Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Me Out


  • This topic is locked This topic is locked
7 replies to this topic

#1 loco rider

loco rider

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 25 September 2008 - 02:07 PM

Please help
I just reinstalled my windows but i still have many viruses




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:52:33, on 25.09.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YServer.exe
C:\Program Files\Winamp\winamp.exe
D:\Warcraft3\Garena.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O14 - IERESET.INF: START_PAGE_URL=about:blank
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B89FB80B-D88D-4AE1-8CDB-787178796AD1}: NameServer = 213.154.124.1 193.231.252.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4616 bytes

BC AdBot (Login to Remove)

 


#2 loco rider

loco rider
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 30 September 2008 - 10:48 AM

Still this problem.....please help mE ! :thumbsup:

#3 loco rider

loco rider
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 02 October 2008 - 10:18 AM

Still this problem.....please help mE ! :)


:thumbsup:

#4 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:32 AM

Posted 05 October 2008 - 09:50 AM

:thumbsup: to BleepingComputer.com

I want to apologise that it has taken so long to get back to you. We on the HJT Team are working as fast as possible to get your log answered.

If you do not still need help, please let me know, so that I can move on to other users who still need help.

Please take note of the following:
  • While a HJT Team member is working with you, please refrain from making any changes to your computer.
  • Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Please reply using the Posted Image button in the lower left hand corner of your screen.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" :).
If you would still like help, please follow the instructions below:

We need to create an OTViewIt Report
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Please do an online scan with Kaspersky WebScanner.
  • Please visit the Kaspersky Online Scanner website.
    Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
In your next reply, please include the following:
  • OTViewIt.txt
  • Extra.txt
  • Kaspersky's Log

Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#5 loco rider

loco rider
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 08 October 2008 - 01:28 PM

KASperskY
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, October 8, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, October 08, 2008 16:01:37
Records in database: 1299961
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 68690
Threat name: 2
Infected objects: 47
Suspicious objects: 0
Duration of the scan: 02:47:17


File name / Threat name / Threats count
C:\Program Files\Eset\infected\32F3V2BA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\3TIIDOBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\3XN3MJAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\45LTELCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\5EBYSTCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\ADJ03ACA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\AFG3OABA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\AKMEVLCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\CMAP3WDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\D1NKGMDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\D4QPGNAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\DBXSGPCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\DDI2DRAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\EFFPRLDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\FFIORYCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\GBY5VHCA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\GO42U4CA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\GQ4JI0AA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\H0S44EDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\I3TWCYBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\JAOYGSBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\KJAL5LBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\KSTSRXAA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\N15FUPDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\N5AJEGBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\NATWVPDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\PDKMPHCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\PQODQHCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\PXZWBVAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\PZXRTVAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\QLAQXTDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\RJBFALAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\SGVT4NBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\SKFRPFDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\SONDOZBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\TA3IPVBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\TFJW5KCA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\U2HZF3BA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\UVCPLNBA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\UZRNY4CA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\VTOVWMAA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\VTPWGECA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\WJXTUYDA.NQF Infected: Virus.Win32.Virut.n 1
C:\Program Files\Eset\infected\WUJYS1BA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\YEOZKRDA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\YIUWPGCA.NQF Infected: Virus.Win32.Hidrag.a 1
C:\Program Files\Eset\infected\YNUAQ2AA.NQF Infected: Virus.Win32.Hidrag.a 1

The selected area was scanned.


OTViewIt logfile created on: 08.10.2008 21:25:21 - Run
OTViewIt by OldTimer - Version 1.0.10.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy

511,48 Mb Total Physical Memory | 294,73 Mb Available Physical Memory | 57,62% Memory free
1,22 Gb Paging File | 0,76 Gb Available in Paging File | 62,59% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,24 Gb Free Space | 43,46% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,39 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive E: | 8,42 Gb Total Space | 0,04 Gb Free Space | 0,53% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GEP
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2003.09.17 17:39:46 | 00,212,992 | ---- | M] (ACD Systems, Ltd.) -- C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
[2008.09.11 20:07:06 | 00,950,664 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe
[2002.07.12 11:33:12 | 01,581,056 | R--- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
[2008.06.10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2004.06.10 13:48:04 | 00,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
[2007.12.07 15:08:02 | 21,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
[2002.06.30 21:53:44 | 00,081,920 | ---- | M] () -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
[2007.12.07 15:08:02 | 02,051,016 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
[2008.09.11 20:07:06 | 00,549,256 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe
[2002.09.27 10:38:00 | 00,065,536 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2005.01.28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
[2008.07.18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2007.08.30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[2007.08.30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe
[2001.08.23 12:00:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drwtsn32.exe
[2001.08.23 12:00:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drwtsn32.exe
[2008.08.14 15:52:32 | 00,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
[2008.10.08 17:50:19 | 00,139,264 | ---- | M] (Kaspersky Lab.) -- C:\Documents and Settings\Administrator\Local Settings\Temp\jkos-Administrator\binaries\ScanningProcess.exe
[2008.09.25 13:02:40 | 03,304,232 | ---- | M] (TeamViewer GmbH) -- C:\Documents and Settings\Administrator\temp\TeamViewer3\TeamViewer.exe
[2008.10.08 21:24:49 | 00,421,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe

========== (O23) Win32 Services ==========

[2008.09.11 20:07:06 | 00,549,256 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn [Auto | Running])
[2002.09.27 10:38:00 | 00,065,536 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2005.01.28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

========== Driver Services ==========

[2004.08.03 22:05:44 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2008.09.11 20:07:07 | 00,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON [Auto | Running])
[2002.07.16 05:58:12 | 00,379,726 | R--- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci [On_Demand | Running])
[2001.08.17 15:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS [On_Demand | Running])
[2004.08.03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Stopped])
[2008.09.11 20:07:05 | 00,015,424 | ---- | M] () -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv [System | Running])
[2002.09.27 10:38:00 | 01,104,282 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2008.09.11 19:55:12 | 00,009,856 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2001.08.23 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007.03.08 02:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004.07.17 08:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2005.06.20 21:27:02 | 00,390,912 | ---- | M] () -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd [On_Demand | Running])
[2001.08.17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2003.07.02 04:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
[2001.10.18 12:00:00 | 00,006,144 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\viaidexp.sys -- (ViaIde [Boot | Running])
[2005.07.29 17:24:45 | 00,052,736 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viaxport.sys -- (viaxport [Boot | Running])
[2001.08.23 12:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=about:blank
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=about:blank

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=about:blank

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=about:blank

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=about:blank

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.google.ro/

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (HKLM) -- C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (HKLM) -- C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"=Mixer.exe /startup (C-Media Electronic Inc. (www.cmedia.com.tw))
"Device Detector"="C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe" -autorun (ACD Systems, Ltd.)
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k File not found
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE (Eset )
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
"nwiz"=nwiz.exe /install ()
"snpstd"=C:\WINDOWS\vsnpstd.exe ()
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background (Orb Networks)
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background (Orb Networks)
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (Skype Technologies S.A.)
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)

========== (O4) Startup Folders ==========

[2002.06.30 21:53:44 | 00,081,920 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Winamp Search: C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [2008.03.20 01:12:24 | 00,000,748 | ---- | M] ()

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\Software\Microsoft\Internet Explorer\MenuExt\]
&Winamp Search: C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html [2008.03.20 01:12:24 | 00,000,748 | ---- | M] ()

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008.06.10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}: Button: Yahoo! Services -- %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [2007.12.13 01:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008.06.10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007.12.13 01:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)

[HKEY_USERS\S-1-5-21-1004336348-1606980848-1957994488-500\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008.06.10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007.12.13 01:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\Yinsthelper.dll -- Installation Support
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

========== (O17) DNS Name Servers ==========

{4941566C-A397-428D-9177-54F587F5064D} (Servers: | Description: VIA PCI 10/100Mb Fast Ethernet Adapter)
{68AD050A-C092-4FC7-B74F-B5542A87E1C5} (Servers: | Description: )

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008.09.11 19:44:38 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

AUTOEXEC.BAT [@ECHO OFF | set EXPAND=YES | SET DIRCMD=/O:N | set LglDrv=27 * 26 Z 25 Y 24 X 23 W 22 V 21 U 20 T 19 S 18 R 17 Q 16 P 15 | set LglDrv=%LglDrv% O 14 N 13 M 12 L 11 K 10 J 9 I 8 H 7 G 6 F 5 E 4 D 3 C | cls | echo Verific acest sistem. Rabdare... | call setramd.bat %LglDrv% | set temp=c:\ | set tmp=c:\ | path=%RAMD%:\;a:\;%CDROM%:\ | echo Copiez sistemul de operare Œn discul RAM | copy command.com %RAMD%:\ > NUL | set comspec=%RAMD%:\command.com | copy extract.exe %RAMD%:\ > NUL | copy nc.com %RAMD%:\ > NUL | copy vc.ini %RAMD%:\ > NUL | copy readme.txt %RAMD%:\ > NUL | | :ERROR | IF EXIST ebd.cab GOTO EXT | echo Introduceti, va rog Diskul 2 cu Windows 98 (cu ebd.cab) | echo. | pause | GOTO ERROR | | :EXT | echo ...continui copierea modulelor de diagnosticare Œn discul RAM creat | %RAMD%:\extract /y /e /l %RAMD%: ebd.cab > NUL | echo. | echo Modulele de diagnosticare | echo au fost Œncarcate cu succes Œn discul RAM (litera alocata: %RAMD%). | echo. | | IF "%config%"=="NOCD" GOTO QUIT | IF "%config%"=="HELP" GOTO HELP | echo ... atribui litera unitatii CD-ROM | LH %ramd%:\MSCDEX.EXE /D:mscd001 /L:%CDROM% | echo. | GOTO QUIT | | :HELP | cls | call help.bat | echo Calculatorul se restarteaza si va apare un meniu din care selectati... | echo. | echo. | echo. | echo. | echo. | echo. | echo. | echo. | echo. | echo. | restart.com | GOTO QUIT | | :QUIT | echo Pentru a obtine asistenta (HELP), tipareste HELP si apasa ENTER. | echo. | rem clean up environment variables | set CDROM= | set LglDrv= | %ramd%:mouse | %RAMD%:\nc | ]
[2000.04.22 16:03:40 | 00,001,515 | ---- | M] () -- D:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008.10.08 21:24:48 | 00,421,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2008.10.08 19:16:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2008.10.08 19:15:59 | 01,677,736 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\TeamViewer_Setup.exe
[2008.10.08 16:16:21 | 00,248,652 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DSC00624.JPG
[2008.10.08 16:16:15 | 00,284,499 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\DSC00623.JPG
[2008.10.07 22:12:54 | 00,121,544 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\www.subs.ro_Never-Back-Down.zip
[2008.10.07 22:09:22 | 04,606,279 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\112.mp3
[2008.10.07 18:05:27 | 00,150,060 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\macmac.jpg
[2008.10.07 18:05:23 | 00,082,388 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\mac mac 3.jpg
[2008.10.07 18:05:17 | 00,018,725 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\aaaa.jpg
[2008.10.06 22:35:10 | 03,989,419 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\B.U.G. Mafia & Adriana Vlad - Intre noapte si zi [ WwW.Zeddy.Tk ].mp3
[2008.10.06 19:18:03 | 00,463,097 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Inna_Play_Win-Fly_www[1].ten28.com.mp3.mp3
[2008.10.06 18:41:00 | 00,127,526 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_cbr_1.2_1_.jpg
[2008.10.06 18:36:30 | 00,113,411 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_2_1_.jpg
[2008.10.06 18:36:15 | 00,109,121 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_cbr_1_1_.jpg
[2008.10.06 18:25:24 | 00,058,299 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\i40bQt600426-02.jpg
[2008.10.06 18:25:20 | 00,065,162 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\JkFwB2808526-02.jpg
[2008.10.06 18:25:16 | 00,053,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\5Do2OG944779-02.jpg
[2008.10.06 18:25:11 | 00,062,033 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\qQhdn5335238-02.jpg
[2008.10.06 18:25:02 | 00,060,634 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\5pXVb6693874-02.jpg
[2008.10.06 15:40:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2008.10.04 23:00:52 | 00,000,063 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\vibe fm.pls
[2008.10.04 19:50:07 | 00,287,050 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\02102008966.jpg
[2008.10.03 23:57:07 | 19,202,176 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\First State feat. Elliot Johns - Your Own Way (Original Mix).mp3
[2008.10.03 23:05:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\scanner
[2008.10.03 18:47:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM
[2008.10.03 18:47:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2008.10.03 18:47:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My eBooks
[2008.10.03 18:47:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2008.09.30 21:18:58 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\123.bmp
[2008.09.30 21:05:52 | 04,518,557 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Farsa Buzdugan - Clitoris de vanatoare 2008 by Alecs'x @ www.VitanClub.Net.mp3
[2008.09.30 18:40:18 | 00,002,260 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\lwadelegation.srf
[2008.09.29 22:42:05 | 00,079,494 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Imag070.jpg
[2008.09.29 21:26:52 | 05,448,386 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Dj David & Dony - Hello [www.ten28.com].mp3
[2008.09.29 20:57:49 | 04,600,436 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\038-the_guru_josh_project_-_infinity_2008-ministry.mp3
[2008.09.25 22:08:24 | 05,436,356 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\(15)_[Armin_van_Buuren_feat._Audrey_Gallagher]_Hold_On_To_Me.mp3
[2008.09.25 21:35:41 | 04,515,643 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Phunk Investigation vs Boy George - Generations Of Love 2008 (Phunk Investigation Firewall Mix Radio Edit).mp3
[2008.09.25 21:34:03 | 20,766,720 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Feel Good Productions & Fish & Chips - Bouncing In Draut (D.O.N.S. & DBN Remix).mp3
[2008.09.25 21:33:28 | 04,475,614 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Dj Andi feat. Stella - Colours Of The Rainbow (Vibe FM Radio Edit).mp3
[2008.09.25 19:23:40 | 06,451,200 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\04. Ciuraru - Anatomie Cu Rece Si Ciurar feat. Rece de la Bruiaj Mintal.mp3
[2008.09.25 17:52:19 | 00,031,920 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\16092008942.jpg
[2008.09.25 17:51:58 | 00,355,348 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\25092008956.jpg
[2008.09.24 20:34:21 | 09,301,775 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Ashlee Simpson - L.O.V.E (Felix Cartal Mix) 4clubbing.blogspot.com.mp3
[2008.09.24 20:34:06 | 10,467,883 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Plastik Funk - Let Me See Your Hands(Corenell Remix).mp3
[2008.09.24 20:22:35 | 08,235,885 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\16. Activ & DJ Optick - Be free [Radio Edit] by www.RadioFLy.ws.mp3
[2008.09.24 20:22:20 | 00,000,449 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008.09.24 16:33:37 | 01,507,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\19092008081.mp4
[2008.09.22 18:58:45 | 00,026,981 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\4AQjB1552952-02.jpg
[2008.09.18 19:32:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\dvdcss
[2008.09.18 17:59:40 | 39,466,8032 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\electro-tek vol 2 (dvd).iso
[2008.09.15 21:59:23 | 07,374,149 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Flo-Rida ft Timbaland - Elevator.mp3
[2008.09.15 21:50:40 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\to da windooow.bmp
[2008.09.15 21:12:54 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\fghjkl.bmp
[2008.09.15 19:06:10 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\casca.bmp
[2008.09.15 19:06:03 | 01,764,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\cassca&scuter.bmp
[2008.09.15 18:57:30 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\negruu.bmp
[2008.09.15 18:55:34 | 00,011,532 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\noul cod rutier ptr motociclisti.rtf
[2008.09.15 18:52:54 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\untitled.bmp
[2008.09.15 18:27:57 | 00,035,125 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\mo7.jpg
[2008.09.15 08:19:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vlc
[2008.09.14 21:40:02 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2008.09.14 21:40:02 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2008.09.14 12:10:58 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla FireFox Kawasaki Edtion LUX.lnk
[2008.09.14 12:07:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2008.09.13 13:51:29 | 00,007,680 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.12 17:05:27 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys
[2008.09.12 17:05:27 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2008.09.12 17:05:18 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys
[2008.09.12 17:05:18 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2008.09.12 17:05:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2008.09.12 17:05:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2008.09.12 17:05:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys
[2008.09.12 17:05:12 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2008.09.12 17:05:07 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys
[2008.09.12 17:05:07 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2008.09.12 17:05:00 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS
[2008.09.12 17:05:00 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2008.09.12 17:04:53 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys
[2008.09.12 17:04:53 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2008.09.12 17:04:46 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys
[2008.09.12 17:04:46 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2008.09.12 17:04:27 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2008.09.12 17:04:27 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2008.09.12 17:04:27 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2008.09.12 17:04:27 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2008.09.12 17:04:27 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2008.09.12 17:04:27 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2008.09.12 17:04:23 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2008.09.12 17:04:23 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2008.09.12 17:04:22 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2008.09.12 17:04:22 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2008.09.12 17:02:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Album
[2008.09.12 17:02:04 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2008.09.12 17:02:04 | 00,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2008.09.12 17:02:04 | 00,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VideoCAM Trek.lnk
[2008.09.12 17:02:04 | 00,000,000 | ---D | C] -- C:\Program Files\VideoCAM Trek
[2008.09.12 17:02:03 | 00,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2008.09.12 17:02:03 | 00,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2008.09.12 17:02:03 | 00,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2008.09.12 17:02:03 | 00,013,023 | ---- | C] () -- C:\WINDOWS\snpstd.src
[2008.09.12 17:02:02 | 00,286,720 | ---- | C] () -- C:\WINDOWS\vsnpstd.exe
[2008.09.12 17:02:02 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2008.09.12 17:02:02 | 00,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\dsnpstd.ax
[2008.09.12 17:02:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\VCAMTrek
[2008.09.12 17:01:58 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2008.09.12 13:21:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Winamp Toolbar
[2008.09.12 10:19:37 | 00,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2008.09.12 10:18:57 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar
[2008.09.12 10:18:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
[2008.09.12 10:18:44 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winamp Remote.lnk
[2008.09.12 10:18:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2008.09.12 10:18:09 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Remote
[2008.09.12 10:05:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2008.09.12 09:39:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008.09.12 02:31:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2008.09.12 02:31:05 | 00,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2008.09.12 02:31:04 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2008.09.12 02:31:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2008.09.12 00:48:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2008.09.11 23:42:42 | 00,278,528 | -HS- | C] () -- C:\Documents and Settings\Administrator\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Administrator\Desktop\Thumbs.db:encryptable
[2008.09.11 23:22:44 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008.09.11 23:22:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\skypePM
[2008.09.11 23:20:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Skype
[2008.09.11 23:20:42 | 00,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2008.09.11 23:20:36 | 00,000,000 | ---D | C] -- C:\Program Files\Skype
[2008.09.11 23:20:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2008.09.11 23:20:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2008.09.11 22:43:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Opera
[2008.09.11 22:43:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2008.09.11 22:43:24 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2008.09.11 22:43:12 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2008.09.11 22:34:35 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys
[2008.09.11 22:33:19 | 00,057,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys
[2008.09.11 22:32:12 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2008.09.11 22:30:30 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2008.09.11 22:29:32 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008.09.11 22:29:27 | 00,356,120 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008.09.11 22:29:26 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2008.09.11 22:29:25 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.09.11 22:29:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2008.09.11 22:29:21 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2008.09.11 22:29:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2008.09.11 22:29:19 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2008.09.11 22:29:19 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2008.09.11 22:29:19 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2008.09.11 22:29:19 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2008.09.11 22:29:18 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2008.09.11 22:29:18 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2008.09.11 22:29:18 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2008.09.11 22:29:18 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2008.09.11 22:29:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2008.09.11 22:29:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2008.09.11 22:29:17 | 00,000,000 | R--D | C] -- C:\Program Files
[2008.09.11 22:29:17 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008.09.11 22:29:16 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2008.09.11 22:29:15 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2008.09.11 22:29:15 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2008.09.11 22:29:15 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2008.09.11 22:29:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2008.09.11 22:29:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2008.09.11 22:29:15 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2008.09.11 22:29:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2008.09.11 22:29:13 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2008.09.11 22:29:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2008.09.11 22:29:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2008.09.11 22:29:12 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2008.09.11 22:29:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2008.09.11 22:29:12 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2008.09.11 22:29:12 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2008.09.11 22:29:12 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2008.09.11 22:29:12 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2008.09.11 22:29:11 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2008.09.11 22:29:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2008.09.11 22:29:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2008.09.11 22:29:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2008.09.11 22:29:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2008.09.11 22:29:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2008.09.11 22:29:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2008.09.11 22:29:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2008.09.11 22:29:10 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2008.09.11 22:29:10 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2008.09.11 22:29:10 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2008.09.11 22:29:10 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2008.09.11 22:29:10 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2008.09.11 22:29:10 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2008.09.11 22:29:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2008.09.11 22:29:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2008.09.11 22:29:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2008.09.11 22:29:10 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2008.09.11 22:29:10 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2008.09.11 22:29:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2008.09.11 22:29:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2008.09.11 22:29:09 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2008.09.11 22:29:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2008.09.11 22:29:09 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2008.09.11 22:29:09 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2008.09.11 22:29:09 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2008.09.11 22:29:09 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2008.09.11 22:29:09 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2008.09.11 22:29:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2008.09.11 22:29:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2008.09.11 22:29:09 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2008.09.11 22:29:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2008.09.11 22:29:06 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2008.09.11 22:29:05 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2008.09.11 22:29:05 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2008.09.11 22:29:05 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2008.09.11 22:29:05 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2008.09.11 22:29:05 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2008.09.11 22:29:05 | 00,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2008.09.11 22:29:05 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2008.09.11 22:29:05 | 00,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2008.09.11 22:29:05 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2008.09.11 22:29:05 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2008.09.11 22:29:05 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2008.09.11 22:29:04 | 00,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2008.09.11 22:29:04 | 00,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2008.09.11 22:29:04 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2008.09.11 22:29:04 | 00,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2008.09.11 22:29:04 | 00,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2008.09.11 22:29:04 | 00,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2008.09.11 22:29:04 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2008.09.11 22:29:04 | 00,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2008.09.11 22:29:04 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2008.09.11 22:29:04 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2008.09.11 22:29:04 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2008.09.11 22:29:04 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2008.09.11 22:29:03 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2008.09.11 22:29:03 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
[2008.09.11 22:29:03 | 00,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2008.09.11 22:29:03 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2008.09.11 22:29:03 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2008.09.11 22:29:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys
[2008.09.11 22:29:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2008.09.11 22:29:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2008.09.11 22:29:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2008.09.11 22:29:03 | 00,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2008.09.11 22:29:01 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2008.09.11 22:28:47 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008.09.11 22:28:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008.09.11 22:28:47 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008.09.11 22:28:45 | 00,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2008.09.11 22:28:45 | 00,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2008.09.11 22:28:45 | 00,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2008.09.11 22:28:45 | 00,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2008.09.11 22:28:45 | 00,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2008.09.11 22:28:45 | 00,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2008.09.11 22:28:45 | 00,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2008.09.11 22:28:45 | 00,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2008.09.11 22:28:45 | 00,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2008.09.11 22:28:45 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2008.09.11 22:28:45 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2008.09.11 22:28:45 | 00,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2008.09.11 22:28:44 | 01,086,058 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT
[2008.09.11 22:28:44 | 01,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2008.09.11 22:28:44 | 00,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2008.09.11 22:28:44 | 00,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2008.09.11 22:28:44 | 00,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2008.09.11 22:28:43 | 02,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2008.09.11 22:28:43 | 00,502,724 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2008.09.11 22:28:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2008.09.11 22:28:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2008.09.11 22:28:13 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008.09.11 22:27:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2008.09.11 22:27:45 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008.09.11 22:27:44 | 00,091,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.09.11 22:27:00 | 00,000,211 | -HS- | C] () -- C:\boot.ini
[2008.09.11 22:26:54 | 00,001,575 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2008.09.11 22:23:35 | 00,014,832 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\kasp log.html
[2008.09.11 22:22:02 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2008.09.11 22:22:02 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2008.09.11 22:22:02 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2008.09.11 22:22:02 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2008.09.11 22:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2008.09.11 20:50:13 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2008.09.11 20:49:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2008.09.11 20:49:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2008.09.11 20:49:14 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2008.09.11 20:48:56 | 00,000,851 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Get OpenOffice.org.lnk
[2008.09.11 20:48:56 | 00,000,000 | ---D | C] -- C:\Program Files\Sun
[2008.09.11 20:47:43 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2008.09.11 20:47:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008.09.11 20:45:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.09.11 20:44:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2008.09.11 20:44:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2008.09.11 20:44:45 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008.09.11 20:42:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2008.09.11 20:42:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Yahoo!
[2008.09.11 20:32:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ACD Systems
[2008.09.11 20:29:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2008.09.11 20:28:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2008.09.11 20:28:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2008.09.11 20:27:44 | 00,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2008.09.11 20:27:31 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008.09.11 20:19:57 | 00,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2008.09.11 20:18:29 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2008.09.11 20:18:29 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2008.09.11 20:18:26 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2008.09.11 20:18:26 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2008.09.11 20:18:22 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys
[2008.09.11 20:18:22 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2008.09.11 20:18:19 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2008.09.11 20:18:19 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2008.09.11 20:18:16 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2008.09.11 20:18:16 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2008.09.11 20:18:13 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2008.09.11 20:18:13 | 00,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2008.09.11 20:18:10 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2008.09.11 20:18:10 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2008.09.11 20:17:59 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2008.09.11 20:17:59 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2008.09.11 20:17:55 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys
[2008.09.11 20:17:55 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2008.09.11 20:17:52 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys
[2008.09.11 20:17:52 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2008.09.11 20:17:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys
[2008.09.11 20:17:49 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2008.09.11 20:17:45 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2008.09.11 20:17:45 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2008.09.11 20:17:36 | 00,174,592 | R--- | C] () -- C:\WINDOWS\cmuninst.exe
[2008.09.11 20:17:36 | 00,135,168 | R--- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\cmuninst.dat
[2008.09.11 20:17:36 | 00,036,924 | R--- | C] () -- C:\WINDOWS\cmijack.dat
[2008.09.11 20:17:36 | 00,020,333 | R--- | C] () -- C:\WINDOWS\cmaudio.dat
[2008.09.11 20:17:35 | 01,581,056 | R--- | C] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
[2008.09.11 20:17:35 | 00,379,726 | R--- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmaudio.sys
[2008.09.11 20:17:35 | 00,032,768 | R--- | C] (C-Media Corporation) -- C:\WINDOWS\System32\cmnprop.dll
[2008.09.11 20:17:33 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2008.09.11 20:17:33 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2008.09.11 20:17:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2008.09.11 20:17:33 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2008.09.11 20:17:31 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2008.09.11 20:17:31 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2008.09.11 20:17:31 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2008.09.11 20:17:31 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2008.09.11 20:17:25 | 00,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2008.09.11 20:17:21 | 00,000,000 | ---D | C] -- C:\Program Files\C-Media
[2008.09.11 20:13:18 | 00,000,540 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\kawasaki.lnk
[2008.09.11 20:07:44 | 00,512,096 | ---- | C] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2008.09.11 20:07:44 | 00,299,392 | ---- | C] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2008.09.11 20:07:44 | 00,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2008.09.11 20:07:44 | 00,000,000 | ---D | C] -- C:\Program Files\Eset
[2008.09.11 20:05:52 | 00,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
[2008.09.11 20:05:30 | 00,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2008.09.11 20:04:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2008.09.11 20:04:11 | 00,012,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008.09.11 20:01:14 | 03,730,064 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2008.09.11 20:00:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2008.09.11 20:00:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008.09.11 20:00:11 | 00,000,026 | ---- | C] () -- C:\WINDOWS\tsctv.ini
[2008.09.11 20:00:03 | 00,006,961 | ---- | C] () -- C:\pltemp.ini
[2008.09.11 19:56:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Identities
[2008.09.11 19:56:02 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2008.09.11 19:56:00 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Administrator\My Documents\desktop.ini
[2008.09.11 19:56:00 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2008.09.11 19:56:00 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2008.09.11 19:55:32 | 00,002,070 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ACD FotoCanvas 3.0.lnk
[2008.09.11 19:55:32 | 00,002,040 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ACDSee 6.0.lnk
[2008.09.11 19:55:32 | 00,001,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ACD FotoSlate 3.0.lnk
[2008.09.11 19:55:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2008.09.11 19:55:13 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems
[2008.09.11 19:55:13 | 00,000,000 | ---D | C] -- C:\Program Files\ACD Systems
[2008.09.11 19:54:59 | 00,000,646 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Winamp.lnk
[2008.09.11 19:54:59 | 00,000,039 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2008.09.11 19:54:57 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp
[2008.09.11 19:54:44 | 00,000,147 | ---- | C] () -- C:\WINDOWS\Winamp5.ini
[2008.09.11 19:54:40 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008.09.11 19:54:39 | 00,000,548 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Total Commander.lnk
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2008.09.11 19:54:37 | 00,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2008.09.11 19:54:37 | 00,000,000 | ---D | C] -- C:\totalcmd
[2008.09.11 19:54:35 | 00,000,796 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\BSplayer Pro.lnk
[2008.09.11 19:54:28 | 00,000,000 | ---D | C] -- C:\Program Files\Webteh
[2008.09.11 19:54:14 | 00,000,000 | ---D | C] -- C:\Program Files\Theorica Divx ;-) Codecs
[2008.09.11 19:54:03 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 6.0.lnk
[2008.09.11 19:53:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008.09.11 19:53:50 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2008.09.11 19:52:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2008.09.11 19:52:39 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[2008.09.11 19:52:38 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini
[2008.09.11 19:52:38 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2008.09.11 19:52:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
[2008.09.11 19:52:32 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2008.09.11 19:52:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2008.09.11 19:51:59 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT
[2008.09.11 19:51:59 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2008.09.11 19:51:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008.09.11 19:51:56 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2008.09.11 19:50:33 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.09.11 19:49:49 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2008.09.11 19:49:48 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2008.09.11 19:49:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2008.09.11 19:49:47 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2008.09.11 19:49:46 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2008.09.11 19:49:46 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2008.09.11 19:49:44 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2008.09.11 19:49:44 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2008.09.11 19:49:42 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2008.09.11 19:49:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2008.09.11 19:49:41 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2008.09.11 19:49:40 | 00,363,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2008.09.11 19:49:40 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2008.09.11 19:49:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2008.09.11 19:49:40 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2008.09.11 19:49:39 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2008.09.11 19:49:39 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2008.09.11 19:49:39 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2008.09.11 19:49:34 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2008.09.11 19:49:34 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2008.09.11 19:49:33 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2008.09.11 19:49:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2008.09.11 19:49:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2008.09.11 19:49:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2008.09.11 19:49:29 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2008.09.11 19:49:29 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2008.09.11 19:49:29 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2008.09.11 19:49:28 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2008.09.11 19:49:28 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2008.09.11 19:49:28 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2008.09.11 19:49:27 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2008.09.11 19:49:24 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2008.09.11 19:49:23 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2008.09.11 19:49:23 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2008.09.11 19:49:23 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2008.09.11 19:49:22 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2008.09.11 19:49:18 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2008.09.11 19:49:18 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2008.09.11 19:49:17 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2008.09.11 19:49:17 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2008.09.11 19:49:17 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2008.09.11 19:49:17 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2008.09.11 19:49:17 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2008.09.11 19:49:17 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2008.09.11 19:49:16 | 00,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2008.09.11 19:49:16 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2008.09.11 19:49:16 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2008.09.11 19:49:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2008.09.11 19:49:15 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2008.09.11 19:49:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2008.09.11 19:49:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2008.09.11 19:49:14 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2008.09.11 19:49:14 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2008.09.11 19:49:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2008.09.11 19:49:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2008.09.11 19:49:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2008.09.11 19:49:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2008.09.11 19:49:13 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2008.09.11 19:49:13 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2008.09.11 19:49:13 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2008.09.11 19:49:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2008.09.11 19:49:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2008.09.11 19:49:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2008.09.11 19:49:13 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2008.09.11 19:49:12 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2008.09.11 19:49:12 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2008.09.11 19:49:11 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2008.09.11 19:49:03 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2008.09.11 19:49:03 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2008.09.11 19:49:02 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2008.09.11 19:49:00 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2008.09.11 19:49:00 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2008.09.11 19:49:00 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2008.09.11 19:48:59 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2008.09.11 19:48:59 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2008.09.11 19:48:58 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2008.09.11 19:48:57 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2008.09.11 19:48:56 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2008.09.11 19:48:56 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2008.09.11 19:48:53 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2008.09.11 19:48:52 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2008.09.11 19:48:52 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2008.09.11 19:48:52 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2008.09.11 19:48:51 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2008.09.11 19:48:49 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2008.09.11 19:48:49 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2008.09.11 19:48:48 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2008.09.11 19:48:48 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2008.09.11 19:48:48 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2008.09.11 19:48:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2008.09.11 19:48:47 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2008.09.11 19:48:47 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2008.09.11 19:48:47 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2008.09.11 19:48:47 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2008.09.11 19:48:45 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2008.09.11 19:48:45 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2008.09.11 19:48:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2008.09.11 19:48:45 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2008.09.11 19:48:45 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2008.09.11 19:48:39 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2008.09.11 19:48:37 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2008.09.11 19:48:35 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2008.09.11 19:48:30 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2008.09.11 19:48:30 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2008.09.11 19:48:21 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2008.09.11 19:48:20 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2008.09.11 19:48:20 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2008.09.11 19:48:04 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2008.09.11 19:48:03 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2008.09.11 19:48:03 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2008.09.11 19:48:03 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2008.09.11 19:48:02 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2008.09.11 19:48:02 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2008.09.11 19:48:01 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2008.09.11 19:47:59 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2008.09.11 19:47:59 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2008.09.11 19:47:59 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2008.09.11 19:47:59 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2008.09.11 19:47:58 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2008.09.11 19:47:56 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2008.09.11 19:47:56 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2008.09.11 19:47:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2008.09.11 19:47:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2008.09.11 19:47:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2008.09.11 19:47:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2008.09.11 19:47:54 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2008.09.11 19:47:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2008.09.11 19:47:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2008.09.11 19:47:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2008.09.11 19:47:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2008.09.11 19:47:53 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2008.09.11 19:47:53 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2008.09.11 19:47:53 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2008.09.11 19:47:53 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2008.09.11 19:47:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2008.09.11 19:47:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2008.09.11 19:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2008.09.11 19:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2008.09.11 19:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2008.09.11 19:47:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2008.09.11 19:47:51 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2008.09.11 19:47:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2008.09.11 19:47:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2008.09.11 19:47:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2008.09.11 19:47:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2008.09.11 19:47:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2008.09.11 19:47:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2008.09.11 19:47:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2008.09.11 19:47:50 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2008.09.11 19:47:49 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2008.09.11 19:47:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2008.09.11 19:47:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2008.09.11 19:47:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2008.09.11 19:47:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2008.09.11 19:47:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2008.09.11 19:47:48 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2008.09.11 19:47:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2008.09.11 19:47:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2008.09.11 19:47:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2008.09.11 19:47:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2008.09.11 19:47:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2008.09.11 19:47:47 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2008.09.11 19:47:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2008.09.11 19:47:44 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2008.09.11 19:47:44 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2008.09.11 19:47:44 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2008.09.11 19:47:43 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2008.09.11 19:47:43 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2008.09.11 19:47:43 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2008.09.11 19:47:43 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2008.09.11 19:47:42 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2008.09.11 19:47:42 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2008.09.11 19:47:42 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2008.09.11 19:47:42 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2008.09.11 19:47:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2008.09.11 19:47:42 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2008.09.11 19:47:41 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2008.09.11 19:47:41 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2008.09.11 19:47:41 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2008.09.11 19:47:41 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2008.09.11 19:47:41 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2008.09.11 19:47:41 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2008.09.11 19:47:40 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2008.09.11 19:47:40 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2008.09.11 19:47:40 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2008.09.11 19:47:40 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2008.09.11 19:47:39 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2008.09.11 19:47:39 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2008.09.11 19:47:39 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2008.09.11 19:47:39 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2008.09.11 19:47:39 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2008.09.11 19:47:39 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2008.09.11 19:47:38 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2008.09.11 19:47:38 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2008.09.11 19:47:38 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2008.09.11 19:47:38 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2008.09.11 19:47:37 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2008.09.11 19:47:37 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2008.09.11 19:47:37 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2008.09.11 19:47:37 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2008.09.11 19:47:28 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2008.09.11 19:47:22 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2008.09.11 19:47:19 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2008.09.11 19:47:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2008.09.11 19:47:18 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2008.09.11 19:47:18 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2008.09.11 19:47:17 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2008.09.11 19:47:15 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2008.09.11 19:47:15 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2008.09.11 19:47:14 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2008.09.11 19:47:12 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2008.09.11 19:47:12 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2008.09.11 19:47:12 | 00,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2008.09.11 19:47:11 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2008.09.11 19:47:11 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2008.09.11 19:47:11 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2008.09.11 19:47:11 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2008.09.11 19:47:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2008.09.11 19:47:10 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2008.09.11 19:47:10 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2008.09.11 19:47:10 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2008.09.11 19:47:10 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2008.09.11 19:47:10 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2008.09.11 19:47:10 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2008.09.11 19:47:10 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2008.09.11 19:47:09 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2008.09.11 19:47:09 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2008.09.11 19:47:09 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2008.09.11 19:47:09 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2008.09.11 19:47:09 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2008.09.11 19:47:09 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2008.09.11 19:47:08 | 00,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2008.09.11 19:47:08 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2008.09.11 19:47:08 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2008.09.11 19:47:08 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2008.09.11 19:47:07 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2008.09.11 19:47:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2008.09.11 19:47:06 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2008.09.11 19:47:06 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2008.09.11 19:47:06 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2008.09.11 19:47:06 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2008.09.11 19:47:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2008.09.11 19:47:04 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2008.09.11 19:47:04 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2008.09.11 19:47:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2008.09.11 19:47:03 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2008.09.11 19:47:03 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2008.09.11 19:47:03 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2008.09.11 19:47:02 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2008.09.11 19:47:02 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2008.09.11 19:47:02 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2008.09.11 19:47:00 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2008.09.11 19:46:48 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2008.09.11 19:46:48 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2008.09.11 19:46:44 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2008.09.11 19:46:44 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2008.09.11 19:46:44 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2008.09.11 19:46:43 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2008.09.11 19:46:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2008.09.11 19:46:41 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2008.09.11 19:46:38 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2008.09.11 19:46:38 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2008.09.11 19:46:38 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2008.09.11 19:46:37 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2008.09.11 19:46:37 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2008.09.11 19:46:37 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2008.09.11 19:46:37 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2008.09.11 19:46:36 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2008.09.11 19:46:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2008.09.11 19:46:36 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2008.09.11 19:46:35 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2008.09.11 19:46:35 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2008.09.11 19:46:35 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2008.09.11 19:46:34 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2008.09.11 19:46:33 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2008.09.11 19:46:33 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2008.09.11 19:46:33 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2008.09.11 19:46:21 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2008.09.11 19:46:17 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2008.09.11 19:46:16 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2008.09.11 19:46:16 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2008.09.11 19:46:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2008.09.11 19:46:15 | 00,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2008.09.11 19:46:15 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2008.09.11 19:46:15 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2008.09.11 19:46:14 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2008.09.11 19:46:12 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2008.09.11 19:46:12 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2008.09.11 19:46:11 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2008.09.11 19:46:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2008.09.11 19:46:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2008.09.11 19:46:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2008.09.11 19:46:01 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2008.09.11 19:46:00 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2008.09.11 19:46:00 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2008.09.11 19:46:00 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2008.09.11 19:45:59 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2008.09.11 19:45:59 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2008.09.11 19:45:48 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2008.09.11 19:45:48 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2008.09.11 19:45:48 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2008.09.11 19:45:47 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2008.09.11 19:45:47 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2008.09.11 19:45:47 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2008.09.11 19:45:47 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2008.09.11 19:45:47 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2008.09.11 19:45:46 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2008.09.11 19:45:46 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2008.09.11 19:45:46 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2008.09.11 19:45:46 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2008.09.11 19:45:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2008.09.11 19:45:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2008.09.11 19:45:45 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2008.09.11 19:45:45 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2008.09.11 19:45:44 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2008.09.11 19:45:44 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2008.09.11 19:45:44 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2008.09.11 19:45:44 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2008.09.11 19:45:44 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2008.09.11 19:45:43 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2008.09.11 19:45:43 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2008.09.11 19:45:43 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2008.09.11 19:45:43 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2008.09.11 19:45:43 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2008.09.11 19:45:43 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2008.09.11 19:45:42 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2008.09.11 19:45:42 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2008.09.11 19:45:42 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2008.09.11 19:45:41 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2008.09.11 19:45:41 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2008.09.11 19:45:41 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2008.09.11 19:45:41 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2008.09.11 19:45:41 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2008.09.11 19:45:40 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2008.09.11 19:45:40 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2008.09.11 19:45:40 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2008.09.11 19:45:39 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2008.09.11 19:45:38 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2008.09.11 19:45:38 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2008.09.11 19:45:35 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2008.09.11 19:45:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2008.09.11 19:45:34 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2008.09.11 19:44:38 | 00,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2008.09.11 19:44:38 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2008.09.11 19:44:38 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2008.09.11 19:44:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008.09.11 19:44:38 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2008.09.11 19:44:38 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2008.09.11 19:44:27 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2008.09.11 19:44:27 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2008.09.11 19:44:26 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2008.09.11 19:44:06 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2008.09.11 19:41:53 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2008.09.11 19:41:53 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2008.09.11 19:41:30 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2008.09.11 19:41:22 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2008.09.11 19:41:05 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2008.09.11 19:40:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2008.09.11 19:40:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2008.09.11 19:40:36 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2008.09.11 19:40:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2008.09.11 19:40:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2008.09.11 19:40:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2008.09.11 19:40:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2008.09.11 19:40:36 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2008.09.11 19:40:34 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2008.09.11 19:40:34 | 00,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2008.09.11 19:40:34 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\desktop.ini
[2008.09.11 19:40:34 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2008.09.11 19:40:29 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2008.09.11 19:40:29 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2008.09.11 19:40:28 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg723.acm
[2008.09.11 19:40:28 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2008.09.11 19:40:28 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2008.09.11 19:40:28 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2008.09.11 19:40:28 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2008.09.11 19:40:28 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2008.09.11 19:40:28 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2008.09.11 19:40:28 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2008.09.11 19:40:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2008.09.11 19:40:24 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2008.09.11 19:40:24 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2008.09.11 19:40:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2008.09.11 19:40:24 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2008.09.11 19:40:24 | 00,000,065 | RH-- | C] () -- C:\WINDOWS\tasks\desktop.ini
[2008.09.11 19:40:24 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2008.09.11 19:40:23 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2008.09.11 19:40:23 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2008.09.11 19:40:23 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2008.09.11 19:40:23 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2008.09.11 19:40:23 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2008.09.11 19:40:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2008.09.11 19:40:22 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2008.09.11 19:40:20 | 00,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2008.09.11 19:40:20 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2008.09.11 19:40:19 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2008.09.11 19:40:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2008.09.11 19:40:18 | 00,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2008.09.11 19:40:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2008.09.11 19:40:17 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2008.09.11 19:40:17 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2008.09.11 19:40:17 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2008.09.11 19:40:17 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2008.09.11 19:40:17 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2008.09.11 19:40:16 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2008.09.11 19:40:16 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2008.09.11 19:40:16 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2008.09.11 19:40:16 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2008.09.11 19:40:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2008.09.11 19:40:16 | 00,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2008.09.11 19:40:15 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll
[2008.09.11 19:40:15 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2008.09.11 19:40:15 | 00,325,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2008.09.11 19:40:15 | 00,325,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2008.09.11 19:40:15 | 00,215,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2008.09.11 19:40:15 | 00,215,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2008.09.11 19:40:15 | 00,205,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2008.09.11 19:40:15 | 00,205,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2008.09.11 19:40:15 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2008.09.11 19:40:15 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2008.09.11 19:40:15 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2008.09.11 19:40:15 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2008.09.11 19:40:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll
[2008.09.11 19:40:15 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2008.09.11 19:40:14 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2008.09.11 19:40:14 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2008.09.11 19:40:14 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll
[2008.09.11 19:40:14 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2008.09.11 19:40:14 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2008.09.11 19:40:14 | 00,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2008.09.11 19:40:14 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe
[2008.09.11 19:40:14 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2008.09.11 19:40:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2008.09.11 19:40:14 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2008.09.11 19:40:14 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2008.09.11 19:40:14 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2008.09.11 19:40:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2008.09.11 19:40:14 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2008.09.11 19:40:12 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2008.09.11 19:40:12 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2008.09.11 19:40:11 | 04,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2008.09.11 19:40:11 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2008.09.11 19:40:10 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2008.09.11 19:40:10 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2008.09.11 19:40:10 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2008.09.11 19:40:10 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2008.09.11 19:40:09 | 03,555,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2008.09.11 19:40:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2008.09.11 19:40:08 | 00,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2008.09.11 19:40:08 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2008.09.11 19:40:08 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2008.09.11 19:40:08 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2008.09.11 19:40:08 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2008.09.11 19:40:08 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2008.09.11 19:40:05 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2008.09.11 19:40:05 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2008.09.11 19:40:05 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2008.09.11 19:40:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2008.09.11 19:40:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2008.09.11 19:40:05 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2008.09.11 19:40:05 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2008.09.11 19:40:04 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2008.09.11 19:40:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2008.09.11 19:40:04 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2008.09.11 19:40:04 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2008.09.11 19:40:02 | 00,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008.09.11 19:40:02 | 00,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2008.09.11 19:40:02 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2008.09.11 19:40:02 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2008.09.11 19:40:01 | 00,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2008.09.11 19:40:01 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2008.09.11 19:40:01 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2008.09.11 19:40:00 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2008.09.11 19:40:00 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2008.09.11 19:40:00 | 00,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2008.09.11 19:40:00 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll
[2008.09.11 19:40:00 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2008.09.11 19:40:00 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys
[2008.09.11 19:40:00 | 00,124,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2008.09.11 19:40:00 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys
[2008.09.11 19:40:00 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2008.09.11 19:40:00 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll
[2008.09.11 19:40:00 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2008.09.11 19:40:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2008.09.11 19:40:00 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2008.09.11 19:40:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2008.09.11 19:39:59 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv
[2008.09.11 19:39:59 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2008.09.11 19:39:59 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2008.09.11 19:39:59 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2008.09.11 19:39:59 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2008.09.11 19:39:59 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe
[2008.09.11 19:39:59 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2008.09.11 19:39:59 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2008.09.11 19:39:59 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2008.09.11 19:39:58 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2008.09.11 19:39:58 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2008.09.11 19:39:58 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2008.09.11 19:39:58 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2008.09.11 19:39:58 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2008.09.11 19:39:58 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2008.09.11 19:39:58 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2008.09.11 19:39:58 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2008.09.11 19:39:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2008.09.11 19:39:58 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2008.09.11 19:39:57 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2008.09.11 19:39:57 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2008.09.11 19:39:57 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2008.09.11 19:39:57 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2008.09.11 19:39:57 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2008.09.11 19:39:57 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2008.09.11 19:39:57 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2008.09.11 19:39:57 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2008.09.11 19:39:57 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2008.09.11 19:39:56 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2008.09.11 19:39:56 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2008.09.11 19:39:56 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2008.09.11 19:39:56 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2008.09.11 19:39:56 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2008.09.11 19:39:56 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2008.09.11 19:39:56 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2008.09.11 19:39:56 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2008.09.11 19:39:55 | 00,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2008.09.11 19:39:55 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2008.09.11 19:39:55 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2008.09.11 19:39:55 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2008.09.11 19:39:55 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2008.09.11 19:39:54 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll
[2008.09.11 19:39:54 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2008.09.11 19:39:54 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2008.09.11 19:39:54 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2008.09.11 19:39:53 | 02,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2008.09.11 19:39:53 | 01,311,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll
[2008.09.11 19:39:53 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll
[2008.09.11 19:39:53 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2008.09.11 19:39:53 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2008.09.11 19:39:53 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2008.09.11 19:39:53 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2008.09.11 19:39:53 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2008.09.11 19:39:52 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll
[2008.09.11 19:39:52 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2008.09.11 19:39:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2008.09.11 19:39:52 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2008.09.11 19:39:52 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2008.09.11 19:39:52 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2008.09.11 19:39:52 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2008.09.11 19:39:52 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2008.09.11 19:39:52 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2008.09.11 19:39:52 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2008.09.11 19:39:52 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2008.09.11 19:39:52 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2008.09.11 19:39:50 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2008.09.11 19:39:50 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2008.09.11 19:39:50 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2008.09.11 19:39:50 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2008.09.11 19:39:50 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2008.09.11 19:39:50 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2008.09.11 19:39:50 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2008.09.11 19:39:50 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2008.09.11 19:39:49 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2008.09.11 19:39:49 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2008.09.11 19:39:49 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2008.09.11 19:39:49 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2008.09.11 19:39:48 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2008.09.11 19:39:48 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2008.09.11 19:39:48 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2008.09.11 19:39:48 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2008.09.11 19:39:48 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2008.09.11 19:39:48 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2008.09.11 19:39:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2008.09.11 19:39:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2008.09.11 19:39:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2008.09.11 19:39:48 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2008.09.11 19:39:47 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2008.09.11 19:39:47 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2008.09.11 19:39:47 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2008.09.11 19:39:47 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2008.09.11 19:39:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2008.09.11 19:39:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2008.09.11 19:39:47 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2008.09.11 19:39:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2008.09.11 19:39:47 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2008.09.11 19:39:47 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2008.09.11 19:39:47 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2008.09.11 19:39:47 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2008.09.11 19:39:47 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2008.09.11 19:39:47 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2008.09.11 19:39:46 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2008.09.11 19:39:46 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2008.09.11 19:39:46 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2008.09.11 19:39:46 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2008.09.11 19:39:46 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2008.09.11 19:39:46 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2008.09.11 19:39:46 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2008.09.11 19:39:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2008.09.11 19:39:46 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2008.09.11 19:39:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2008.09.11 19:39:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2008.09.11 19:39:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2008.09.11 19:39:45 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2008.09.11 19:39:45 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll
[2008.09.11 19:39:45 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2008.09.11 19:39:45 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2008.09.11 19:39:45 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2008.09.11 19:39:45 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2008.09.11 19:39:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2008.09.11 19:39:44 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2008.09.11 19:39:44 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2008.09.11 19:39:44 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2008.09.11 19:39:44 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2008.09.11 19:39:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2008.09.11 19:38:57 | 00,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.09.11 19:38:42 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2008.09.11 19:38:38 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008.09.11 19:38:38 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008.09.11 19:38:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2008.09.11 19:38:13 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2008.09.11 19:38:13 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2008.09.11 19:38:02 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2008.09.11 19:38:02 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2008.09.11 19:38:02 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2008.09.11 19:38:02 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2008.09.11 19:38:01 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2008.09.11 19:38:01 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2008.09.11 19:38:01 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2008.09.11 19:38:01 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2008.09.11 19:38:01 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2008.09.11 19:38:01 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2008.09.11 19:38:00 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2008.09.11 19:38:00 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2008.09.11 19:38:00 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2008.09.11 19:38:00 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2008.09.11 19:38:00 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2008.09.11 19:38:00 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2008.09.11 19:38:00 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2008.09.11 19:38:00 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2008.09.11 19:37:59 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2008.09.11 19:37:59 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2008.09.11 19:37:59 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2008.09.11 19:37:59 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2008.09.11 19:37:58 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2008.09.11 19:37:58 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2008.09.11 19:37:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2008.09.11 19:37:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2008.09.11 19:37:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2008.09.11 19:37:47 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2008.09.11 19:37:47 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2008.09.11 19:37:47 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2008.09.11 19:37:47 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2008.09.11 19:37:47 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2008.09.11 19:37:47 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2008.09.11 19:37:47 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2008.09.11 19:37:47 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2008.09.11 19:37:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2008.09.11 19:37:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2008.09.11 19:37:41 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2008.09.11 19:37:41 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2008.09.11 19:37:41 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2008.09.11 19:37:41 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2008.09.11 19:37:41 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2008.09.11 19:37:41 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2008.09.11 19:37:40 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2008.09.11 19:37:40 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2008.09.11 19:37:40 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2008.09.11 19:37:40 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2008.09.11 19:37:40 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2008.09.11 19:37:39 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2008.09.11 19:37:39 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2008.09.11 19:37:39 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2008.09.11 19:37:39 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2008.09.11 19:37:39 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2008.09.11 19:37:39 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2008.09.11 19:37:38 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2008.09.11 19:37:38 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2008.09.11 19:37:38 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2008.09.11 19:37:38 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2008.09.11 19:37:37 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2008.09.11 19:37:37 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2008.09.11 19:37:37 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2008.09.11 19:37:37 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2008.09.11 19:37:37 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2008.09.11 19:37:37 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2008.09.11 19:37:37 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2008.09.11 19:37:37 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2008.09.11 19:37:37 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2008.09.11 19:37:37 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2008.09.11 19:37:37 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2008.09.11 19:37:37 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2008.09.11 19:37:37 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008.09.11 19:37:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2008.09.11 19:37:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2008.09.11 19:37:37 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2008.09.11 19:37:37 | 00,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2008.09.11 19:37:36 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2008.09.11 19:37:36 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2008.09.11 19:37:36 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2008.09.11 19:37:36 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2008.09.11 19:37:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2008.09.11 19:37:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2008.09.11 19:37:36 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2008.09.11 19:37:36 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2008.09.11 19:37:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2008.09.11 19:37:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2008.09.11 19:37:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2008.09.11 19:37:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2008.09.11 19:37:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2008.09.11 19:37:36 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2008.09.11 19:37:36 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2008.09.11 19:37:36 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2008.09.11 19:37:36 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2008.09.11 19:37:36 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2008.09.11 19:37:36 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008.09.11 19:37:36 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2008.09.11 19:37:35 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2008.09.11 19:37:35 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2008.09.11 19:37:35 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2008.09.11 19:37:35 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2008.09.11 19:37:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2008.09.11 19:37:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2008.09.11 19:37:35 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2008.09.11 19:37:35 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2008.09.11 19:37:35 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2008.09.11 19:37:35 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2008.09.11 19:37:35 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2008.09.11 19:37:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2008.09.11 19:37:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2008.09.11 19:37:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2008.09.11 19:37:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2008.09.11 19:37:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2008.09.11 19:37:34 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2008.09.11 19:37:34 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2008.09.11 19:37:34 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2008.09.11 19:37:30 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2008.09.11 19:37:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2008.09.11 19:37:30 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2008.09.11 19:37:29 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2008.09.11 19:37:29 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2008.09.11 19:37:29 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2008.09.11 19:37:29 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2008.09.11 19:37:29 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2008.09.11 19:37:29 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2008.09.11 19:37:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2008.09.11 19:37:29 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2008.09.11 19:37:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2008.09.11 19:37:28 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2008.09.11 19:37:28 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2008.09.11 19:37:28 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2008.09.11 19:37:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2008.09.11 19:37:27 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008.09.11 19:37:27 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2008.09.11 19:37:26 | 00,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2008.09.11 19:37:26 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2008.09.11 19:37:26 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2008.09.11 19:37:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2008.09.11 19:37:26 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2008.09.11 19:37:26 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2008.09.11 19:37:26 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2008.09.11 19:37:25 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2008.09.11 19:37:25 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2008.09.11 19:37:25 | 00,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2008.09.11 19:37:25 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2008.09.11 19:37:25 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2008.09.11 19:37:25 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2008.09.11 19:37:24 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2008.09.11 19:37:24 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2008.09.11 19:37:24 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2008.09.11 19:37:24 | 00,139,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2008.09.11 19:37:24 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2008.09.11 19:37:24 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2008.09.11 19:37:24 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2008.09.11 19:37:24 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2008.09.11 19:37:24 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2008.09.11 19:37:24 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2008.09.11 19:37:23 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll
[2008.09.11 19:37:23 | 00,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2008.09.11 19:37:23 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2008.09.11 19:37:23 | 00,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2008.09.11 19:37:23 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2008.09.11 19:37:23 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2008.09.11 19:37:23 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe
[2008.09.11 19:37:23 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2008.09.11 19:37:23 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2008.09.11 19:37:23 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2008.09.11 19:37:23 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2008.09.11 19:37:23 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2008.09.11 19:37:23 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll
[2008.09.11 19:37:23 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2008.09.11 19:37:23 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2008.09.11 19:37:23 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2008.09.11 19:37:22 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll
[2008.09.11 19:37:22 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2008.09.11 19:37:22 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2008.09.11 19:37:22 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2008.09.11 19:37:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2008.09.11 19:37:22 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2008.09.11 19:37:22 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2008.09.11 19:37:22 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2008.09.11 19:37:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2008.09.11 19:37:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2008.09.11 19:37:22 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2008.09.11 19:37:22 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2008.09.11 19:37:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2008.09.11 19:37:22 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2008.09.11 19:37:22 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2008.09.11 19:37:22 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2008.09.11 19:37:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2008.09.11 19:37:21 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2008.09.11 19:37:21 | 00,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2008.09.11 19:37:21 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2008.09.11 19:37:21 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2008.09.11 19:37:21 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2008.09.11 19:37:21 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2008.09.11 19:37:21 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2008.09.11 19:37:21 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2008.09.11 19:37:20 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2008.09.11 19:37:20 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2008.09.11 19:37:20 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2008.09.11 19:37:20 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2008.09.11 19:37:20 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2008.09.11 19:37:20 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2008.09.11 19:37:20 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2008.09.11 19:37:20 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2008.09.11 19:37:20 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2008.09.11 19:37:20 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2008.09.11 19:37:20 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2008.09.11 19:37:20 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2008.09.11 19:37:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe
[2008.09.11 19:37:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2008.09.11 19:37:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2008.09.11 19:37:19 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2008.09.11 19:37:19 | 01,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2008.09.11 19:37:19 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2008.09.11 19:37:19 | 00,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2008.09.11 19:37:19 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2008.09.11 19:37:19 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2008.09.11 19:37:19 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2008.09.11 19:37:19 | 00,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2008.09.11 19:37:18 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2008.09.11 19:37:18 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll
[2008.09.11 19:37:15 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2008.09.11 19:37:15 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2008.09.11 19:37:15 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2008.09.11 19:37:15 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2008.09.11 19:37:15 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2008.09.11 19:37:14 | 00,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2008.09.11 19:37:14 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2008.09.11 19:37:14 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2008.09.11 19:37:14 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2008.09.11 19:37:14 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2008.09.11 19:37:14 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2008.09.11 19:37:14 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2008.09.11 19:37:14 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2008.09.11 19:37:14 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2008.09.11 19:37:14 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2008.09.11 19:37:14 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2008.09.11 19:37:14 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2008.09.11 19:37:13 | 00,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2008.09.11 19:37:13 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2008.09.11 19:37:13 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2008.09.11 19:37:13 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2008.09.11 19:37:13 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2008.09.11 19:37:13 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2008.09.11 19:37:13 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2008.09.11 19:37:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2008.09.11 19:37:13 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2008.09.11 19:37:12 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2008.09.11 19:37:12 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2008.09.11 19:37:12 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2008.09.11 19:37:12 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2008.09.11 19:37:12 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2008.09.11 19:37:12 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2008.09.11 19:37:12 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2008.09.11 19:37:12 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2008.09.11 19:37:11 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2008.09.11 19:37:11 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2008.09.11 19:37:11 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2008.09.11 19:37:11 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2008.09.11 19:37:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2008.09.11 19:37:10 | 01,352,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2008.09.11 19:37:10 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2008.09.11 19:37:10 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2008.09.11 19:37:10 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2008.09.11 19:37:10 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2008.09.11 19:37:10 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2008.09.11 19:37:10 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2008.09.11 19:37:10 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2008.09.11 19:37:10 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2008.09.11 19:37:09 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2008.09.11 19:37:09 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2008.09.11 19:37:07 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2008.09.11 19:37:06 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys
[2008.09.11 19:37:05 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2008.10.08 21:24:49 | 00,421,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTViewIt.exe
[2008.10.08 19:16:00 | 01,677,736 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\TeamViewer_Setup.exe
[2008.10.08 16:16:25 | 00,248,652 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DSC00624.JPG
[2008.10.08 16:16:20 | 00,284,499 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\DSC00623.JPG
[2008.10.08 15:48:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008.10.08 15:48:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008.10.08 15:48:52 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2008.10.07 22:51:49 | 03,730,064 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2008.10.07 22:12:54 | 00,121,544 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\www.subs.ro_Never-Back-Down.zip
[2008.10.07 22:09:50 | 04,606,279 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\112.mp3
[2008.10.07 18:07:05 | 00,278,528 | -HS- | M] () -- C:\Documents and Settings\Administrator\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Administrator\Desktop\Thumbs.db:encryptable
[2008.10.07 18:05:12 | 00,150,060 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\macmac.jpg
[2008.10.07 18:05:09 | 00,082,388 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mac mac 3.jpg
[2008.10.07 18:04:52 | 00,018,725 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\aaaa.jpg
[2008.10.07 16:27:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008.10.06 22:35:21 | 03,989,419 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\B.U.G. Mafia & Adriana Vlad - Intre noapte si zi [ WwW.Zeddy.Tk ].mp3
[2008.10.06 22:23:34 | 00,007,680 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.06 19:18:20 | 00,463,097 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Inna_Play_Win-Fly_www[1].ten28.com.mp3.mp3
[2008.10.06 18:41:01 | 00,127,526 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_cbr_1.2_1_.jpg
[2008.10.06 18:36:01 | 00,113,411 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_2_1_.jpg
[2008.10.06 18:36:01 | 00,109,121 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sistem_esapare_cbr_1_1_.jpg
[2008.10.06 18:25:24 | 00,058,299 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\i40bQt600426-02.jpg
[2008.10.06 18:25:20 | 00,065,162 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\JkFwB2808526-02.jpg
[2008.10.06 18:25:16 | 00,053,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5Do2OG944779-02.jpg
[2008.10.06 18:25:11 | 00,062,033 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\qQhdn5335238-02.jpg
[2008.10.06 18:25:02 | 00,060,634 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5pXVb6693874-02.jpg
[2008.10.04 23:00:52 | 00,000,063 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\vibe fm.pls
[2008.10.04 19:50:09 | 00,287,050 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\02102008966.jpg
[2008.10.04 00:01:52 | 19,202,176 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\First State feat. Elliot Johns - Your Own Way (Original Mix).mp3
[2008.09.30 21:18:59 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\123.bmp
[2008.09.30 21:05:57 | 04,518,557 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Farsa Buzdugan - Clitoris de vanatoare 2008 by Alecs'x @ www.VitanClub.Net.mp3
[2008.09.30 18:40:27 | 00,002,260 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\lwadelegation.srf
[2008.09.29 22:42:09 | 00,079,494 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Imag070.jpg
[2008.09.29 21:29:07 | 05,448,386 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Dj David & Dony - Hello [www.ten28.com].mp3
[2008.09.29 20:57:59 | 04,600,436 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\038-the_guru_josh_project_-_infinity_2008-ministry.mp3
[2008.09.25 22:08:32 | 05,436,356 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\(15)_[Armin_van_Buuren_feat._Audrey_Gallagher]_Hold_On_To_Me.mp3
[2008.09.25 21:35:52 | 04,515,643 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Phunk Investigation vs Boy George - Generations Of Love 2008 (Phunk Investigation Firewall Mix Radio Edit).mp3
[2008.09.25 21:35:40 | 20,766,720 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Feel Good Productions & Fish & Chips - Bouncing In Draut (D.O.N.S. & DBN Remix).mp3
[2008.09.25 21:34:02 | 04,475,614 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Dj Andi feat. Stella - Colours Of The Rainbow (Vibe FM Radio Edit).mp3
[2008.09.25 19:23:47 | 06,451,200 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\04. Ciuraru - Anatomie Cu Rece Si Ciurar feat. Rece de la Bruiaj Mintal.mp3
[2008.09.25 17:52:20 | 00,031,920 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\16092008942.jpg
[2008.09.25 17:52:04 | 00,355,348 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\25092008956.jpg
[2008.09.24 20:40:21 | 10,467,883 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Plastik Funk - Let Me See Your Hands(Corenell Remix).mp3
[2008.09.24 20:40:13 | 09,301,775 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Ashlee Simpson - L.O.V.E (Felix Cartal Mix) 4clubbing.blogspot.com.mp3
[2008.09.24 20:25:15 | 08,235,885 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\16. Activ & DJ Optick - Be free [Radio Edit] by www.RadioFLy.ws.mp3
[2008.09.24 20:22:20 | 00,000,449 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2008.09.24 16:54:33 | 01,507,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\19092008081.mp4
[2008.09.22 18:58:45 | 00,026,981 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\4AQjB1552952-02.jpg
[2008.09.19 10:49:21 | 00,011,532 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\noul cod rutier ptr motociclisti.rtf
[2008.09.18 18:05:20 | 39,466,8032 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\electro-tek vol 2 (dvd).iso
[2008.09.15 22:05:03 | 07,374,149 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Flo-Rida ft Timbaland - Elevator.mp3
[2008.09.15 21:50:41 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\to da windooow.bmp
[2008.09.15 21:12:55 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\fghjkl.bmp
[2008.09.15 19:06:12 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\casca.bmp
[2008.09.15 19:06:04 | 01,764,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\cassca&scuter.bmp
[2008.09.15 18:57:31 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\negruu.bmp
[2008.09.15 18:52:55 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\untitled.bmp
[2008.09.15 18:27:57 | 00,035,125 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mo7.jpg
[2008.09.14 12:10:58 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla FireFox Kawasaki Edtion LUX.lnk
[2008.09.14 03:01:37 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008.09.12 17:02:10 | 00,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VideoCAM Trek.lnk
[2008.09.12 15:37:09 | 00,091,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.09.12 10:19:37 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp.lnk
[2008.09.12 10:18:44 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Winamp Remote.lnk
[2008.09.12 10:09:08 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2008.09.11 23:22:44 | 00,000,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008.09.11 23:20:42 | 00,001,872 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2008.09.11 22:43:24 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2008.09.11 22:30:37 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
[2008.09.11 22:29:17 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2008.09.11 22:28:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Documents\desktop.ini
[2008.09.11 22:28:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008.09.11 22:28:47 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\desktop.ini
[2008.09.11 22:23:35 | 00,014,832 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\kasp log.html
[2008.09.11 20:48:56 | 00,000,851 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Get OpenOffice.org.lnk
[2008.09.11 20:45:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008.09.11 20:27:44 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2008.09.11 20:19:57 | 00,000,025 | ---- | M] () -- C:\WINDOWS\mixerdef.ini
[2008.09.11 20:13:18 | 00,000,540 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\kawasaki.lnk
[2008.09.11 20:07:10 | 00,299,392 | ---- | M] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2008.09.11 20:07:07 | 00,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2008.09.11 20:07:05 | 00,015,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2008.09.11 20:05:52 | 00,001,783 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
[2008.09.11 20:04:11 | 00,012,792 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008.09.11 20:00:11 | 00,000,026 | ---- | M] () -- C:\WINDOWS\tsctv.ini
[2008.09.11 20:00:05 | 00,006,961 | ---- | M] () -- C:\pltemp.ini
[2008.09.11 19:58:57 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008.09.11 19:58:57 | 00,311,934 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008.09.11 19:58:57 | 00,040,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008.09.11 19:56:13 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Administrator\My Documents\desktop.ini
[2008.09.11 19:55:32 | 00,002,070 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ACD FotoCanvas 3.0.lnk
[2008.09.11 19:55:32 | 00,002,040 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ACDSee 6.0.lnk
[2008.09.11 19:55:32 | 00,001,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ACD FotoSlate 3.0.lnk
[2008.09.11 19:54:59 | 00,000,646 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Winamp.lnk
[2008.09.11 19:54:59 | 00,000,039 | ---- | M] () -- C:\WINDOWS\Winamp.ini
[2008.09.11 19:54:39 | 00,000,548 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Total Commander.lnk
[2008.09.11 19:54:35 | 00,000,796 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\BSplayer Pro.lnk
[2008.09.11 19:54:03 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 6.0.lnk
[2008.09.11 19:51:56 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2008.09.11 19:50:40 | 00,001,575 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2008.09.11 19:44:50 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
[2008.09.11 19:44:50 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini
[2008.09.11 19:44:38 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008.09.11 19:44:38 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2008.09.11 19:44:38 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.09.11 19:44:38 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.09.11 19:44:38 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2008.09.11 19:44:38 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008.09.11 19:44:38 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008.09.11 19:44:27 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2008.09.11 19:44:27 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2008.09.11 19:44:07 | 00,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008.09.11 19:38:57 | 00,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.09.11 19:38:38 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2008.09.11 19:38:38 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2008.09.11 19:34:56 | 00,000,211 | -HS- | M] () -- C:\boot.ini
< End of report >

OTViewIt Extras logfile created on: 08.10.2008 21:25:21 - Run
OTViewIt by OldTimer - Version 1.0.10.1 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy

511,48 Mb Total Physical Memory | 294,73 Mb Available Physical Memory | 57,62% Memory free
1,22 Gb Paging File | 0,76 Gb Available in Paging File | 62,59% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 4,24 Gb Free Space | 43,46% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 1,39 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive E: | 8,42 Gb Total Space | 0,04 Gb Free Space | 0,53% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GEP
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004.08.03 21:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004.08.03 21:56:58 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007.08.30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007.08.30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2007.12.07 15:08:02 | 21,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[2008.01.30 05:19:32 | 00,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
[2008.04.01 04:54:06 | 00,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray
[2008.03.28 04:00:24 | 05,844,992 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000018 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000019 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000020 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000021 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000022 -- C:\WINDOWS\system32\imon.dll (Eset )
Protocol_Catalog9\Catalog_Entries\000000000023 -- C:\WINDOWS\system32\imon.dll (Eset )

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002.05.24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002.05.24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - Microsoft OLE DB Moniker Binder for Internet Publishing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2002.05.24 12:22:16 | 00,532,480 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007.12.07 15:08:02 | 01,934,672 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}"=OpenOffice.org Installer 1.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}"=ACDSee 6.0 PowerPack
"{556C9B0C-9BAC-48AC-AC3E-41326A4356F8}"=Winamp
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype™ 3.6
"{AC76BA86-7AD7-1033-7B44-A00000000001}"=Adobe Reader 6.0.1
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}"=Opera 9.52
"{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}"=VideoCAM Trek
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"BSPlayer1"=BSPlayer
"HijackThis"=HijackThis 2.0.2
"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)
"NOD32"=NOD32 antivirus system
"NVIDIA"=NVIDIA Windows 2000/XP Display Drivers
"Orb"=Winamp Remote
"PCI Audio Driver"=PCI Audio Driver
"Theorica Divx ;-) Codecs"=Theorica Divx ;-) Codecs (remove only)
"Totalcmd"=Total Commander (Remove or Repair)
"VLC media player"=VideoLAN VLC media player 0.8.2
"Winamp"=Winamp
"Winamp Toolbar"=Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox"=Winamp Toolbar for Firefox
"Windows Media Format Runtime"=Windows Media Format Runtime
"WinRAR archiver"=WinRAR archiver
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Extras"=Yahoo! Browser Services
"Yahoo! Mail"=Yahoo! Internet Mail
"Yahoo! Messenger"=Yahoo! Messenger
"YInstHelper"=Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.09.2008 11:35:40 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module yahoomessenger.exe, version 8.1.0.421, fault address 0x00126b89.

Error - 29.09.2008 12:20:02 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application garena.exe, version 3.0.0.1484, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 30.09.2008 14:17:06 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 8.1.0.421, faulting
module ywcupl.dll, version 2.0.1.7, fault address 0x000103c7.

Error - 03.10.2008 15:54:11 | Computer Name = GEP | Source = Application Hang | ID = 1002
Description = Hanging application autorun.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 04.10.2008 03:08:23 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application garena.exe, version 3.0.0.1484, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 06.10.2008 13:10:22 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application garena.exe, version 3.1.0.1484, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 06.10.2008 13:53:13 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application garena.exe, version 3.1.0.1484, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 08.10.2008 09:24:38 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application winamp.exe, version 5.5.4.2165, faulting module
comctl32.dll, version 6.0.2900.2180, fault address 0x00059379.

Error - 08.10.2008 09:24:49 | Computer Name = GEP | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.

Error - 08.10.2008 09:25:32 | Computer Name = GEP | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.4.2165, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 07.10.2008 09:40:49 | Computer Name = GEP | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 169.254.84.217. The machine with the IP address 169.254.173.60 did
not allow the name to be claimed by this machine.

Error - 07.10.2008 09:42:41 | Computer Name = GEP | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the Interface
with IP address 169.254.84.217. The machine with the IP address 169.254.173.60 did
not allow the name to be claimed by this machine.

Error - 07.10.2008 09:49:21 | Computer Name = GEP | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
USER-CIH0241HQR that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{4941566C-A39. The master browser is stopping or an election is being
forced.

Error - 07.10.2008 14:26:04 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 07.10.2008 14:26:23 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 07.10.2008 14:26:34 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 08.10.2008 09:01:16 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 08.10.2008 09:16:45 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 08.10.2008 09:17:58 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding

Error - 08.10.2008 09:18:07 | Computer Name = GEP | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {5D5F72B6-4CC5-4899-8467-E3655BAC09E4}.
The
error: "%87" Happened while starting this command: "C:\Program Files\Common Files\ACD
Systems\DBLocalServer.exe" -Embedding


< End of report >


Thank YA! :>

#6 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:32 AM

Posted 08 October 2008 - 07:49 PM

Hello, loco rider.

Apologize in advance for these scans taking a long time.. Virut is a NASTY one that can quite easily destroy machines... want to take extra precautions with it.

Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding.
One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

We need to execute an OTMoveIt3 script
  • Please download OTMoveIt3 by OldTimer and save it to your desktop.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :files
    C:\Program Files\Eset\infected\*
    :commands
    [EmptyTemp]
  • Push the large Posted Image button.
  • OTMI3 may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
We need to run ComboFix.We need to run a system scan with Dr. Web CureIt
  • Please download DrWeb-CureIt & save it to your desktop.
    DO NOT perform a scan yet.
  • Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". Do not select "Safe Mode with Networking" or "Safe Mode with Command Prompt".
  • Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
  • Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
  • Once the short scan has finished, Click Options > Change settings
  • Choose the "Scan tab" and UNcheck "Heuristic analysis"
  • Back at the main window, click "Complete Scan"
  • Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
  • When done, a message will be displayed at the bottom advising if any viruses were found.
  • Click "Yes to all" if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
    (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
  • Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
In your next reply, please include the following:
  • OTMoveIt3's Log
  • ComboFix.txt
  • Dr.Web's Log

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#7 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:32 AM

Posted 11 October 2008 - 05:22 PM

Hello, loco rider.

Been 3 days...

Are you still here?

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#8 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:10:32 AM

Posted 13 October 2008 - 03:59 PM

Hello, loco rider.
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please send me or another moderator a PM.

Everyone else please begin a new topic.

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users