/05/01 10:48:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2009/05/01 03:35:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/05/01 01:02:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\P90X
[2009/04/30 22:00:34 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009/04/30 17:00:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\FLV
[2009/04/30 15:05:15 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/30 15:05:15 | 00,000,000 | ---D | C] -- C:\Program Files\FLV Player
[2009/04/29 00:44:56 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/29 00:06:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Malwarebytes
[2009/04/29 00:06:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/29 00:04:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/29 00:02:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GlarySoft
[2009/04/28 21:39:02 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/28 21:28:48 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/04/28 15:45:01 | 00,000,128 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/04/28 15:28:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/04/28 15:18:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Adobe
[2009/04/28 11:56:28 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/28 11:21:40 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:14:20 | 00,182,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | C] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:10:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\796525
[2009/04/28 11:09:58 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:26 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 10:38:06 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/28 10:38:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Apps
[2009/04/27 15:45:16 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/04/27 00:52:59 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/04/26 15:42:30 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/26 15:42:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/04/25 22:51:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/04/25 22:51:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/04/25 22:51:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/04/25 22:51:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/04/25 22:46:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/04/25 22:37:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Keep
[2009/04/25 20:07:15 | 00,000,000 | ---D | C] -- C:\Program Files\Brandon Swift Creations
[2009/04/25 16:32:02 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/04/25 16:31:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Sun
[2009/04/25 13:03:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blackberry Backup
[2009/04/24 20:31:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2009/04/23 22:23:29 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/04/23 22:23:28 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/04/23 22:23:28 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/04/23 22:23:28 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/04/23 22:23:27 | 02,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/04/23 22:23:27 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/04/23 22:23:27 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009/04/23 22:23:27 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/04/23 22:23:27 | 00,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/04/23 22:23:27 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/04/23 22:23:27 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/04/23 22:23:27 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/04/23 22:23:27 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/04/23 22:23:27 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/04/23 22:23:27 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/04/23 22:23:27 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/04/23 22:23:27 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/04/23 22:23:27 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/04/23 22:23:27 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/04/23 22:23:27 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/04/23 22:23:27 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/04/23 22:23:27 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/04/23 22:23:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/04/23 22:23:27 | 00,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/04/23 22:23:27 | 00,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/04/23 22:23:27 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/04/23 22:23:27 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/04/23 22:23:27 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/04/23 22:23:27 | 00,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/04/23 22:23:27 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/04/23 22:23:26 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/04/23 22:23:26 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/04/23 22:23:26 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/04/23 22:23:26 | 00,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/04/23 22:23:26 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/04/23 22:23:25 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/04/23 22:23:25 | 00,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/04/23 22:23:24 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009/04/23 22:23:24 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009/04/23 22:23:24 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/04/23 22:23:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009/04/23 22:23:24 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/04/23 22:23:24 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/04/23 22:23:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/04/23 22:23:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/04/23 22:23:24 | 00,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/04/23 22:23:24 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/04/23 22:23:24 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/04/23 22:23:24 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/04/23 22:23:24 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/04/23 22:23:24 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/04/23 22:23:24 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/04/23 22:23:24 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/04/23 22:23:24 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/04/23 22:23:24 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/04/23 22:23:23 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/04/23 22:23:22 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/04/23 22:23:22 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/04/23 22:23:22 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/04/23 22:23:21 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/04/23 22:23:20 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/04/23 22:23:19 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2009/04/23 22:23:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/04/23 22:23:18 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/04/23 22:23:18 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/04/23 22:23:18 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/04/23 22:23:18 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/04/23 22:23:18 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/04/23 22:23:18 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/04/23 22:23:17 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/04/23 22:23:17 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/04/23 22:23:17 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/04/23 22:23:13 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/04/23 22:23:13 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/04/23 22:23:12 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/04/23 22:23:12 | 00,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/04/23 22:23:11 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/04/23 22:23:11 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/04/23 22:23:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009/04/23 22:23:09 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/04/23 22:23:08 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/04/23 22:23:08 | 00,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/04/23 22:23:08 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/04/23 22:23:07 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/04/23 22:23:06 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2009/04/23 22:23:06 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/04/23 22:23:06 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/04/23 22:23:05 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/04/23 22:23:05 | 00,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/04/23 22:23:05 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/04/23 22:23:05 | 00,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/04/23 22:23:05 | 00,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/04/23 22:23:05 | 00,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/04/23 22:23:05 | 00,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/04/23 22:23:05 | 00,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/04/23 22:23:05 | 00,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/04/23 22:23:05 | 00,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/04/23 22:23:05 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/04/23 22:23:05 | 00,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/04/23 22:23:05 | 00,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/04/23 22:23:05 | 00,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/04/23 22:23:05 | 00,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/04/23 22:23:05 | 00,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/04/23 22:23:04 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/04/23 22:23:02 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/04/23 22:23:00 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/04/23 22:23:00 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/04/23 22:23:00 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/04/23 22:23:00 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/04/23 22:23:00 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/04/23 22:22:59 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/04/23 22:22:59 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/04/23 22:22:59 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/04/23 22:22:58 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/04/23 22:22:58 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/04/23 22:22:57 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/04/23 22:22:57 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/04/23 22:22:57 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/04/23 22:22:57 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/04/23 22:22:57 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/04/23 22:22:57 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/04/23 22:22:57 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/04/23 22:22:55 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/04/23 22:22:53 | 00,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/04/23 22:22:53 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/04/23 22:22:51 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/04/23 22:22:51 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/04/23 22:22:50 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009/04/23 22:22:50 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/04/23 22:22:50 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009/04/23 22:22:50 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/04/23 22:22:50 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009/04/23 22:22:50 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/04/23 22:22:50 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/04/23 22:22:50 | 00,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/04/23 22:22:50 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/04/23 22:22:50 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/04/23 22:22:50 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/04/23 22:22:50 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/04/23 22:22:49 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/04/23 22:22:49 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/04/23 22:22:49 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/04/23 22:22:49 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/04/23 22:22:48 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/04/23 22:22:48 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/04/23 22:22:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009/04/23 22:22:43 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/04/23 22:22:43 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2009/04/23 22:22:43 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/04/23 22:22:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/04/23 22:22:42 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009/04/23 22:22:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll
[2009/04/23 22:22:38 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/04/23 22:22:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/04/23 22:22:37 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/04/23 22:22:30 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/04/23 22:22:30 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/04/23 22:22:30 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/04/23 22:22:30 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/04/23 22:22:30 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/04/23 22:22:30 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/04/23 22:22:30 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2009/04/23 22:22:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/04/23 22:22:30 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/04/23 22:22:29 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/04/23 22:22:29 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009/04/23 22:22:29 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/04/23 22:22:29 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/04/23 22:22:28 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/04/23 22:22:28 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/04/23 22:22:28 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2009/04/23 22:22:28 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/04/23 22:22:28 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/04/23 22:22:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/04/23 22:22:28 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/04/23 22:22:28 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2009/04/23 22:22:28 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/04/23 22:22:27 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/04/23 22:22:26 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/04/23 22:22:26 | 00,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/04/23 22:22:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/04/23 22:22:26 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2009/04/23 22:22:26 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/04/23 22:22:26 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/04/23 22:22:26 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/04/23 22:22:26 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/04/23 22:22:26 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/04/23 22:22:25 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/04/23 22:22:25 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/04/23 22:22:24 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/04/23 22:22:24 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/04/23 22:22:24 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/04/23 22:22:24 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/04/23 22:22:24 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009/04/23 22:22:20 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/04/23 22:22:19 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/04/23 22:07:00 | 24,921,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/23 22:04:20 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/04/15 23:27:37 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:27:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\skypePM
[2009/04/15 23:25:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Skype
[2009/04/15 23:23:29 | 00,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/15 23:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/04/15 23:23:24 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/04/15 23:22:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\WinRAR
[2009/04/15 23:21:19 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/04/15 23:21:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Research In Motion
[2009/04/15 23:19:40 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 23:17:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/04/15 23:16:33 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/04/15 23:16:09 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2009/04/15 23:14:40 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/04/15 22:52:18 | 00,026,496 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2009/04/15 22:52:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2009/04/15 22:37:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/04/15 22:34:32 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/04/15 22:34:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/04/15 22:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\GetRightToGo
[2009/04/15 21:54:52 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/15 13:04:05 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/04/15 13:03:55 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2009/04/15 13:03:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2009/04/15 13:03:33 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/04/15 12:42:39 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/04/14 22:04:58 | 00,266,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TweakUI.exe
[2009/04/14 22:04:58 | 00,160,217 | ---- | C] () -- C:\WINDOWS\System32\PowerToysLicense.rtf
[2009/04/14 21:59:34 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbstor.sys
[2009/04/14 21:56:15 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/04/14 21:54:28 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/14 21:54:28 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/14 21:54:27 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/14 21:54:27 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/14 21:54:27 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/14 21:54:27 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/14 21:54:27 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/14 21:54:27 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/14 21:54:27 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/14 21:54:26 | 02,189,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/04/14 21:54:26 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/04/14 21:54:25 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/04/14 21:52:47 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/04/14 21:52:44 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/04/14 21:52:34 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/04/14 21:52:28 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/04/14 21:52:09 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/04/14 21:51:48 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/04/14 21:51:43 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/04/14 21:51:01 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/14 21:51:01 | 00,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009/04/14 21:51:01 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/14 21:51:01 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/14 21:50:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/04/14 21:50:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/04/14 21:45:07 | 00,002,193 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/04/14 21:45:07 | 00,000,000 | ---D | C] -- C:\Program Files\Steam
[2009/04/14 21:40:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/04/14 21:40:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/14 21:40:16 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/04/14 21:39:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/04/14 21:39:51 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/04/14 21:16:43 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/14 21:16:10 | 00,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2009/04/14 21:16:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2009/04/14 21:16:10 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2009/04/14 21:16:10 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009/04/14 21:16:10 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/04/14 21:16:10 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/04/14 21:16:10 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/04/14 21:16:08 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2009/04/14 21:16:08 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2009/04/14 21:16:08 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2009/04/14 21:16:07 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys
[2009/04/14 21:16:07 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2009/04/14 21:16:07 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2009/04/14 21:16:07 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/04/14 21:16:07 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys
[2009/04/14 21:16:07 | 00,079,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2009/04/14 21:16:07 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/04/14 21:16:07 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/04/14 21:16:07 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2009/04/14 21:16:07 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009/04/14 21:16:07 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009/04/14 21:16:07 | 00,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk7.sys
[2009/04/14 21:16:07 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2009/04/14 21:16:07 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/04/14 21:16:07 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2009/04/14 21:16:07 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/04/14 21:16:07 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2009/04/14 21:16:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009/04/14 21:16:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2009/04/14 21:16:07 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2009/04/14 21:16:07 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2009/04/14 21:16:07 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/04/14 21:16:07 | 00,011,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2009/04/14 21:16:07 | 00,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2009/04/14 21:16:06 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009/04/14 21:16:06 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009/04/14 21:16:06 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/04/14 21:16:06 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/04/14 21:16:06 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009/04/14 21:16:06 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009/04/14 21:16:06 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbehci.sys
[2009/04/14 21:16:06 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthserv.dll
[2009/04/14 21:16:06 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009/04/14 21:16:06 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/04/14 21:16:06 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009/04/14 21:16:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009/04/14 21:16:06 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/04/14 21:16:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tunmp.sys
[2009/04/14 21:16:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/04/14 21:16:06 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/04/14 21:16:06 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/04/14 21:16:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2009/04/14 21:16:05 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009/04/14 21:16:05 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009/04/14 21:16:05 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/04/14 21:16:05 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/04/14 21:16:05 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009/04/14 21:16:05 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009/04/14 21:16:05 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll
[2009/04/14 21:16:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/04/14 21:16:05 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/04/14 21:16:05 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2009/04/14 21:16:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009/04/14 21:16:04 | 00,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2psvc.dll
[2009/04/14 21:16:04 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2009/04/14 21:16:04 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009/04/14 21:16:04 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009/04/14 21:16:04 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009/04/14 21:16:04 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfime.ime
[2009/04/14 21:16:04 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009/04/14 21:16:04 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2009/04/14 21:16:04 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009/04/14 21:16:04 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009/04/14 21:16:04 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009/04/14 21:16:04 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pnrpnsp.dll
[2009/04/14 21:16:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsnsv.dll
[2009/04/14 21:16:04 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/04/14 21:16:04 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009/04/14 21:16:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009/04/14 21:16:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009/04/14 21:16:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009/04/14 21:16:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009/04/14 21:16:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009/04/14 21:16:03 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.dll
[2009/04/14 21:16:03 | 01,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2009/04/14 21:16:03 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009/04/14 21:16:03 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009/04/14 21:16:03 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009/04/14 21:16:03 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009/04/14 21:16:03 | 00,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winhttp.dll
[2009/04/14 21:16:03 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpdxm.dll
[2009/04/14 21:16:03 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009/04/14 21:16:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2009/04/14 21:16:03 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009/04/14 21:16:03 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009/04/14 21:16:03 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009/04/14 21:16:03 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshbth.dll
[2009/04/14 21:16:03 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscsvc.dll
[2009/04/14 21:16:03 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/04/14 21:16:03 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twext.dll
[2009/04/14 21:16:03 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009/04/14 21:16:03 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/04/14 21:16:03 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009/04/14 21:16:03 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll
[2009/04/14 21:16:03 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/04/14 21:16:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/04/14 21:16:02 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/04/14 21:16:02 | 00,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/04/14 21:16:02 | 00,323,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,213,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2009/04/14 21:16:02 | 00,202,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/04/14 21:16:02 | 00,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2009/04/14 21:16:02 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/04/14 21:16:02 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/04/14 21:16:02 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll
[2009/04/14 21:16:02 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/04/14 21:16:02 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009/04/14 21:16:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009/04/14 21:14:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/04/14 21:13:08 | 02,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009/04/14 21:12:15 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/04/14 21:12:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/04/14 21:11:53 | 00,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/04/14 21:10:11 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/04/14 21:10:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/04/14 20:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Macromedia
[2009/04/14 20:32:41 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/04/14 20:32:40 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/04/14 20:32:37 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2009/04/14 20:32:37 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2009/04/14 20:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\AvRack
[2009/04/14 20:32:36 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/04/14 20:28:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/04/14 20:27:39 | 01,428,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvidctl.dll
[2009/04/14 20:27:39 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/04/14 20:27:39 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009/04/14 20:27:39 | 00,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nabtsfec.sys
[2009/04/14 20:27:39 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009/04/14 20:27:39 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009/04/14 20:27:39 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2009/04/14 20:27:39 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2009/04/14 20:27:39 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009/04/14 20:27:39 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2009/04/14 20:27:39 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wstcodec.sys
[2009/04/14 20:27:39 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ccdecode.sys
[2009/04/14 20:27:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msyuv.dll
[2009/04/14 20:27:39 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\streamip.sys
[2009/04/14 20:27:39 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009/04/14 20:27:39 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009/04/14 20:27:39 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\slip.sys
[2009/04/14 20:27:39 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndisip.sys
[2009/04/14 20:27:38 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/04/14 20:27:38 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2009/04/14 20:27:38 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2009/04/14 20:27:38 | 00,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2009/04/14 20:27:38 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009/04/14 20:27:38 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009/04/14 20:27:38 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2009/04/14 20:27:38 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mstee.sys
[2009/04/14 20:27:38 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2009/04/14 20:27:38 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2009/04/14 20:27:38 | 00,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swenum.sys
[2009/04/14 20:27:38 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/04/14 20:27:37 | 00,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2009/04/14 20:27:37 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/04/14 20:27:37 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2009/04/14 20:27:37 | 00,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2009/04/14 20:27:36 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009/04/14 20:27:36 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009/04/14 20:27:36 | 01,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/04/14 20:27:36 | 01,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2009/04/14 20:27:36 | 01,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2009/04/14 20:27:36 | 00,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2009/04/14 20:27:36 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2009/04/14 20:27:36 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2009/04/14 20:27:36 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2009/04/14 20:27:36 | 00,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax
[2009/04/14 20:27:36 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2009/04/14 20:27:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2009/04/14 20:27:36 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2009/04/14 20:27:36 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2009/04/14 20:27:36 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/04/14 20:27:36 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2009/04/14 20:27:36 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2009/04/14 20:27:36 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2009/04/14 20:27:36 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2009/04/14 20:27:36 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2009/04/14 20:27:36 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/04/14 20:27:36 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2009/04/14 20:27:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2009/04/14 20:27:36 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2009/04/14 20:27:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2009/04/14 20:27:36 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009/04/14 20:27:36 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2009/04/14 20:27:36 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/04/14 20:27:36 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2009/04/14 20:27:36 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2009/04/14 20:27:35 | 01,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2009/04/14 20:27:35 | 00,824,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2009/04/14 20:27:35 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2009/04/14 20:27:35 | 00,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2009/04/14 20:27:35 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2009/04/14 20:27:35 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2009/04/14 20:27:35 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2009/04/14 20:27:35 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2009/04/14 20:27:35 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/04/14 20:27:35 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2009/04/14 20:27:35 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2009/04/14 20:26:56 | 00,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/04/14 20:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\ResChanger 2005
[2009/04/14 20:23:21 | 00,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/04/14 20:23:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/14 20:22:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/04/14 20:22:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Mozilla
[2009/04/14 20:22:07 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 20:22:03 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/14 09:10:26 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/04/14 09:10:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Identities
[2009/04/14 09:10:20 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/04/14 09:10:19 | 00,000,077 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Pictures
[2009/04/14 09:10:19 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\My Music
[2009/04/14 09:10:17 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/04/14 09:10:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\desktop.ini
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temporary Internet Files
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\History
[2009/04/14 09:10:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Mamoon Siddiqui\Application Data\Microsoft
[2009/04/14 09:10:17 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Application Data
[2009/04/14 09:10:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp
[2009/04/14 09:09:38 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/04/14 09:09:19 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/04/14 09:06:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/04/14 09:06:48 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/04/14 09:06:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/04/14 09:06:47 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/04/14 09:06:47 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/04/14 09:06:47 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/04/14 09:06:46 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/04/14 09:06:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/04/14 09:06:45 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/04/14 09:06:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/04/14 09:06:45 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/04/14 09:06:44 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/04/14 09:06:44 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/04/14 09:06:43 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/04/14 09:06:43 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/04/14 09:06:42 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/04/14 09:06:42 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/04/14 09:06:41 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/04/14 09:06:41 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/04/14 09:06:41 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/04/14 09:06:41 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/04/14 09:06:40 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/04/14 09:06:40 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/04/14 09:06:40 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/04/14 09:06:39 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/04/14 09:06:38 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/04/14 09:06:37 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/04/14 09:06:37 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/04/14 09:06:37 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/04/14 09:06:36 | 00,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2009/04/14 09:06:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/04/14 09:06:36 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009/04/14 09:06:35 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/04/14 09:06:35 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/04/14 09:06:35 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/04/14 09:06:35 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/04/14 09:06:35 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/04/14 09:06:35 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/04/14 09:06:34 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/04/14 09:06:34 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/04/14 09:06:34 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/04/14 09:06:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/04/14 09:06:34 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/04/14 09:06:31 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009/04/14 09:06:31 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/04/14 09:06:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/04/14 09:06:30 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/04/14 09:06:30 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009/04/14 09:06:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/04/14 09:06:29 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/04/14 09:06:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/04/14 09:06:27 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/04/14 09:06:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/04/14 09:06:27 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/04/14 09:06:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/04/14 09:06:26 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/04/14 09:06:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/04/14 09:06:25 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/04/14 09:06:25 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/04/14 09:06:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/04/14 09:06:25 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/04/14 09:06:25 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/04/14 09:06:25 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/04/14 09:06:24 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/04/14 09:06:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/04/14 09:06:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/04/14 09:06:24 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/04/14 09:06:24 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/04/14 09:06:24 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/04/14 09:06:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/04/14 09:06:21 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/04/14 09:06:20 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/04/14 09:06:17 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/04/14 09:06:17 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/04/14 09:06:13 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/04/14 09:06:13 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/04/14 09:06:12 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/04/14 09:06:12 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/04/14 09:06:11 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/04/14 09:06:10 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/04/14 09:06:10 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/04/14 09:06:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/04/14 09:06:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/04/14 09:06:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/04/14 09:06:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/04/14 09:06:08 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/04/14 09:06:08 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/04/14 09:06:08 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/04/14 09:06:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/04/14 09:06:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/04/14 09:06:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/04/14 09:06:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/04/14 09:06:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/04/14 09:06:06 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/04/14 09:06:05 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/04/14 09:06:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/04/14 09:06:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/04/14 09:06:04 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/04/14 09:06:04 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/04/14 09:06:04 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/04/14 09:06:03 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/04/14 09:06:03 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/04/14 09:06:03 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/04/14 09:06:03 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/04/14 09:06:03 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/04/14 09:06:03 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/04/14 09:06:03 | 00,067,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/04/14 09:06:03 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/04/14 09:06:03 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/04/14 09:06:02 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/04/14 09:06:02 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/04/14 09:06:02 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/04/14 09:06:02 | 00,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/04/14 09:06:02 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/04/14 09:06:02 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/04/14 09:06:02 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/04/14 09:06:01 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/04/14 09:06:01 | 00,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/04/14 09:06:01 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/04/14 09:06:01 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/04/14 09:06:01 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/04/14 09:06:01 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/04/14 09:06:01 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/04/14 09:06:01 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/04/14 09:06:01 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/04/14 09:06:01 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/04/14 09:06:00 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/04/14 09:06:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/04/14 09:05:56 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/04/14 09:05:52 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/04/14 09:05:49 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/04/14 09:05:47 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/04/14 09:05:47 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/04/14 09:05:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/14 09:05:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/14 09:05:45 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/14 09:05:45 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/14 09:05:44 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/04/14 09:05:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/04/14 09:05:43 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/04/14 09:05:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/04/14 09:05:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/04/14 09:05:42 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/04/14 09:05:42 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/04/14 09:05:42 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/04/14 09:05:42 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/04/14 09:05:39 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/04/14 09:05:38 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/04/14 09:05:38 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/04/14 09:05:38 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/04/14 09:05:38 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/04/14 09:05:37 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/04/14 09:05:36 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/04/14 09:05:36 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/04/14 09:05:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/04/14 09:05:35 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/04/14 09:05:35 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/04/14 09:05:35 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/04/14 09:05:35 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/04/14 09:05:35 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/04/14 09:05:34 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/04/14 09:05:34 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/04/14 09:05:34 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/04/14 09:05:34 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/04/14 09:05:34 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/04/14 09:05:33 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/04/14 09:05:33 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/04/14 09:05:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/04/14 09:05:32 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/04/14 09:05:32 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/04/14 09:05:31 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009/04/14 09:05:31 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/04/14 09:05:31 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/04/14 09:05:31 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/04/14 09:05:30 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/04/14 09:05:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/04/14 09:05:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/04/14 09:05:27 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/04/14 09:05:26 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009/04/14 09:05:26 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009/04/14 09:05:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/04/14 09:05:22 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/04/14 09:05:21 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/04/14 09:05:21 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/04/14 09:05:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/04/14 09:05:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/04/14 09:05:17 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/04/14 09:05:13 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/04/14 09:04:56 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:04:53 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/04/14 09:04:47 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:04:03 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/04/14 09:04:03 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/14 09:03:58 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/14 09:03:44 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/04/14 09:03:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/04/14 09:03:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/04/14 09:03:29 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009/04/14 09:03:23 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2009/04/14 09:03:23 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/04/14 09:03:22 | 00,319,551 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009/04/14 09:03:22 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009/04/14 09:03:22 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009/04/14 09:03:22 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/04/14 09:03:06 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/04/14 09:03:06 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/04/14 09:03:06 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/04/14 09:03:06 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/04/14 09:03:04 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/04/14 09:03:04 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/04/14 09:03:04 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/04/14 09:03:04 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/04/14 09:03:02 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/04/14 09:02:55 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/04/14 09:02:55 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2009/04/14 09:02:55 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2009/04/14 09:02:55 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2009/04/14 09:02:55 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/04/14 09:02:55 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/04/14 09:02:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/04/14 09:02:54 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/04/14 09:02:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/04/14 09:02:53 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2009/04/14 09:02:53 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2009/04/14 09:02:53 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/04/14 09:02:53 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/04/14 09:02:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/04/14 09:02:53 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/04/14 09:02:53 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/04/14 09:02:50 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/04/14 09:02:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/04/14 09:02:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/04/14 09:02:50 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/04/14 09:02:49 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/04/14 09:02:49 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/04/14 09:02:49 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/04/14 09:02:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009/04/14 09:02:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2009/04/14 09:02:47 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2009/04/14 09:02:47 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/04/14 09:02:44 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2009/04/14 09:02:44 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2009/04/14 09:02:44 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/04/14 09:02:44 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/04/14 09:02:43 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2009/04/14 09:02:43 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/04/14 09:02:43 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/04/14 09:02:43 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/04/14 09:02:43 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/04/14 09:02:43 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/04/14 09:02:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/04/14 09:02:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/04/14 09:02:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/04/14 09:02:41 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/04/14 09:02:41 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/04/14 09:02:41 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/04/14 09:02:41 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/04/14 09:02:41 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/04/14 09:02:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2009/04/14 09:02:37 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/04/14 09:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2009/04/14 09:02:35 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/04/14 09:02:34 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/04/14 09:02:12 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/04/14 09:01:55 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/04/14 09:01:55 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/04/14 09:01:44 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/14 09:01:44 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/14 09:01:44 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/14 09:01:44 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/14 09:01:43 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/14 09:01:43 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/14 09:01:43 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/14 09:01:43 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/14 09:01:43 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/14 09:01:43 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/14 09:01:43 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/14 09:01:43 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/14 09:01:43 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/14 09:01:43 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/14 09:01:43 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/14 09:01:42 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/14 09:01:42 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/14 09:01:42 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/14 09:01:42 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/14 09:01:42 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/14 09:01:41 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/14 09:01:41 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/14 09:01:41 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/14 09:01:41 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/14 09:01:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/14 09:01:41 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/14 09:01:41 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/04/14 09:01:32 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/04/14 09:01:32 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/14 09:01:32 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/14 09:01:32 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/04/14 09:01:32 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/04/14 09:01:32 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/14 09:01:31 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/14 09:01:31 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/14 09:01:31 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/14 09:01:31 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/14 09:01:31 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/04/14 09:01:30 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/04/14 09:01:26 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/14 09:01:26 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/14 09:01:26 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/14 09:01:26 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/14 09:01:26 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/14 09:01:26 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/14 09:01:26 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/14 09:01:25 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/04/14 09:01:25 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/14 09:01:25 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/14 09:01:25 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/14 09:01:25 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/14 09:01:25 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/14 09:01:25 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/14 09:01:25 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/14 09:01:25 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/14 09:01:25 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/14 09:01:24 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/14 09:01:24 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/04/14 09:01:24 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/14 09:01:24 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/14 09:01:24 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/14 09:01:24 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/14 09:01:24 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/14 09:01:24 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/14 09:01:24 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/14 09:01:24 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/14 09:01:24 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2009/04/14 09:01:23 | 01,809,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/04/14 09:01:23 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/14 09:01:23 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/14 09:01:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/14 09:01:23 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/14 09:01:23 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/14 09:01:23 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2009/04/14 09:01:23 | 00,051,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/04/14 09:01:23 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2009/04/14 09:01:22 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2009/04/14 09:01:22 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/04/14 09:01:22 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/04/14 09:01:22 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2009/04/14 09:01:22 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/04/14 09:01:22 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/04/14 09:01:22 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2009/04/14 09:01:22 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2009/04/14 09:01:22 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/04/14 09:01:22 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2009/04/14 09:01:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/04/14 09:01:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/04/14 09:01:21 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2009/04/14 09:01:21 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/04/14 09:01:21 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/04/14 09:01:21 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/04/14 09:01:21 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/04/14 09:01:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/04/14 09:01:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/04/14 09:01:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/04/14 09:01:21 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/04/14 09:01:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/04/14 09:01:21 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/04/14 09:01:21 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/04/14 09:01:21 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/04/14 09:01:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/04/14 09:01:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/04/14 09:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/04/14 09:01:21 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/04/14 09:01:21 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/04/14 09:01:21 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/04/14 09:01:21 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/04/14 09:01:20 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/04/14 09:01:20 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/04/14 09:01:20 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/04/14 09:01:20 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/04/14 09:01:20 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/04/14 09:01:20 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/04/14 09:01:20 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/04/14 09:01:20 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/04/14 09:01:20 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/04/14 09:01:20 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/04/14 09:01:20 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/04/14 09:01:20 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/04/14 09:01:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/04/14 09:01:19 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/04/14 09:01:19 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/04/14 09:01:19 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/04/14 09:01:19 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/04/14 09:01:19 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/04/14 09:01:18 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/04/14 09:01:18 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/04/14 09:01:18 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/04/14 09:01:18 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/04/14 09:01:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/04/14 09:01:18 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/04/14 09:01:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/04/14 09:01:17 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/04/14 09:01:17 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/04/14 09:01:17 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/04/14 09:01:17 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/04/14 09:01:17 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/04/14 09:01:17 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/04/14 09:01:17 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/04/14 09:01:16 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/04/14 09:01:16 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/04/14 09:01:16 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2009/04/14 09:01:16 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/04/14 09:01:16 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/04/14 09:01:12 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/04/14 09:01:11 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/04/14 09:01:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/04/14 09:01:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/04/14 09:01:11 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/04/14 09:01:10 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/04/14 09:01:10 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/04/14 09:01:10 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/04/14 09:01:10 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/04/14 09:01:10 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/04/14 09:01:10 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/04/14 09:01:10 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/04/14 09:01:09 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/04/14 09:01:08 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/04/14 09:01:08 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/04/14 09:01:07 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/04/14 09:01:07 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009/04/14 09:01:07 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/04/14 09:01:07 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/04/14 09:01:07 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/04/14 09:01:04 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2009/04/14 09:01:04 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2006/08/11 23:45:20 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 23:43:10 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/11 23:43:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/11 23:43:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/11 23:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/11 23:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/11 23:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001/08/23 07:00:00 | 00,000,519 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[2009/05/06 17:19:10 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/06 17:19:09 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Local Settings\desktop.ini
[2009/05/06 17:19:08 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/06 16:59:47 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/05/06 16:59:46 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2009/05/06 16:59:45 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/05/06 16:59:45 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2009/05/06 16:59:45 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/05/06 16:59:42 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpstub.exe
[2009/05/06 16:59:42 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/05/06 16:59:31 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/05/06 16:59:29 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/05/06 16:59:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/05/06 16:59:29 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2009/05/06 16:59:29 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2009/05/06 16:59:28 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/05/06 16:59:27 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2009/05/06 16:59:27 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2009/05/06 16:59:27 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2009/05/06 16:59:26 | 00,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/05/06 16:59:26 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/05/06 16:59:26 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2009/05/06 16:59:25 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typeperf.exe
[2009/05/06 16:59:25 | 00,025,600 | ---- | M] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2009/05/06 16:59:25 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/05/06 16:59:25 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/05/06 16:59:25 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/05/06 16:59:25 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/05/06 16:59:25 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/05/06 16:59:24 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2009/05/06 16:59:23 | 00,455,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/05/06 16:59:23 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/05/06 16:59:23 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2009/05/06 16:59:23 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2009/05/06 16:59:22 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2009/05/06 16:59:22 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2009/05/06 16:59:22 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/05/06 16:59:22 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2009/05/06 16:59:22 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2009/05/06 16:59:22 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2009/05/06 16:59:21 | 00,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/05/06 16:59:21 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/05/06 16:59:20 | 00,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/05/06 16:59:19 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/05/06 16:59:18 | 00,774,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/05/06 16:59:18 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/05/06 16:59:18 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2009/05/06 16:59:17 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/05/06 16:59:17 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sc.exe
[2009/05/06 16:59:16 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2009/05/06 16:59:16 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsopprov.exe
[2009/05/06 16:59:16 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/05/06 16:59:16 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/05/06 16:59:16 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2009/05/06 16:59:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/05/06 16:59:15 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2009/05/06 16:59:15 | 00,049,152 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2009/05/06 16:59:15 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2009/05/06 16:59:15 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2009/05/06 16:59:15 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2009/05/06 16:59:14 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/05/06 16:59:14 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\relog.exe
[2009/05/06 16:59:14 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/05/06 16:59:14 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2009/05/06 16:59:14 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/05/06 16:59:14 | 00,004,608 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2009/05/06 16:59:13 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/05/06 16:59:13 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/05/06 16:59:13 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2009/05/06 16:59:13 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2009/05/06 16:59:13 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/05/06 16:59:13 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2009/05/06 16:59:13 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2009/05/06 16:59:12 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/05/06 16:59:12 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2009/05/06 16:59:09 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/05/06 16:59:09 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2009/05/06 16:59:09 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2009/05/06 16:59:08 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2009/05/06 16:59:08 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2009/05/06 16:59:07 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwscript.exe
[2009/05/06 16:59:07 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntsd.exe
[2009/05/06 16:59:04 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/05/06 16:59:03 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2009/05/06 16:59:01 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2009/05/06 16:59:00 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/05/06 16:58:59 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/05/06 16:58:59 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/05/06 16:58:58 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2009/05/06 16:58:57 | 00,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/05/06 16:58:57 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2009/05/06 16:58:57 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2009/05/06 16:58:57 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/05/06 16:58:55 | 00,786,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/05/06 16:58:55 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/05/06 16:58:54 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/05/06 16:58:54 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2009/05/06 16:58:54 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2009/05/06 16:58:54 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/05/06 16:58:54 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2009/05/06 16:58:54 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2009/05/06 16:58:54 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2009/05/06 16:58:53 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2009/05/06 16:58:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/05/06 16:58:49 | 00,067,072 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/05/06 16:58:49 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2009/05/06 16:58:49 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/05/06 16:58:48 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/05/06 16:58:48 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/05/06 16:58:48 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/05/06 16:58:47 | 00,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/05/06 16:58:47 | 00,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/05/06 16:58:47 | 00,208,896 | ---- | M] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/05/06 16:58:46 | 00,307,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/05/06 16:58:46 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/05/06 16:58:46 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/05/06 16:58:45 | 00,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/05/06 16:58:45 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/05/06 16:58:44 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/05/06 16:58:44 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/05/06 16:58:43 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/05/06 16:58:42 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/05/06 16:58:42 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2009/05/06 16:58:41 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/05/06 16:58:41 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpupdate.exe
[2009/05/06 16:58:41 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/05/06 16:58:40 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2009/05/06 16:58:40 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/05/06 16:58:40 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/05/06 16:58:40 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2009/05/06 16:58:40 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2009/05/06 16:58:40 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2009/05/06 16:58:40 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2009/05/06 16:58:39 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/05/06 16:58:39 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expand.exe
[2009/05/06 16:58:38 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2009/05/06 16:58:38 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2009/05/06 16:58:37 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2009/05/06 16:58:36 | 00,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009/05/06 16:58:36 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2009/05/06 16:58:36 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2009/05/06 16:58:36 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2009/05/06 16:58:34 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2009/05/06 16:58:34 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/05/06 16:58:34 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/05/06 16:58:34 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/05/06 16:58:34 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2009/05/06 16:58:34 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2009/05/06 16:58:32 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2009/05/06 16:58:32 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2009/05/06 16:58:31 | 00,480,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/05/06 16:58:31 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2009/05/06 16:58:31 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2009/05/06 16:58:30 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/05/06 16:58:30 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/05/06 16:58:30 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/05/06 16:58:30 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/05/06 16:58:30 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/05/06 16:58:30 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2009/05/06 16:58:30 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2009/05/06 16:58:29 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/05/06 16:58:29 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/05/06 16:58:29 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/05/06 16:58:29 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2009/05/06 16:58:29 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2009/05/06 16:58:28 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/05/06 16:58:27 | 00,032,256 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\asr_ldm.exe
[2009/05/06 16:58:27 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2009/05/06 16:58:13 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2009/05/06 16:58:13 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xcopy.exe
[2009/05/06 16:58:12 | 00,165,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/05/06 16:58:11 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscript.exe
[2009/05/06 16:58:10 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpabaln.exe
[2009/05/06 16:58:10 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009/05/06 16:58:10 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpnpinst.exe
[2009/05/06 16:58:10 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/05/06 16:58:08 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpstub.exe
[2009/05/06 16:58:06 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winver.exe
[2009/05/06 16:58:05 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/05/06 16:58:05 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2009/05/06 16:58:04 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winhlp32.exe
[2009/05/06 16:58:03 | 00,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wiaacmgr.exe
[2009/05/06 16:58:03 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2009/05/06 16:58:01 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2009/05/06 16:58:01 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2009/05/06 16:58:00 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2009/05/06 16:58:00 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009/05/06 16:57:59 | 00,069,632 | ---- | M] ( U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrshuta.exe
[2009/05/06 16:57:59 | 00,061,440 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrprbda.exe
[2009/05/06 16:57:59 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2009/05/06 16:57:58 | 00,077,824 | ---- | M] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\usrmlnka.exe
[2009/05/06 16:57:57 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnpcont.exe
[2009/05/06 16:57:57 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2009/05/06 16:57:56 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe
[2009/05/06 16:57:56 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009/05/06 16:57:56 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\typeperf.exe
[2009/05/06 16:57:56 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/05/06 16:57:56 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/05/06 16:57:56 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/05/06 16:57:55 | 00,259,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2009/05/06 16:57:55 | 00,157,184 | ---- | M] (123.456.789.0) -- C:\WINDOWS\System32\tpsaxyd.exe
[2009/05/06 16:57:55 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2009/05/06 16:57:55 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/05/06 16:57:55 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2009/05/06 16:57:54 | 00,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2009/05/06 16:57:54 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/05/06 16:57:54 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2009/05/06 16:57:54 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2009/05/06 16:57:53 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskmgr.exe
[2009/05/06 16:57:53 | 00,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/05/06 16:57:53 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpsvcs.exe
[2009/05/06 16:57:53 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2009/05/06 16:57:53 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2009/05/06 16:57:52 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2009/05/06 16:57:52 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2009/05/06 16:57:52 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2009/05/06 16:57:52 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2009/05/06 16:57:51 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2009/05/06 16:57:51 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2009/05/06 16:57:51 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2009/05/06 16:57:50 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2009/05/06 16:57:50 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2009/05/06 16:57:49 | 00,679,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2009/05/06 16:57:49 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2009/05/06 16:57:48 | 00,610,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2009/05/06 16:57:48 | 00,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2009/05/06 16:57:48 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2009/05/06 16:57:48 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2009/05/06 16:57:48 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2009/05/06 16:57:47 | 00,704,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2009/05/06 16:57:47 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2009/05/06 16:57:45 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/05/06 16:57:45 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009/05/06 16:57:45 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2009/05/06 16:57:44 | 00,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/05/06 16:57:44 | 00,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/05/06 16:57:44 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2009/05/06 16:57:44 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/05/06 16:57:43 | 00,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/05/06 16:57:43 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/05/06 16:57:42 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2009/05/06 16:57:42 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009/05/06 16:57:41 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2009/05/06 16:57:41 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2009/05/06 16:57:41 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2009/05/06 16:57:40 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/05/06 16:57:40 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/05/06 16:57:40 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2009/05/06 16:57:39 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2009/05/06 16:57:39 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2009/05/06 16:57:38 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2009/05/06 16:57:38 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2009/05/06 16:57:38 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2009/05/06 16:57:37 | 00,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2009/05/06 16:57:37 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2009/05/06 16:57:36 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2009/05/06 16:57:36 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/05/06 16:57:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2009/05/06 16:57:36 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2009/05/06 16:57:35 | 00,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2009/05/06 16:57:35 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2009/05/06 16:57:35 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsopprov.exe
[2009/05/06 16:57:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2009/05/06 16:57:35 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2009/05/06 16:57:34 | 00,049,152 | ---- | M] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2009/05/06 16:57:34 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2009/05/06 16:57:34 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2009/05/06 16:57:34 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2009/05/06 16:57:33 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2009/05/06 16:57:33 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2009/05/06 16:57:33 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/05/06 16:57:33 | 00,004,608 | ---- | M] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2009/05/06 16:57:32 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/05/06 16:57:32 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2009/05/06 16:57:32 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/05/06 16:57:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/05/06 16:57:32 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2009/05/06 16:57:32 | 00,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2009/05/06 16:57:31 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/05/06 16:57:31 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2009/05/06 16:57:31 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2009/05/06 16:57:30 | 00,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2009/05/06 16:57:30 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2009/05/06 16:57:30 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2009/05/06 16:57:29 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/05/06 16:57:29 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/05/06 16:57:28 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/05/06 16:57:27 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2009/05/06 16:57:27 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2009/05/06 16:57:27 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2009/05/06 16:57:26 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009/05/06 16:57:26 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2009/05/06 16:57:26 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2009/05/06 16:57:26 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2009/05/06 16:57:25 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2009/05/06 16:57:25 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2009/05/06 16:57:24 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2009/05/06 16:57:24 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2009/05/06 16:57:24 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2009/05/06 16:57:23 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2009/05/06 16:57:23 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2009/05/06 16:57:22 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2009/05/06 16:57:21 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nwscript.exe
[2009/05/06 16:57:21 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2009/05/06 16:57:20 | 01,519,616 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2009/05/06 16:56:36 | 01,339,392 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/05/06 16:56:33 | 00,442,368 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/05/06 16:56:31 | 00,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2009/05/06 16:56:27 | 01,200,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2009/05/06 16:56:27 | 00,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2009/05/06 16:56:27 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe
[2009/05/06 16:56:26 | 00,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2009/05/06 16:56:26 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2009/05/06 16:56:25 | 00,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2009/05/06 16:56:24 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2009/05/06 16:56:24 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2009/05/06 16:56:24 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2009/05/06 16:56:24 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2009/05/06 16:56:23 | 00,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/05/06 16:56:23 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2009/05/06 16:56:18 | 00,677,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/05/06 16:56:18 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/05/06 16:56:18 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2009/05/06 16:56:15 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/05/06 16:56:11 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/05/06 16:56:11 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
[2009/05/06 16:56:11 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/05/06 16:56:06 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqtgsvc.exe
[2009/05/06 16:56:06 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2009/05/06 16:56:06 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqsvc.exe
[2009/05/06 16:56:05 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2009/05/06 16:56:05 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mqbkup.exe
[2009/05/06 16:56:04 | 00,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/05/06 16:56:04 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2009/05/06 16:56:03 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe
[2009/05/06 16:56:03 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/05/06 16:56:01 | 01,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2009/05/06 16:56:00 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2009/05/06 16:55:58 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2009/05/06 16:55:58 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2009/05/06 16:55:57 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2009/05/06 16:55:57 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/05/06 16:55:57 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2009/05/06 16:55:57 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2009/05/06 16:55:56 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2009/05/06 16:55:56 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2009/05/06 16:55:56 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2009/05/06 16:55:55 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2009/05/06 16:55:55 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2009/05/06 16:55:54 | 00,425,984 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2009/05/06 16:55:49 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2009/05/06 16:55:49 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2009/05/06 16:55:48 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2009/05/06 16:55:48 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2009/05/06 16:55:46 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2009/05/06 16:55:44 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2009/05/06 16:55:43 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2009/05/06 16:55:42 | 00,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2009/05/06 16:55:42 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gpupdate.exe
[2009/05/06 16:55:42 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2009/05/06 16:55:41 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009/05/06 16:55:41 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2009/05/06 16:55:41 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2009/05/06 16:55:41 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2009/05/06 16:55:40 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/05/06 16:55:40 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009/05/06 16:55:40 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2009/05/06 16:55:40 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2009/05/06 16:55:40 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2009/05/06 16:55:39 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2009/05/06 16:55:39 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2009/05/06 16:55:39 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/05/06 16:55:39 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2009/05/06 16:55:39 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2009/05/06 16:55:39 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2009/05/06 16:55:38 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2009/05/06 16:55:38 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2009/05/06 16:55:38 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2009/05/06 16:55:38 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\expand.exe
[2009/05/06 16:55:38 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2009/05/06 16:55:37 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2009/05/06 16:55:36 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009/05/06 16:55:35 | 01,298,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2009/05/06 16:55:34 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2009/05/06 16:55:34 | 00,055,296 | ---- | M] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/05/06 16:55:34 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2009/05/06 16:55:33 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2009/05/06 16:55:32 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2009/05/06 16:55:32 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2009/05/06 16:55:31 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2009/05/06 16:55:31 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2009/05/06 16:55:30 | 00,015,872 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2009/05/06 16:55:30 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2009/05/06 16:55:29 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2009/05/06 16:55:29 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2009/05/06 16:55:28 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2009/05/06 16:55:28 | 00,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2009/05/06 16:55:27 | 00,105,472 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2009/05/06 16:55:27 | 00,082,944 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2009/05/06 16:55:26 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2009/05/06 16:55:26 | 00,025,088 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2009/05/06 16:55:26 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/05/06 16:55:22 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2009/05/06 16:55:22 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ctfmon.exe
[2009/05/06 16:55:21 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2009/05/06 16:55:21 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2009/05/06 16:55:21 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2009/05/06 16:55:20 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2009/05/06 16:55:20 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2009/05/06 16:55:20 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/05/06 16:55:19 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2009/05/06 16:55:18 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2009/05/06 16:55:18 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2009/05/06 16:55:17 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2009/05/06 16:55:17 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/05/06 16:55:17 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2009/05/06 16:55:15 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2009/05/06 16:55:15 | 00,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2009/05/06 16:55:15 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cidaemon.exe
[2009/05/06 16:55:15 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2009/05/06 16:55:14 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/05/06 16:55:14 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2009/05/06 16:55:14 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2009/05/06 16:55:13 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/05/06 16:55:13 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2009/05/06 16:55:12 | 00,142,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2009/05/06 16:55:12 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2009/05/06 16:55:12 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2009/05/06 16:55:11 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009/05/06 16:55:09 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009/05/06 16:55:09 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2009/05/06 16:55:09 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2009/05/06 16:55:07 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009/05/06 16:55:07 | 00,032,256 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\asr_ldm.exe
[2009/05/06 16:55:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2009/05/06 16:55:07 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2009/05/06 16:55:07 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2009/05/06 16:55:06 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2009/05/06 16:55:05 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2009/05/06 16:55:04 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/05/06 16:15:40 | 00,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2009/05/06 16:15:40 | 00,025,600 | ---- | M] (Twain Working Group) -- C:\WINDOWS\twunk_32.exe
[2009/05/06 16:15:40 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/05/06 16:15:39 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\regedit.exe
[2009/05/06 16:15:38 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2009/05/06 16:15:37 | 00,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/05/06 16:15:37 | 00,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\hh.exe
[2009/05/06 16:03:09 | 00,730,624 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DivFix++.exe
[2009/05/06 16:00:13 | 00,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe
[2009/05/06 16:00:13 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/05/06 16:00:13 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe
[2009/05/06 16:00:12 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvr.exe
[2009/05/06 16:00:11 | 00,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogsvc.exe
[2009/05/06 16:00:11 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolsv.exe
[2009/05/06 16:00:11 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009/05/06 16:00:10 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2009/05/06 16:00:10 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2009/05/06 16:00:09 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\scardsvr.exe
[2009/05/06 16:00:09 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rundll32.exe
[2009/05/06 16:00:08 | 00,132,096 | ---- | M] () -- C:\WINDOWS\System32\rsvp.exe
[2009/05/06 16:00:08 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2009/05/06 16:00:02 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntsd.exe
[2009/05/06 16:00:01 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netdde.exe
[2009/05/06 16:00:00 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msiexec.exe
[2009/05/06 15:59:59 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2009/05/06 15:59:59 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2009/05/06 15:59:58 | 00,514,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonui.exe
[2009/05/06 15:59:58 | 00,220,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2009/05/06 15:59:58 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe
[2009/05/06 15:59:57 | 00,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi.exe
[2009/05/06 15:59:57 | 00,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2009/05/06 15:59:49 | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe
[2009/05/06 15:59:49 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe
[2009/05/06 15:59:47 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\clipsrv.exe
[2009/05/06 15:59:47 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cisvc.exe
[2009/05/06 15:59:46 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
[2009/05/06 15:59:43 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2009/05/06 15:57:20 | 00,002,126 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/06 15:07:01 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\omj1bd0.sys
[2009/05/05 21:53:43 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\fdacc71.sys
[2009/05/05 21:38:00 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\qole69d.sys
[2009/05/05 21:25:15 | 00,000,519 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/05 21:25:15 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/05 21:25:15 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/05/03 17:01:04 | 00,022,528 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Defense Paper.doc
[2009/05/03 16:23:35 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Avidemux 2.4 Qt4.lnk
[2009/05/03 11:58:00 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\MuscleCow.xls
[2009/05/02 22:00:19 | 00,305,001 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/02 21:56:26 | 00,000,043 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090502-220019.backup
[2009/05/01 17:19:08 | 00,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/05/01 15:45:35 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/05/01 14:58:25 | 00,108,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/01 10:49:00 | 00,000,892 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\DVDVideoSoft Free Studio.lnk
[2009/04/30 15:05:15 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FLV Player.lnk
[2009/04/29 16:32:55 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\My Documents\desktop.ini
[2009/04/29 09:39:42 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2009/04/29 00:44:56 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Blood.doc
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/04/28 21:59:41 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/04/28 16:50:51 | 00,304,984 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2009/04/28 16:46:27 | 00,458,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/28 16:46:27 | 00,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/28 16:46:27 | 00,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/28 15:47:28 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090428-165051.backup
[2009/04/28 15:45:01 | 00,000,128 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/28 11:56:28 | 00,262,144 | ---- | M] () -- C:\WINDOWS\System32\nvrsk.dll
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/04/28 11:14:20 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndis.sys
[2009/04/28 11:10:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\mqcd.dbt
[2009/04/28 11:10:06 | 00,000,001 | ---- | M] () -- C:\WINDOWS\9g2234wesdf3dfgjf23
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\user32.DLL
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\socrwg
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\elvkxuzc
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2009/04/28 11:09:21 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\auoxrpf
[2009/04/26 15:43:00 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/04/26 15:41:58 | 00,110,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/25 22:46:30 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/04/25 21:04:46 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2009/04/15 23:27:37 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/15 23:19:40 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desktop Manager.lnk
[2009/04/15 21:54:52 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Desktop\Counter-Strike Source.lnk
[2009/04/15 13:04:25 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/04/14 21:12:57 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/14 20:22:15 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/04/14 20:22:07 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/14 09:10:25 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009/04/14 09:09:19 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/04/14 09:06:57 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Mamoon Siddiqui\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:59 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2009/04/14 09:04:56 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/04/14 09:04:56 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/04/14 09:04:56 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/04/14 09:04:53 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/04/14 09:04:53 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/04/14 09:04:52 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009/04/14 09:04:47 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/04/14 09:04:03 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/04/14 09:02:12 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/14 09:02:03 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/04/14 09:02:03 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
< End of report >

#14 Buckeye_Sam

Malware Expert

Malware Response Team
17,382 posts

Gender:Male
Location:Pickerington, Ohio

Posted 07 May 2009 - 04:42 PM

Actually that's the best your log has looked in a while. Definitely not clean, but it just might be manageable. Let's find out.

Run OTListIt2.exe

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - [2009/05/05 21:53:43 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\fdacc71.sys -- (fdacc71 [System | Running])
DRV - [2009/05/06 15:07:01 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\omj1bd0.sys -- (omj1bd0 [System | Running])
DRV - [2009/05/05 21:38:00 | 00,017,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\qole69d.sys -- (qole69d [System | Stopped])


:Files
C:\WINDOWS\System32\drivers\omj1bd0.sys
C:\WINDOWS\System32\drivers\fdacc71.sys
C:\WINDOWS\System32\drivers\qole69d.sys

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post a new OTL2 log

==================

Immediately upon reboot try to download and run Combofix.
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Posted Image

--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt so we can continue cleaning the system.

==================

If Combofix still doesn't work for you, run a new scan with DrWeb and post the resulting log.

#15 mamoon0

New Member

Members
10 posts

Posted 08 May 2009 - 12:43 PM

Combofix finally ran! I guess that means we are progressing. Quick question. Combofix brought an IE shortcut to my desktop. I only use firefox, but was wondering, what should I do about that?
Thanks Sam.

mamoon0

========== OTLISTIT ==========
Process explorer.exe killed successfully!

Service\Driver fdacc71 deleted successfully.
C:\WINDOWS\System32\drivers\fdacc71.sys moved successfully.

Service\Driver omj1bd0 deleted successfully.
C:\WINDOWS\System32\drivers\omj1bd0.sys moved successfully.

Service\Driver qole69d deleted successfully.
C:\WINDOWS\System32\drivers\qole69d.sys moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\drivers\omj1bd0.sys not found.
File\Folder C:\WINDOWS\System32\drivers\fdacc71.sys not found.
File\Folder C:\WINDOWS\System32\drivers\qole69d.sys not found.
========== COMMANDS ==========
File delete failed. C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\Perflib_Perfdata_16a4.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully

OTListIt2 by OldTimer - Version 2.0.15.3 log created on 05082009_122911

Files moved on Reboot...
File C:\Documents and Settings\Mamoon Siddiqui\Local Settings\Temp\Perflib_Perfdata_16a4.dat not found!

Registry entries deleted on Reboot...

-----------------------------------------------------------------------------------------------------------------------------------------------

ComboFix 09-05-07.A01 - Mamoon Siddiqui 05/08/2009 12:34.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.415 [GMT -5:00]
Running from: c:\documents and settings\Mamoon Siddiqui\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Install.txt
c:\windows\mqcd.dbt
c:\windows\system32\Install.txt
c:\windows\system32\nvrsk.dll

Infected copy of c:\windows\system32\drivers\ndis.sys was found and disinfected
Restored copy from - The cat ate it

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_fci
-------\Legacy_protect

((((((((((((((((((((((((( Files Created from 2009-04-08 to 2009-05-08 )))))))))))))))))))))))))))))))
.

2009-05-07 02:15 . 2008-09-16 19:23 168448 ----a-w c:\windows\system32\unrar.dll
2009-05-07 02:15 . 2009-05-07 02:16 -------- d-----w c:\program files\K-Lite Codec Pack
2009-05-06 21:01 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-06 21:01 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-06 21:01 . 2009-05-06 21:01 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-05 22:17 . 2009-05-05 22:17 -------- d-----w C:\_OTListIt
2009-05-03 21:23 . 2009-05-04 22:55 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\avidemux
2009-05-03 21:23 . 2009-05-07 03:29 -------- d-----w c:\program files\Avidemux 2.4
2009-05-03 18:12 . 2009-05-03 18:15 -------- d-----w c:\documents and settings\Mamoon Siddiqui\DoctorWeb
2009-05-03 16:55 . 2001-08-17 18:56 7552 ----a-w c:\windows\system32\drivers\SONYPVU1.SYS
2009-05-03 02:44 . 2009-05-03 02:44 -------- d-----w C:\Reg Save
2009-05-01 22:19 . 2009-05-01 22:19 -------- d-----w c:\program files\VideoLAN
2009-05-01 22:19 . 2009-05-01 22:19 -------- d-----w c:\program files\Foxit Software
2009-05-01 22:19 . 2009-05-01 22:19 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\Foxit
2009-05-01 20:01 . 2009-05-01 20:01 -------- d-----w c:\program files\ffdshow
2009-05-01 19:58 . 2009-05-06 20:55 -------- d-----w c:\windows\system32\3361
2009-05-01 19:58 . 2009-05-06 20:55 -------- d-----w c:\windows\dhcp
2009-05-01 15:49 . 2002-01-05 20:37 344064 ----a-w c:\windows\system32\msvcr70.dll
2009-05-01 15:48 . 2009-05-01 15:49 -------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-05-01 15:48 . 2009-05-01 15:48 -------- d-----w c:\program files\DVDVideoSoft
2009-05-01 03:00 . 2009-05-01 03:00 -------- d--h--w c:\windows\PIF
2009-04-30 20:05 . 2009-04-30 20:05 -------- d-----w c:\program files\FLV Player
2009-04-30 03:45 . 2009-04-30 04:06 -------- d-----w c:\documents and settings\Mamoon Siddiqui\dwhelper
2009-04-29 05:06 . 2009-04-29 05:06 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\Malwarebytes
2009-04-29 05:06 . 2009-04-29 05:06 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-29 05:02 . 2009-04-29 05:02 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\GlarySoft
2009-04-29 02:41 . 2009-05-06 02:46 -------- d-s---w c:\documents and settings\Mamoon Siddiqui\UserData
2009-04-29 02:39 . 2009-04-29 02:39 -------- d-----w c:\program files\Trend Micro
2009-04-29 02:28 . 2009-04-29 02:28 -------- d-----w c:\program files\CCleaner
2009-04-28 20:28 . 2009-04-28 20:29 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-28 20:28 . 2009-05-03 22:01 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-28 16:13 . 2009-05-06 21:00 55808 ----a-w c:\windows\system32\nvsvc32.exe
2009-04-28 16:10 . 2009-04-29 05:27 -------- d-----w c:\windows\system32\796525
2009-04-28 16:09 . 2009-05-08 17:35 578560 -c--a-w c:\windows\system32\dllcache\user32.dll
2009-04-27 20:45 . 2009-04-27 20:45 -------- d--h--w c:\windows\system32\GroupPolicy
2009-04-26 20:42 . 2008-04-14 00:12 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-26 03:51 . 2009-04-26 03:51 -------- d-----w c:\windows\system32\scripting
2009-04-26 03:51 . 2009-04-26 03:51 -------- d-----w c:\windows\l2schemas
2009-04-26 03:51 . 2009-04-26 03:51 -------- d-----w c:\windows\system32\en
2009-04-26 03:51 . 2009-04-26 03:51 -------- d-----w c:\windows\system32\bits
2009-04-26 01:07 . 2009-04-26 02:02 -------- d-----w c:\program files\Brandon Swift Creations
2009-04-25 21:32 . 2009-04-25 21:32 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-25 21:32 . 2009-04-25 21:32 -------- d-----w c:\program files\Java
2009-04-25 01:31 . 2009-04-25 01:31 -------- d-----w c:\windows\system32\Adobe
2009-04-24 03:22 . 2009-05-06 21:56 176640 ----a-w c:\windows\system32\napstat.exe
2009-04-16 04:27 . 2009-04-16 04:27 56 ---ha-w c:\windows\system32\ezsidmv.dat
2009-04-16 04:27 . 2009-05-08 17:31 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\skypePM
2009-04-16 04:25 . 2009-05-08 17:26 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\Skype
2009-04-16 04:23 . 2009-04-16 04:23 -------- d-----w c:\program files\Common Files\Skype
2009-04-16 04:23 . 2009-04-16 04:23 -------- d-----r c:\program files\Skype
2009-04-16 04:21 . 2009-04-26 02:04 256 ----a-w c:\windows\system32\pool.bin
2009-04-16 04:21 . 2009-04-16 04:21 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\Research In Motion
2009-04-16 04:17 . 2009-04-16 04:23 -------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-04-16 04:16 . 2009-04-16 04:16 -------- d-----w c:\program files\MSXML 6.0
2009-04-16 03:52 . 2007-01-18 15:24 26496 ----a-r c:\windows\system32\drivers\RimSerial.sys
2009-04-16 03:52 . 2009-04-16 04:19 -------- d-----w c:\program files\Common Files\Research In Motion
2009-04-16 03:52 . 2009-04-26 01:20 -------- d-----w c:\program files\Research In Motion
2009-04-16 03:37 . 2009-04-16 03:37 -------- d-----w c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-04-16 03:37 . 2009-04-16 03:37 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Local Settings\Application Data\Downloaded Installations
2009-04-16 03:27 . 2009-04-16 03:29 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Application Data\GetRightToGo
2009-04-15 18:04 . 2009-04-15 18:04 -------- d-----w c:\program files\Microsoft ActiveSync
2009-04-15 18:03 . 2009-04-15 18:03 -------- d-----w c:\windows\ShellNew
2009-04-15 17:46 . 2009-04-16 03:40 17144 ----a-w c:\documents and settings\Mamoon Siddiqui\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-15 17:42 . 2008-09-04 17:15 1106944 -c----w c:\windows\system32\dllcache\msxml3.dll
2009-04-15 03:04 . 2003-06-25 21:05 266360 ----a-w c:\windows\system32\TweakUI.exe
2009-04-15 02:56 . 2008-06-13 11:05 272128 -c----w c:\windows\system32\dllcache\bthport.sys
2009-04-15 02:54 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 02:54 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 02:54 . 2009-05-06 21:59 110592 -c--a-w c:\windows\system32\dllcache\services.exe
2009-04-15 02:54 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 02:54 . 2009-05-06 21:59 227840 -c--a-w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 02:54 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 02:54 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 02:54 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 02:54 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 02:54 . 2009-02-06 11:06 2145280 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-15 02:54 . 2009-02-06 11:08 2189056 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-15 02:54 . 2009-02-06 10:32 2023936 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-15 02:52 . 2008-05-08 14:02 203136 -c----w c:\windows\system32\dllcache\rmcast.sys
2009-04-15 02:52 . 2008-10-24 11:21 455296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-15 02:52 . 2008-12-11 10:57 333952 -c----w c:\windows\system32\dllcache\srv.sys
2009-04-15 02:52 . 2008-05-01 14:33 331776 -c----w c:\windows\system32\dllcache\msadce.dll
2009-04-15 02:52 . 2008-04-11 19:04 691712 -c----w c:\windows\system32\dllcache\inetcomm.dll
2009-04-15 02:51 . 2008-10-03 10:02 247326 -c----w c:\windows\system32\dllcache\strmdll.dll
2009-04-15 02:51 . 2008-10-15 16:34 337408 -c----w c:\windows\system32\dllcache\netapi32.dll
2009-04-15 02:51 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-15 02:51 . 2009-05-06 21:59 215552 -c--a-w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 02:50 . 2009-04-26 20:44 -------- d--h--w c:\windows\$hf_mig$
2009-04-15 02:45 . 2009-05-08 17:37 -------- d-----w c:\program files\Steam
2009-04-15 02:39 . 2009-04-15 02:39 -------- d-s---w c:\windows\system32\Microsoft
2009-04-15 02:14 . 2009-04-26 03:52 -------- d-----w c:\windows\ServicePackFiles
2009-04-15 02:13 . 2008-04-13 17:39 2897920 ------w c:\windows\system32\xpsp2res.dll
2009-04-15 02:11 . 2007-08-11 01:46 26488 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-15 02:10 . 2009-04-26 03:41 -------- d-----w c:\windows\EHome
2009-04-15 01:32 . 2008-04-13 19:19 146048 ----a-w c:\windows\system32\drivers\portcls.sys
2009-04-15 01:32 . 2008-04-13 18:45 60160 ----a-w c:\windows\system32\drivers\drmk.sys
2009-04-15 01:32 . 2009-04-15 01:32 -------- d-----w c:\program files\Realtek Sound Manager
2009-04-15 01:32 . 2009-04-15 01:32 -------- d-----w c:\program files\AvRack
2009-04-15 01:32 . 2009-05-06 20:59 67584 ----a-w c:\windows\SOUNDMAN.EXE
2009-04-15 01:32 . 2002-10-16 22:27 947884 ----a-w c:\windows\system32\drivers\ALCXWDM.SYS
2009-04-15 01:32 . 2009-05-06 21:15 131072 ----a-w c:\windows\alcrmv.exe
2009-04-15 01:32 . 2009-05-06 21:15 208896 ----a-w c:\windows\alcupd.exe
2009-04-15 01:32 . 2009-04-16 03:49 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-15 01:26 . 2009-05-06 21:15 720896 ----a-w c:\windows\iun6002.exe
2009-04-15 01:26 . 2009-04-15 01:26 -------- d-----w c:\program files\ResChanger 2005
2009-04-15 01:23 . 2009-04-15 01:28 -------- d-----w c:\windows\nview
2009-04-15 01:23 . 2009-05-06 21:57 208896 ----a-w c:\windows\system32\nvudisp.exe
2009-04-15 01:23 . 2009-05-06 21:57 208896 ----a-w c:\windows\system32\NVUNINST.EXE
2009-04-15 01:22 . 2009-04-15 01:32 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-15 01:22 . 2009-04-15 01:22 0 ----a-w c:\windows\nsreg.dat
2009-04-15 01:22 . 2009-04-15 01:22 -------- d-----w c:\documents and settings\Mamoon Siddiqui\Local Settings\Application Data\Mozilla

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-08 17:35 . 2001-08-23 12:00 578560 ----a-w c:\windows\system32\user32.dll
2009-05-08 17:33 . 2001-08-23 12:00 182656 ----a-w c:\windows\system32\drivers\ndis.sys
2009-05-06 21:57 . 2001-08-23 12:00 50176 ----a-w c:\windows\system32\utilman.exe
2009-05-06 21:56 . 2006-08-12 04:43 1339392 ----a-w c:\windows\system32\nvdspsch.exe
2009-05-06 21:55 . 2001-08-23 12:00 72704 ----a-w c:\windows\system32\magnify.exe
2009-05-06 21:42 . 2009-04-14 14:03 150528 ----a-w c:\windows\PCHEALTH\UploadLB\Binaries\uploadm.exe
2009-05-06 21:42 . 2009-04-14 14:03 35328 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\notiflag.exe
2009-05-06 21:42 . 2009-04-14 14:03 169984 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\msconfig.exe
2009-05-06 21:42 . 2009-04-15 02:16 18432 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\hscupd.exe
2009-05-06 21:42 . 2009-04-14 14:03 99840 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\HelpHost.exe
2009-05-06 21:42 . 2009-04-14 14:03 744448 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2009-05-06 21:42 . 2009-04-14 14:03 769024 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\helpctr.exe
2009-05-06 21:15 . 2009-04-15 02:16 32768 ----a-w c:\windows\slrundll.exe
2009-05-06 21:15 . 2002-01-04 03:17 15360 ----a-w c:\windows\TASKMAN.EXE
2009-05-06 21:15 . 2001-08-23 12:00 283648 ----a-w c:\windows\winhlp32.exe
2009-05-06 21:15 . 2001-08-23 12:00 25600 ----a-w c:\windows\twunk_32.exe
2009-05-06 21:15 . 2001-08-23 12:00 146432 ----a-w c:\windows\regedit.exe
2009-05-06 21:15 . 2002-01-04 03:17 69120 ----a-w c:\windows\notepad.exe
2009-05-06 21:15 . 2001-08-23 12:00 10752 ----a-w c:\windows\hh.exe
2009-05-06 20:59 . 2009-04-14 14:02 32768 ----a-w c:\windows\system32\mnmsrvc.exe
2009-05-06 20:59 . 2009-04-14 14:01 6144 ----a-w c:\windows\system32\msdtc.exe
2009-05-06 20:59 . 2001-08-23 12:00 75264 ----a-w c:\windows\system32\locator.exe
2009-05-06 20:59 . 2001-08-23 12:00 514560 ----a-w c:\windows\system32\logonui.exe
2009-05-06 20:59 . 2001-08-23 12:00 220672 ----a-w c:\windows\system32\logon.scr
2009-05-06 20:59 . 2001-08-23 12:00 150528 ----a-w c:\windows\system32\imapi.exe
2009-05-06 20:59 . 2001-08-23 12:00 224768 ----a-w c:\windows\system32\dmadmin.exe
2009-05-06 20:59 . 2001-08-23 12:00 5632 ----a-w c:\windows\system32\cisvc.exe
2009-05-06 20:59 . 2001-08-23 12:00 33280 ----a-w c:\windows\system32\clipsrv.exe
2009-05-06 20:59 . 2001-08-23 12:00 44544 ----a-w c:\windows\system32\alg.exe
2009-05-06 20:59 . 2001-08-23 12:00 1054208 ----a-w c:\windows\explorer.exe
2009-04-29 05:00 . 2009-04-29 05:40 170892 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cache\Professional_32_1033.dat
2009-04-26 03:54 . 2009-04-14 14:04 86327 ----a-w c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-04-24 03:04 . 2009-04-24 03:04 17144 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-14 14:05 . 2009-04-14 14:05 -------- d-----w c:\program files\microsoft frontpage
2009-04-14 14:04 . 2001-08-23 12:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-04-14 14:02 . 2009-04-14 14:02 21640 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-06 14:22 . 2001-08-23 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-02-20 08:10 . 2001-08-23 12:00 666112 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:10 . 2009-04-15 02:16 81920 ------w c:\windows\system32\ieencode.dll
2009-02-09 12:10 . 2001-08-23 12:00 729088 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2001-08-23 12:00 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2001-08-23 12:00 617472 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2001-08-23 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 11:13 . 2001-08-23 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-08 00:02 . 2001-08-17 13:48 2066048 ----a-w c:\windows\system32\ntkrnlpa.exe
.
Infected c:\windows\system32\user32.dll hex repaired

------- Sigcheck -------

[-] 2009-05-06 21:24 14336 EA210A370510B47C50BED70E3F9B198C c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2009-05-06 21:48 14336 721BF7FFABEF5AEAF34AB15C051257BD c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2009-05-06 21:53 14336 721BF7FFABEF5AEAF34AB15C051257BD c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\svchost.exe
[-] 2009-05-06 21:00 34816 FAC76D44724A8F8C16D99D481A7A232F c:\windows\system32\svchost.exe

[-] 2009-05-06 20:59 1054208 BB670AF2A48BFF64C470CC3987EA8EE9 c:\windows\explorer.exe
[-] 2009-05-06 21:22 1032192 8ECA240570BDC3E8C356E9D88622B9CA c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2009-05-06 21:44 1033728 4F362DF52361E693E301E67084F65EE3 c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2009-05-06 21:51 1033728 4F362DF52361E693E301E67084F65EE3 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\explorer.exe

[-] 2009-05-06 21:22 15360 177D359AE4F4DDDBAB3E00F9E1D8D1B5 c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2009-05-06 21:44 15360 AA00A83FBAD69CE98A1E62787E79DE80 c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2009-05-06 21:51 15360 AA00A83FBAD69CE98A1E62787E79DE80 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ctfmon.exe
[-] 2009-05-06 21:55 15360 AA00A83FBAD69CE98A1E62787E79DE80 c:\windows\system32\ctfmon.exe

[-] 2009-05-06 21:24 57856 328EF9F3BAE9B438AE6D5FDDD3A62432 c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2009-05-06 21:48 57856 62473C87E8BFA823A3F25E6D60390182 c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2009-05-06 21:53 57856 62473C87E8BFA823A3F25E6D60390182 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\spoolsv.exe
[-] 2009-05-06 21:00 57856 62473C87E8BFA823A3F25E6D60390182 c:\windows\system32\spoolsv.exe

[-] 2009-05-06 21:25 24576 C2928CD1045C0A069AC570AEEFB88578 c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2009-05-06 21:49 26112 38C2926DAC93E74FA608AD2FF31117C8 c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2009-05-06 21:54 26112 38C2926DAC93E74FA608AD2FF31117C8 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\userinit.exe
[-] 2009-05-06 21:00 26112 38C2926DAC93E74FA608AD2FF31117C8 c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2009-04-15 1410296]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-05-06 2280960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-08-12 7630848]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2006-08-12 86016]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2009-05-06 67584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dwshd.sys]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sopidkc"=2 (0x2)
"Spooler"=2 (0x2)
"netddedsdmdhcp"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"dhcpsrv"=2 (0x2)
"BITS"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\steamapps\\mamoon0\\counter-strike source\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\nvsvc32.exe"= c:\\WINDOWS\\System32\\nvsvc32.exe
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

S1 d38c0739;d38c0739;c:\windows\system32\drivers\d38c0739.sys --> c:\windows\system32\drivers\d38c0739.sys [?]
S3 vitra;vitra;c:\windows\system32\drivers\vitra.sys --> c:\windows\system32\drivers\vitra.sys [?]
S4 netddedsdmdhcp;Network DDE DSDM NetDDEdsdmDhcp;c:\windows\system32\D.tmp srv --> c:\windows\system32\D.tmp srv [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
msncache
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Mamoon Siddiqui\Application Data\Mozilla\Firefox\Profiles\81x2ka1s.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 12:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\netddedsdmdhcp]
"ImagePath"="c:\windows\system32\D.tmp srv"
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2009-05-08 12:40 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-08 17:40

Pre-Run: 117,158,072,320 bytes free
Post-Run: 117,715,730,432 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

282 --- E O F --- 2009-04-26 21:01